Opened 8 years ago

Closed 8 years ago

Last modified 6 years ago

#1693 closed defect (fixed)

Hidden service v2 directory answers with "not a directory"?

Reported by: arma Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Accessing a hidden service from my Tor client (running 0.2.2.14-alpha). Looks like the hsdir2 in question is refusing to answer begindir requests because it's not a directory. Sure enough:
router hippies770 93.83.133.214 9001 0 0
the dirport is 0
But its descriptor also lists
opt hidden-service-dir
!

The consensus gave it the HSDir flag:
r hippies770 Pcf1uWeH+Da1QlidZwjYlMAPHSg TXLbNlSeQcpja60fXNguBHi/LMs 2010-07-13 16:01:32 93.83.133.214 9001 0
s Fast HSDir Named Running Stable Valid
v Tor 0.2.1.26
w Bandwidth=37
p reject 1-65535

Here are the logs that explain better:
Jul 14 01:51:31.116 [info] directory_get_from_hs_dir(): Sending fetch request for v2 descriptor for service 'sw4cr...' with descriptor ID 'hwvfd...naahzlgxneji', auth type 0, and descriptor cookie '[none]' to hidden service directory 'hippies770' on port 0.
...
Jul 14 01:51:33.743 [info] circuit_finish_handshake(): Finished building circuit hop:
Jul 14 01:51:33.743 [info] exit circ (length 4, exit hippies770): teunTest(open) staanii(open) stargrave(open) hippies770(open)
...
Jul 14 01:51:33.745 [info] circuit_send_next_onion_skin(): circuit built!
Jul 14 01:51:33.745 [debug] connection_ap_handshake_attach_circuit(): Attaching apconn to circ 34799 (stream 2 sec old).
Jul 14 01:51:33.745 [info] exit circ (length 4): teunTest(open) staanii(open) stargrave(open) hippies770(open)
Jul 14 01:51:33.745 [debug] link_apconn_to_circ(): attaching new conn to circ. n_circ_id 34799.
Jul 14 01:51:33.745 [debug] connection_ap_handshake_send_begin(): Sending relay cell to begin stream 59895.
Jul 14 01:51:33.745 [debug] relay_send_command_from_edge(): delivering 13 cell forward.
Jul 14 01:51:33.745 [debug] relay_send_command_from_edge(): Sending a RELAY_EARLY cell; 4 remaining.
...
Jul 14 01:51:35.660 [info] connection_ap_process_end_not_open(): Edge got end (not a directory) before we're connected. Marking for close.
Jul 14 01:51:35.660 [info] exit circ (length 4): teunTest(open) staanii(open) stargrave(open) hippies770(open)
Jul 14 01:51:35.660 [info] stream_end_reason_to_socks5_response(): Reason for ending (526) not recognized; sending generic socks error.
...
Jul 14 01:51:35.660 [debug] conn_close_if_marked(): Cleaning up connection (fd -1).
Jul 14 01:51:35.660 [debug] connection_remove(): removing socket -1 (type Socks), n_conns now 8

Child Tickets

Attachments (1)

fix1 (1.1 KB) - added by arma 8 years ago.
Fix for the dir authority side

Download all attachments as: .zip

Change History (12)

comment:1 Changed 8 years ago by arma

As for why it says opt hidden-service-dir, they all say that:

options->HidServDirectoryV2 ? "opt hidden-service-dir\n" : "",

config.c: V(HidServDirectoryV2, BOOL, "1"),

As for why it gets the HSDir flag, it doesn't look at DirPort:
/ Return true iff <b>router</b> should be assigned the "HSDir" flag.

  • Right now this means it advertises support for it, it has a high
  • uptime, and it's currently considered Running. *

...
dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now)

So it seems like the short-term fix is for directory authorities to stop
assigning the HSDir flag if the relay's DirPort is off. At the same time
we should teach relays not to advertise "opt hidden-service-dir" unless
they can really do it.

And somebody should double-check the part of the code where we only publish
to and fetch from relays that have the HSDir flag. I think that's
hid_serv_get_responsible_directories() and it looks ok at first glance.

Long-term, imo the fix should be that relays should accept and handle begindir
requests even if their dirport is off. But that long-term fix is irrelevant
for this bug.

Changed 8 years ago by arma

Attachment: fix1 added

Fix for the dir authority side

comment:2 Changed 8 years ago by arma

I attached a fix for the first part.

Here's the fix for the second part.

diff --git a/src/or/router.c b/src/or/router.c
index d105aef..a289c11 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1694,7 +1694,9 @@ router_dump_router_to_string(char *s, size_t maxlen, route

onion_pkey, identity_pkey,
family_line,
we_are_hibernating() ? "opt hibernating 1\n" : "",

  • options->HidServDirectoryV2 ? "opt hidden-service-dir\n" : "",

+ (options->HidServDirectoryV2 &&
+ directory_permits_begindir_requests(options)) ?
+ "opt hidden-service-dir\n" : "",

options->AllowSingleHopExits ? "opt allow-single-hop-exits\n" : "");


tor_free(family_line);

comment:3 Changed 8 years ago by Sebastian

The patches looks like it'll work, but we should fix the real bug that people without a dirport can be hidserv dirs quite soon (else we're losing a lot of hsdirs, which isn't good). This fix should probably also be backported I guess.

comment:4 Changed 8 years ago by arma

How many hsdirs are we losing? Do most relays that have their dirport off also have
crappy bandwidth?

It's not clear what backporting would do here. A) There's no need to backport "fix1",
since enough directory authorities are running 0.2.2.x.

B) If we backport the part where the relays don't advertise hidden-service-dir if
their dirport is off, and don't fix them any other way, then there's no effect (the
authorities can ignore their broken hidden-service-dir line, and have to do for
other 0.2.1.x relays anyway). If we backport the part where relays answer begindir
requests even when their dirport is off, we are asking for trouble -- that's not
something we can safely backport.

comment:5 Changed 8 years ago by Sebastian

Ok, I guess I don't understand why we can't safely backport answering begindir requests? That was the only thing I was going to backport.

comment:6 Changed 8 years ago by arma

I merged fix1.

I changed my mind about fix2: we shouldn't be checking directory_permits_begindir_requests(), but rather decide_to_advertise_dirport().

But then I changed my mind more: there isn't much point making relays change their behavior until we actually make them handle begindir requests. At that point we can teach directory authorities which versions they don't have to cripple.

comment:7 Changed 8 years ago by nickm

Milestone: Tor: 0.2.2.x-final

comment:8 Changed 8 years ago by nickm

Actually, will fix1 be sufficient for 0.2.2.x?

Answering begindir requests without having a dirport seems like a feature-ish thing that could wait for 0.2.3.x, unless somebody wants to do it for 0.2.2.x.

comment:9 Changed 8 years ago by Sebastian

Milestone: Tor: 0.2.2.x-final

I think so, yes. We a) have enough hsdirs for now b) will get the fix for free when we implement the "make all relays cache & serve directory stuff" feature anyways. Removing the milestone, please add back if you disagree.

comment:10 Changed 8 years ago by arma

Resolution: fixed
Status: newclosed

I'm going to close this one as fixed.

If we want to make more relays into hsdir relays in the future, because the future is different in some way, we can do it then; but that's a different feature, not this bug.

comment:11 Changed 6 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.