[tor-bugs] #32511 [Core Tor/Tor]: Add features improving onion services' interaction with Tor.

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Nov 15 14:49:48 UTC 2019 

#32511: Add features improving onion services' interaction with Tor.
-----------------------------+------------------------------
 Reporter:  moonsikpark      |          Owner:  (none)
     Type:  enhancement      |         Status:  new
 Priority:  Medium           |      Component:  Core Tor/Tor
  Version:  Tor: 0.4.2.4-rc  |       Severity:  Normal
 Keywords:  tor-hs           |  Actual Points:
Parent ID:                   |         Points:
 Reviewer:                   |        Sponsor:
-----------------------------+------------------------------
 Tor lacks features allowing onion services' interaction with it, mainly
 because it is a tunneling protocol, not an application layer protocol. I
 think this aspect of Tor should be addressed more.

 I suggest three directives that can improve onion services' interaction
 with Tor.

  1. HiddenServiceExportRendPoint

 With HiddenServiceExportCircuitID and this directive enabled, Tor exports
 IP and port of rendezvous point, along with the circuit ID, to the onion
 service. With this, operators can easily aggregate, analyze and monitor
 their services' rendezvous point connections.

  2. HiddenServiceExportInstanceID

 With HiddenServiceExportCircuitID and this directive enabled, Tor exports
 a user-provided instance ID, along with the circuit ID, to the onion
 service. With this, operators running multiple instances of Tor can
 accurately differentiate traffics with the same circuit ID. Fixes #32428.

  3. HiddenServiceEnableClosingCircuit

 This might be controversial because this feature exclusively targets the
 HTTP application protocol, and I know there are ways to close a circuit
 using the control protocol. But it's nearly impossible and too much error-
 prone to implement it in real environments.

 With this directive enabled, when onion services' backend returns an HTTP
 status code of 447, it marks the circuit to be closed. It's lightweight,
 straightforward and easy to configure.

 I've crudely implemented them. Please feel free to leave ideas or comments
 below.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32511>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list