[tor-bugs] #17178 [Tor]: Rendezvous Single Onion Services: One-Hop Intro Point and Rendezvous

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 9 20:53:45 UTC 2016 

#17178: Rendezvous Single Onion Services: One-Hop Intro Point and Rendezvous
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  enhancement                          |         Status:
 Priority:  High                                 |  needs_revision
Component:  Tor                                  |      Milestone:  Tor:
 Severity:  Normal                               |  0.2.8.x-final
 Keywords:  028-triaged, tor-hs,                 |        Version:
  TorCoreTeam201602                              |     Resolution:
Parent ID:                                       |  Actual Points:
  Sponsor:  SponsorU                             |         Points:  large
-------------------------------------------------+-------------------------
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 commit ce251ea5e7d98a8e46079f2733006f8e718717d8

 * This should be a `static const char *`. It's not required but imo we
 should use type as much as we can which is much more helpful on the
 compiler side.

 {{{
 #define RSOS_POISON_FNAME "non_anonymous_hidden_service_rsos"
 }}}

  If you really don't want to, that's fine but the `tor_asprintf` doesn't
 need to use `%s` for it. Same for `PATH_SEPARATOR`. (`tor_asprintf(&fname,
 "%s" PATH_SEPARATOR ...)`)

 * Nitpick: You can use `tor_free(poison_fname);` once after
 `file_status()` is called. Avoid two of them.

 commit ff63c64c9cdebb7ea50354a3e72cb57758f9f939

 * Hrm that commit simply return 0. Can't we flag the HS that it's actually
 in RSOS mode? By that I mean, can we have two ephemeral HS, one in RSOS
 and the other one not ?

 commit 1e0b54feb5629eb85e9b365db684e1df8073a516

 * `rend_allow_direct_connection()` comment mentions: "Returns true in
 Tor2web and RSOS modes.". But the code return 1 if one of them is enabled,
 not both. So I'm guessing typo here.

 commit 80a041b9740fa69126f40ddc1c8bba9555c8a08b

 * In `rend_client_get_random_intro_impl()`, this is added:
 {{{
 -    new_extend_info = extend_info_from_node(node, 0);
 +    new_extend_info = extend_info_from_node(node,
 +
 rend_allow_direct_connection(options));
 }}}

  This is somehow worrying me. I get the Tor2Web mode but what if I use my
 HS server as a client, I loose anonymity? Am I seeing that right?

  Same goes in `find_rp_for_intro()`, if the HS is somehow compiled with
 `NON_ANONYMOUS_MODE_ENABLED` (Tor2Web), it goes to the RP/IP with one hop?

 ---

 That's it for now! :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17178#comment:38>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list