[tor-commits] [tor/release-0.3.5] hs-v3: Silence some logging for client authorization

nickm at torproject.org nickm at torproject.org
Thu Nov 15 21:38:42 UTC 2018


commit 18085abfcc3d13c53752764ea87a21201831bc6b
Author: David Goulet <dgoulet at torproject.org>
Date:   Mon Sep 10 15:04:22 2018 -0400

    hs-v3: Silence some logging for client authorization
    
    If a tor client gets a descriptor that it can't decrypt, chances are that the
    onion requires client authorization.
    
    If a tor client is configured with client authorization for an onion but
    decryption fails, it means that the configured keys aren't working anymore.
    
    In both cases, we'll log notice the former and log warn the latter and the
    rest of the decryption errors are now at info level.
    
    Two logs statement have been removed because it was redundant and printing the
    fetched descriptor in the logs when 80% of it is encrypted wat not helping.
    
    Fixes #27550
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 changes/ticket27550    | 5 +++++
 src/or/directory.c     | 2 +-
 src/or/hs_client.c     | 4 ----
 src/or/hs_descriptor.c | 9 ++++++---
 4 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/changes/ticket27550 b/changes/ticket27550
new file mode 100644
index 000000000..87f9b5cbe
--- /dev/null
+++ b/changes/ticket27550
@@ -0,0 +1,5 @@
+  o Minor bugfixes (hidden service v3):
+    - Don't warn so loudly when tor is unable to decode a descriptor. This can
+      now happen as a normal use case if a client gets a descriptor with
+      client authorization but the client is not authorized. Fixes bug 27550;
+      bugfix on 0.3.5.1-alpha.
diff --git a/src/or/directory.c b/src/or/directory.c
index 8636f6841..ddb86cd9a 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3091,7 +3091,7 @@ handle_response_fetch_hsdesc_v3(dir_connection_t *conn,
   case 200:
     /* We got something: Try storing it in the cache. */
     if (hs_cache_store_as_client(body, &conn->hs_ident->identity_pk) < 0) {
-      log_warn(LD_REND, "Failed to store hidden service descriptor");
+      log_info(LD_REND, "Failed to store hidden service descriptor");
       /* Fire control port FAILED event. */
       hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest,
                                    "BAD_DESC");
diff --git a/src/or/hs_client.c b/src/or/hs_client.c
index 636226a1d..1d1bdda8c 100644
--- a/src/or/hs_client.c
+++ b/src/or/hs_client.c
@@ -1225,10 +1225,6 @@ hs_client_decode_descriptor(const char *desc_str,
   ret = hs_desc_decode_descriptor(desc_str, subcredential, desc);
   memwipe(subcredential, 0, sizeof(subcredential));
   if (ret < 0) {
-    log_warn(LD_GENERAL, "Could not parse received descriptor as client.");
-    if (get_options()->SafeLogging_ == SAFELOG_SCRUB_NONE) {
-      log_warn(LD_GENERAL, "%s", escaped(desc_str));
-    }
     goto err;
   }
 
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 0298c3732..32278ec9f 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1361,7 +1361,7 @@ decrypt_desc_layer,(const hs_descriptor_t *desc,
    * This is a critical check that is making sure the computed MAC matches the
    * one in the descriptor. */
   if (!tor_memeq(our_mac, desc_mac, sizeof(our_mac))) {
-    log_warn(LD_REND, "Encrypted service descriptor MAC check failed");
+    log_info(LD_REND, "Encrypted service descriptor MAC check failed");
     goto err;
   }
 
@@ -1544,7 +1544,6 @@ desc_decrypt_all(const hs_descriptor_t *desc, char **decrypted_out)
                                         superencrypted_len,
                                         &encrypted_blob);
   if (!encrypted_len) {
-    log_warn(LD_REND, "Decrypting encrypted desc failed.");
     goto err;
   }
   tor_assert(encrypted_blob);
@@ -2046,7 +2045,11 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc,
    * in the descriptor as a blob of bytes. */
   message_len = desc_decrypt_all(desc, &message);
   if (!message_len) {
-    log_warn(LD_REND, "Service descriptor decryption failed.");
+    /* Inform at notice level that the onion address requested can't be
+     * reached without client authorization most likely. */
+    log_notice(LD_REND, "Fail to decrypt descriptor for requested onion "
+                        "address. It is likely requiring client "
+                        "authorization.");
     goto err;
   }
   tor_assert(message);





More information about the tor-commits mailing list