[tor-bugs] #23493 [Core Tor/Tor]: IPv6 v3 Single Onion Services fail with a bug warning

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Sep 20 01:52:43 UTC 2017 

#23493: IPv6 v3 Single Onion Services fail with a bug warning
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  dgoulet
     Type:  defect                               |         Status:
                                                 |  accepted
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.2.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  prop224, tor-hs, single-onion, ipv6  |  Actual Points:
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 This comments section got complicated, so I'm going to summarise the
 issues in 0.3.2.1-alpha, my suggested changes in my bug23493 branch, and
 what we should fix in 0.3.3.

 My branch bug23493 completes the implementation of the single onion
 service reachability algorithm in #23507. This is the minimum we need to
 do for functional single onion services with
 ReachableAddresses/ClientUseIPv6 in 0.3.2. (The alternative is to rip out
 some of the existing implementation, which I think is worse.)

 This is how v3 single onion services will work after we merge this branch:
 * services choose intro points they can reach, if possible (0.3.2.1-alpha)
   * if not, they choose any valid intro point (0.3.2.1-alpha)
 * services connect to intro points directly, if possible (0.3.2.1-alpha)
   * if not, they fail to connect (0.3.2.1-alpha)
   * if not, they connect over a 3-hop path (bug23493)
 * services put IPv4 addresses for those intro points in the descriptor
 (bug23493)
 * clients choose rend points (0.3.2.1-alpha)
   * clients know about single onion services from the descriptor, but they
 don't do anything different for them, and they don't need to
 (0.3.2.1-alpha)
 * clients put rend point IPv4 addresses in the INTRODUCE cell
 (0.3.2.1-alpha)
 * services choose a reachable rend address from the INTRODUCE cell, if
 possible (0.3.2.1-alpha)
   * if not, they fail to connect (0.3.2.1-alpha)
   * if not, they connect over a 3-hop path (bug23493)

 This is what we'll change in 0.3.3 for v3 onion services:
 * services put IPv4 and IPv6 addresses for their intro points in the
 descriptor (#23576)
 * clients put rend point IPv4 and IPv6 addresses in the INTRODUCE cell
 (#23577, #23589)
 * single onion services choose rend via direct IPv6, when IPv6 is
 reachable and isn't preferred, but IPv4 is unreachable (#23588)
   * in 0.3.2.1-alpha, they fail in this rare case, which can only be
 triggered by 0.3.3 clients with fixes for #23577 and #23589
   * in bug23493, they use a 3-hop path in this rare case, which can only
 be triggered by 0.3.3 clients with fixes for #23577 and #23589

 I've deferred all the other child tickets to 0.3.3.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23493#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list