[tor-bugs] #20638 [Core Tor/Tor]: Non-anonymous single-hop HS enabled tor doesn't detect already existing anonymous, HS at start-up

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 17 03:25:31 UTC 2016 

#20638: Non-anonymous single-hop HS enabled tor doesn't detect already existing
anonymous, HS at start-up
--------------------------+------------------------------------
 Reporter:  ahf           |          Owner:
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: 0.2.9.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.2.9.3-alpha
 Severity:  Normal        |     Resolution:
 Keywords:  tor-hs, sos   |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------
Changes (by arma):

 * cc: asn, teor (added)


Comment:

 Replying to [comment:1 ahf]:
 > It seems like at the initial start of `tor` that the:
 >
 > {{{
 > if (!rend_service_list) { /* No global HS list. Nothing to see here. */
 >   return 0;
 > }
 > }}}
 >
 > path in in `rend_service_list_verify_single_onion_poison()` is taken,
 which will make the start up of tor proceed.

 Looks plausible!

 It looks like this code went in during commit b560f852, as part of ticket
 #17178. So I cc asn and teor since they're listed on that commit. :)

 rend_service_list_verify_single_onion_poison() is called from inside
 options_validate_single_onion() which is called from inside
 options_validate(), which is the function used to examine the new proposed
 'options' set before acting on any of them. So it is not right for a
 function inside options_validate() to try to look at the
 rend_service_list.

 Better would be to either move that
 rend_service_list_verify_single_onion_poison() check to options_act()
 after it's called rend_config_services(), or to change
 rend_config_services() so it does the checks you want when validate_only
 is true, i.e. when it's being called from options_validate. I'd be weakly
 inclined towards the latter approach, because this is exactly the sort of
 thing that counts as "checking to see if you're going to like the new
 options, before committing to them". Specifically, see the
 rend_service_check_private_dir() calls in rend_config_services() -- maybe
 that's a good place for doing this further examination of the directory?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20638#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list