prop224: Implement standard client authorization

With upcoming work of proposal 224, we'll have a new better improved client authentication scheme that needs to be implemented.

changed milestone to %Tor: 0.3.5.x-final

added 035-roadmap-master 035-triaged-in-20180711 component::core tor/tor milestone::Tor: 0.3.5.x-final owner::haxxpop parent::25955 points::3 priority::very high prop224 resolution::fixed reviewer::nickm severity::normal status::closed tor-hs type::enhancement labels

Latest in https://gitweb.torproject.org/user/asn/torspec.git/commit/?h=prop224_client_auth_3

Some backlogs: https://lists.torproject.org/pipermail/tor-dev/2016-November/011632.html

Trac:
Parent: N/A to #12424 (moved)

Trac:
Sponsor: SponsorR-must to SponsorR-can
Summary: prop224: Implement client authentication to prop224: Implement client authorization

Trac:
Owner: N/A to asn
Status: new to assigned

Triaged out on December 2016 from 030 to 031.

Trac:
Milestone: Tor: 0.3.0.x-final to Tor: 0.3.1.x-final
Keywords: N/A deleted, triage-out-030-201612 added

Prioritize prop224 tickets for 031 milestone. They are all "Enhancement".

Trac:
Priority: Medium to Very High

prop224 tickets going in 032 for early merge. Decided after Amsterdam meeting.

Trac:
Milestone: Tor: 0.3.1.x-final to Tor: 0.3.2.x-final

Trac:
Keywords: triage-out-030-201612 deleted, N/A added

Not going in the initial release of prop224.

Trac:
Milestone: Tor: 0.3.2.x-final to Tor: 0.3.3.x-final
Parent: #12424 (moved) to N/A

Trac:
Milestone: Tor: 0.3.3.x-final to Tor: 0.3.4.x-final

Trac:
Owner: asn to haxxpop

Trac:
Keywords: N/A deleted, 034-triage-20180328 added

Per our triage process, these tickets are pending removal from 0.3.4.

Trac:
Keywords: N/A deleted, 034-removed-20180328 added

Trac:
Username: pege
Cc: N/A to peter@arbitrary.ch

We can take this in 0.3.4 if the code is ready, and I hear haxxpop is working on it. :)

Trac:
Keywords: 034-removed-20180328 deleted, N/A added

Trac:
Cc: peter@arbitrary.ch to peter@arbitrary.ch, dmr

See haxxpop's PR here: https://github.com/torproject/tor/pull/36

YEEEEAHHHH I really need HidServAuth for v3 onion!!!

Replying to cypherpunks:

YEEEEAHHHH I really need HidServAuth for v3 onion!!!

Please give haxxpop's code (comment:16) a try and let us know how it works for you.

You can test it by adding HiddenServiceAuthorizeClient basic <client_name> on the service torrc and HidServAuth <onion address> <base64-encoded x25519 private key> on the client torrc. You can get the private key from client_authorized_privkeys/<client_name>.privkey on the service file directory