[tor-bugs] #20007 [Core Tor/Tor]: Sandbox causing crash when setting HidServAuth when there is a hidden service running

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Sep 8 23:16:07 UTC 2016 

#20007: Sandbox causing crash when setting HidServAuth when there is a hidden
service running
--------------------------------+------------------------------------
 Reporter:  segfault            |          Owner:
     Type:  defect              |         Status:  needs_information
 Priority:  Medium              |      Milestone:
Component:  Core Tor/Tor        |        Version:  Tor: 0.2.9.2-alpha
 Severity:  Normal              |     Resolution:
 Keywords:  regression, tor-hs  |  Actual Points:
Parent ID:                      |         Points:
 Reviewer:                      |        Sponsor:
--------------------------------+------------------------------------
Changes (by teor):

 * status:  new => needs_information
 * keywords:   => regression, tor-hs


Comment:

 I don't have enough information to diagnose this issue.

 What are you really trying to do?
 * HidServAuth is a client option, but you are running a hidden service.
 Did you mean to use HiddenServiceAuthorizeClient instead?

 What is actually happening?
 * What is the full log? I'd like to see notice level.
 * Does the hidden service work with the Sandbox on startup (without the
 SETCONF)? Is this simply a permissions problem on the directory?

 What is actually causing the issue?
 * rend_parse_service_authorization() parses client HidServAuth entries, it
 doesn't read any service HiddenServiceDirectory files. So it might be that
 any SETCONF is your problem here, not specifically HidServAuth. What
 happens when you issue a `SETCONF ClientOnly=1` instead of HidServAuth?
 (ClientOnly is ignored on clients, it has no effect).
 * rend_services_add_filenames_to_lists() implements the Sandbox for each
 HiddenServiceDirectory, using the following lines:
 {{{
       rend_service_add_filenames_to_list(open_lst, s);
       smartlist_add(stat_lst, tor_strdup(s->directory));
 }}}
     As far as I can see, this code is working correctly, and should make
 the hidden service directory available via the sandbox at startup. Maybe
 this directory isn't being added to the sandbox at startup? Maybe SETCONF
 isn't using the sandbox-approved way to access the directory?
 * The log error you provided is logged by check_private_dir(), which is
 called by the HiddenServiceDirectory-handling code, not the HidServAuth
 code.
 {{{
   /* Open directory.
    * O_NOFOLLOW to ensure that it does not follow symbolic links */
   fd = open(sandbox_intern_string(dirname), O_NOFOLLOW);

   /* Was there an error? Maybe the directory does not exist? */
   if (fd == -1) {

     if (errno != ENOENT) {
       /* Other directory error */
       log_warn(LD_FS, "Directory %s cannot be read: %s", dirname,
                strerror(errno));
       return -1;
     }
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20007#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list