[tor-dev] Hidden Services and IP address changes
florian at kit.edu
Thu May 21 11:16:05 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
I think I've found one or more bugs that appear when Tor clients
hosting HSes change their IP address during operation. I'm slightly
overwhelmed from reading the Tor source code and not sure how to best
The central issue that I discovered can be reproduced like this
(assuming Tor clients A, B and C):
1. (Setup) A hosts the HS X and A, B and C are all booted up.
2. B connects to X - it works!
3. A changes its IP address.
4. B tries to talk to X again - doesn't work!
5. C tries to talk to X (for the first time) - works like a charm (so
X IS working)
I digged through the Tor log and source code and have now arrived at
following hypothesis for why this particular error happens:
- - after A changes its IP addresses, it never establishes a circuit to
the old RP with B again.
- - B, on the other hand, keeps trying to talk with A through that RP,
saying that it is an "Active rendezvous point". B never stops trying
to use that RP.
So, they appear to be two sides to this:
a) A not notifying B or the RP about its IP address change.
b) B not considering the possibility that the RP might not be active
b) seems easier to fix. Some logic needs to be included for forgetting
about RPs that have failed once. I identified
connection_ap_expire_beginning() as one potential place to do this. Am
I on the right track? Is this a good idea? And how do I forget about
RPs? These are some of the questions I'm struggling with...
I should also probably open a bug report, but I thought I might first
ask for some advice here.
PS: Why this is important: HSes/Onion services running on mobile
devices will very often have to deal with IP address changes. I'm
thinking about applications like Briar or our own hacky attempts to
enable generic P2P application development on top of Tor hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the tor-dev