[tor-bugs] #30382 [Core Tor/Tor]: Provide control port event for when we are missing v3 client auth for an onion
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 3 13:07:00 UTC 2019
#30382: Provide control port event for when we are missing v3 client auth for an
onion
------------------------------+--------------------------------------------
Reporter: asn | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: tor-hs, tbb-usability, hs-auth
Actual Points: | Parent ID: #14389
Points: | Reviewer: 6
Sponsor: |
------------------------------+--------------------------------------------
For TB to be able to alert the user that they need to input their client
auth credentials we need an appropriate control port event.
In particular:
1) When Tor fails to decrypt the second layer of desc encryption, we issue
the `CLIENT_AUTH_NEEDED <onion> <reason>` event. Tor does not go to fetch
more descs from the hsdir for this onion.
2) At the same time, we store the broken descriptor into the hs cache,
with a special flag that says "missing client auth" and hence `desc` is
`NULL`.
3) When TB intercepts the event it presents the user with a dialogue
(#30237) and adds any client auth creds with the commands from #30381.
4) As part of the #30381 commands the descriptor is decrypted.
5) TB issues another SOCKS request which uses the right descriptor and
goes forward.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30382>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list