[tor-bugs] #27896 [Core Tor/Tor]: base32 padding inconsistency between client and server in HS v3 client auth preview
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Oct 21 15:26:27 UTC 2018
#27896: base32 padding inconsistency between client and server in HS v3 client auth
preview
-----------------------------+------------------------------------
Reporter: jchevali | Owner: (none)
Type: defect | Status: needs_information
Priority: Medium | Milestone: Tor: 0.3.6.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.5.1-alpha
Severity: Normal | Resolution:
Keywords: tor-hs, hs-auth | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------+------------------------------------
Comment (by jchevali):
I should add with regards to comment nÂș 4 above, that this server is only
apparently producing invalid descriptors (or so the client says) for the
HS that has server-side authorization defined on it. For others without
access defined the descriptors are fine and the service(s) can be used
successfully.
This assuming they're invalid and it's not just a question of not being
able to decrypt. In which case the client message should be changed.
What I'd mostly do to change it is to remove the long verbatim descriptor
from the error message. Even with truncation, this makes the message
extremely long. I don't think there's a need to, or it should be
truncated to only a few hundred characters. (If it's truncated in the
first place surely there's no question of copying it from the message and
into a manually operated decryption tool, so not even for developers could
the extra length be of help.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27896#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list