[tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Dec 5 03:35:41 UTC 2019 

#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-----------------------------------------+---------------------------------
 Reporter:  moonsikpark                  |          Owner:  (none)
     Type:  enhancement                  |         Status:  needs_revision
 Priority:  Medium                       |      Milestone:  Tor:
                                         |  0.4.3.x-final
Component:  Core Tor/Tor                 |        Version:
 Severity:  Normal                       |     Resolution:
 Keywords:  tor-hs tor-dos extra-review  |  Actual Points:
Parent ID:  #32511                       |         Points:
 Reviewer:  dgoulet, ahf, teor           |        Sponsor:  Sponsor27-can
-----------------------------------------+---------------------------------

Comment (by teor):

 Here's a pull request that fixes the double-free, documents the current
 behaviour, and fixes the changes file:
 * master: https://github.com/torproject/tor/pull/1585

 Here are the remaining issues:
 1. The `fc00::/8` block is undefined, we should be using `fd00::/8`, see
 https://en.wikipedia.org/wiki/Unique_local_address
 2. The byte order of `global_identifier` and `instance_id` depends on the
 host byte order
 3. The `source port` duplicates a part of `global_identifier`
 4. There are a spare 3 bytes in the IPv6 address, after `fc`, they are
 currently set to `00:0000`
 5. Adding these new features is already a breaking change, because the
 previously constant bytes `dead:beef:4dad` now vary
 6. We're missing tests for `destination port`

 Here's what I suggest we do, if we want to commit to a breaking change:
 1. Use `fd00::/8` and document that it is the unique local address prefix
 2. Use network byte order
 3. Put part of the fingerprint in the `source port`
 4. Use the spare address bytes for part of the fingerprint
 5. Document the breaking change in the man page and changes file
 6. Test all the old and new features

 If we only want to commit to a small breaking change:
 1. Document that `fc00::/8` is undefined
 2. Use network byte order for new fields, and document host byte order for
 the old field
 3. Don't change the `source port`
 4. Use some spare address bytes for part of the fingerprint, but preserve
 `fc00`
 5. Document the newly varying fields in the man page and changes file, as
 a breaking change
 6. Test all the old and new features

 dgoulet, ahf, what do you think we should do here?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32604#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list