[tor-commits] [tor/master] hs-v2: Warn of v2 obsolete if configured

dgoulet at torproject.org dgoulet at torproject.org
Fri Feb 19 21:22:23 UTC 2021 

commit 8ccfd4a51ad55e9834cffcc91cbaa13e1f19c8ff
Author: David Goulet <dgoulet at torproject.org>
Date:   Wed Feb 17 08:39:12 2021 -0500

    hs-v2: Warn of v2 obsolete if configured
    
    For a user using "HiddenServiceVersion 2", a log warning is emitted indicating
    that v2 is now obsolete instead of a confusing message saying that the version
    is not supported.
    
    Also, if an introduction point gets a legacy (v2) ESTABLISH_INTRO, we'll
    simply close the circuit without emitting a protocol warning log onto the
    relay.
    
    Related to #40266
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 src/feature/hs/hs_config.c     | 6 ++++++
 src/feature/hs/hs_intropoint.c | 5 +++++
 2 files changed, 11 insertions(+)

diff --git a/src/feature/hs/hs_config.c b/src/feature/hs/hs_config.c
index e2e1756f21..75c417c3ef 100644
--- a/src/feature/hs/hs_config.c
+++ b/src/feature/hs/hs_config.c
@@ -436,6 +436,12 @@ config_generic_service(const hs_opts_t *hs_opts,
   /* Protocol version for the service. */
   if (hs_opts->HiddenServiceVersion == -1) {
     /* No value was set; stay with the default. */
+  } else if (hs_opts->HiddenServiceVersion == 2) {
+    log_warn(LD_CONFIG, "Onion services version 2 are obsolete. Please see "
+                        "https://blog.torproject.org/v2-deprecation-timeline "
+                        "for more details and for instructions on how to "
+                        "transition to version 3.");
+    goto err;
   } else if (CHECK_OOB(hs_opts, HiddenServiceVersion,
                        HS_VERSION_MIN, HS_VERSION_MAX)) {
     goto err;
diff --git a/src/feature/hs/hs_intropoint.c b/src/feature/hs/hs_intropoint.c
index 7ae6deffa2..d567201c77 100644
--- a/src/feature/hs/hs_intropoint.c
+++ b/src/feature/hs/hs_intropoint.c
@@ -512,6 +512,11 @@ hs_intro_received_establish_intro(or_circuit_t *circ, const uint8_t *request,
    * ESTABLISH_INTRO and pass it to the appropriate cell handler */
   const uint8_t first_byte = request[0];
   switch (first_byte) {
+    case TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0:
+    case TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1:
+      /* Likely version 2 onion service which is now obsolete. Avoid a
+       * protocol warning considering they still exists on the network. */
+      goto err;
     case TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519:
       return handle_establish_intro(circ, request, request_len);
     default:

More information about the tor-commits mailing list