[tor-bugs] #27838 [Core Tor/Tor]: v3 onion service wrongly considers Invalid signature for service descriptor signing key: expired

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Sep 24 13:09:58 UTC 2018 

#27838: v3 onion service wrongly considers Invalid signature for service descriptor
signing key: expired
--------------------------+------------------------------------
 Reporter:  s7r           |          Owner:  (none)
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.3.5.1-alpha
 Severity:  Normal        |     Resolution:
 Keywords:  tor-hs        |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by s7r):

 Come back after more digging.

 I confirm the solution at
 https://trac.torproject.org/projects/tor/ticket/25616#comment:12

 What I think happened in my particular case:
 1. Tor generated a new descriptor for the v3 onion service because it was
 time to do so [OK]

 2. Tor tried to upload the descriptor it just built. Because of internet
 connectivity failure, it couldn't. Even so it should have been possible
 because my guard had a working IPv6 ORPort. This is a different problem
 though, I'll ping teor about it later. [partially OK, internet connection
 state is outside Tor's control].

 3. After internet came back up, Tor tried to upload the descriptor earlier
 built. It was expired, so the warning + stack trace was logged. [PROBLEM
 TO FIX]

 4. After the time for this descriptor expired as well, new one was built,
 so warning + stack trace disappeared from log. [NOT OK, WHILE THE WARNING
 DISAPPEARED v3 ONION SERVICE WAS STILL UNACCESSIBLE]..

 Timings:
 full internet came back up at `~ 14:03:something`;
 first warning + stack trace logged at `14:04:00.000`;
 last warning + stack trace logged at `19:46:28.000`; (maybe at this time
 it built a new descriptor).

 v3 onion service resumed working in normal state only after Tor process
 was restarted.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27838#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list