[tor-bugs] #27896 [Core Tor/Tor]: base32 padding inconsistency between client and server in HS v3 client auth preview
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Oct 20 15:11:38 UTC 2018
#27896: base32 padding inconsistency between client and server in HS v3 client auth
preview
-----------------------------+------------------------------------
Reporter: jchevali | Owner: (none)
Type: defect | Status: needs_information
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version: Tor: 0.3.5.1-alpha
Severity: Normal | Resolution:
Keywords: tor-hs, hs-auth | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------+------------------------------------
Comment (by jchevali):
Perhaps you'd like to deal with the assertion failed issue in the ticket
that pege's opened, #28129 (although that same stack trace was presented
here earlier), and leave this ticket for the other issues, namely, how
should we investigate invalid descriptors (by the server that doesn't
crash -- i.e., if given its characteristics, e.g., no GCC, no IPv4, etc.,
you still deem it worthy of testing), and whether padded content should be
allowed (after all under the base32 definition I believe it's legal), and
whether padded entries or otherwise invalid entries (except comments)
should, when they're not among otherwise valid entries, result in an
unsecured service or a secured (closed) one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27896#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list