[tor-dev] RFC: Ephemeral Hidden Services via the Control Port
David Goulet
dgoulet at ev0ke.net
Mon Feb 16 15:17:51 UTC 2015
On 14 Feb (00:45:24), Yawning Angel wrote:
Hey Yawning, great stuff btw! I have a questions below regarding
meejah's comment and
https://trac.torproject.org/projects/tor/ticket/6411#comment:32
"Ephemeral hidden services are tied to the control port connection that
created them. This means, that when the control connection goes away, so
does the hidden service intro point. Closing client connections is left
as an exercise for the application."
[...]
>
> Design question that I want feedback on, primarily from control port
> library maintainers, and authors of applications that use the control
> port:
>
> * meejah suggested that ephemeral hidden services should have their
> lifetime tied to the originating control port connection. I think
> this is a good idea, but this would be the only control port command
> that does this sort of thing.
>
> My motivations for strongly considering implementing this is that, I
> don't think that adding a command to enumerate hidden services is a
> good idea (SketchORChat has no business in seeing what hidden
> services JankORFileSharing is using), and that this will automate
> cleanup in the event of an application crashing, or not removing
> it's hidden services before terminating.
Can you explain the rational for this? This email states in the
"unofficial-tor-spec-patch":
A hidden service is created using the key and list of port/targets,
that will persist till configuration reload or the termination of
the tor process.
Now, an HS bound to a control connection might be a good idea, I'm not
100% sure but I can see issues with this. Let's say
"ControlListenAddress" is used, this means a TCP socket and it can
timeout if no activity, so if that happens, I loose my HS?
This also put quite a requirement on the user side to add an HS on its
tor-ramdisk for instance but has to use a client that keeps the control
connection opens for its lifetime?... How does that work with stem, it
would have to keep the control connection open and the script using it
can't quit else the socket gets closed by the OS?
Thanks!
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150216/9a049520/attachment.sig>
More information about the tor-dev
mailing list