Opened 4 months ago

Closed 3 months ago

#25939 closed defect (fixed)

A Tor commit seems to have broken creation of V3 onion services with stem

Reported by: maqp Owned by: dgoulet
Priority: High Milestone: Tor: 0.3.4.x-final
Component: Core Tor/Tor Version:
Severity: Major Keywords: 034-must regression tor-hs
Cc: asn Actual Points:
Parent ID: Points:
Reviewer: asn Sponsor:


The commit in question is this.

Here is a bash script that helps reproduce the bug. By default the script uses the last working commit. Comment line 22 and uncomment line 23 and run it again to see how the python script launched by the bash script is unable to bring V3 onion service online with stem.

Child Tickets

Change History (21)

comment:1 Changed 4 months ago by nickm

Cc: dgoulet added
Keywords: 034-must regression added
Milestone: Tor: 0.3.4.x-final
Priority: MediumHigh
Sponsor: Sponsor8

comment:2 Changed 4 months ago by atagar

Thanks maqp! Quick note from the peanut gallery regarding your script - you might want to take a peek at stem.process. There's no need to manually write a torrc yourself. :)

comment:3 Changed 4 months ago by asn

Cc: asn added

comment:4 Changed 4 months ago by dgoulet

Cc: dgoulet removed
Keywords: tor-hs added
Owner: set to dgoulet
Status: newaccepted

Oh good catch.

This is caused because the HS service main loop event (that basically handles the entire HS subsystem) is not enabled if you have no service configured. And it gets enabled if you configure one through the torrc.

However, it fails to be enabled through ADD_ONION on the control port... I can fix that asap. Thanks for the report!

comment:5 Changed 4 months ago by dgoulet

Status: acceptedneeds_review

See branch: bug25939_034_01.

Three commits in there. First one is to support a rescan of the event list from the unit tests without it being initialized. Most unit tests don't need to deal with this list.

Second commit is the fix for which I took the approach of rescanning the event list down in the stack instead for instance from the control port ADD/DEL_ONION command. The reason is that I wanted to avoid any future changes to bother with enabling the event. Bottom line is that if we have a service in our global map, the event *needs* to be enabled, period. One can argue here that we could instead implementa way to only enable the HS_SERVICE role event(s) instead of fully rescanning the list? Like a periodic_event_enable_by_role(r) call?

Third commit is a unit test.

comment:6 Changed 4 months ago by nickm

Resolution: implemented
Status: needs_reviewclosed

This looks like an okay fix for me; it's probably simplest just to rescan the whole list.

Merging to master!

comment:7 Changed 4 months ago by maqp

Hi everyone, thank you for reacting so quickly. Unfortunately the fixed version now throws another error. Here is the traceback. You can reproduce it by commenting out both git reset lines in the bash script above (which then defaults to Tor's master branch).

atagar: Thank you so much for the advice, it really helped me simplify the code I'm using.

comment:8 Changed 4 months ago by maqp

Resolution: implemented
Status: closedreopened

I'm reopening the ticket. Please close it and let me know if you want me to create a new one for the new bug.

comment:9 Changed 4 months ago by dgoulet

Component: Core Tor/TorCore Tor/Stem

Hmm, I'll send this in Stem's court for now and see what atagar says if it is a Tor issue afterall.

comment:10 Changed 4 months ago by atagar

Status: reopenedneeds_information

Hi David. Sorry, I haven't been following this since maqp pointed to a tor commit. What is the ask from me?

comment:11 Changed 4 months ago by maqp

Atagar: What I think David meant was the new bug might be Stem-related. So you could please check if you're able to start an ephemeral onion service using Stem and the master branch of Tor. If there is a problem, could you please check if the error Stem throws is related to Tor or Stem.

comment:12 Changed 4 months ago by atagar

Component: Core Tor/StemCore Tor/Tor

Hi maqp, think I see the issues. When I run the following...

import stem.control

with stem.control.Controller.from_port() as controller:

  result = controller.create_ephemeral_hidden_service(80, key_content = 'ED25519-V3', await_publication = True)
  print('service established at %s.onion\n' % result.service_id)
  raw_input('press any key to quit...')

I get...

Exception in thread Event Notifier:
Traceback (most recent call last):
  File "/usr/lib/python2.7/", line 801, in __bootstrap_inner
  File "/usr/lib/python2.7/", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "/home/atagar/Desktop/stem/stem/", line 966, in _event_loop
  File "/home/atagar/Desktop/stem/stem/", line 3830, in _handle_event
    stem.response.convert('EVENT', event_message, arrived_at = time.time())
  File "/home/atagar/Desktop/stem/stem/response/", line 124, in convert
  File "/home/atagar/Desktop/stem/stem/response/", line 66, in _parse_message
  File "/home/atagar/Desktop/stem/stem/response/", line 683, in _parse
    raise stem.ProtocolError("HS_DESC's directory doesn't match a ServerSpec: %s" % self)
ProtocolError: HS_DESC's directory doesn't match a ServerSpec: HS_DESC CREATED  UNKNOWN UNKNOWN nZ5mr9/xASJHx/Fo7JpHialB5E0kC7jFJtaAXNgkPqY

Note the two spaces between 'CREATED' and 'UNKNOWN'. The problem here is that tor is filling in an empty string for the HS_DESC's 'Action'. It should be...

          "FAILED" / "CREATED"

This in turn causes Stem to think that the DescriptorID value is the fourth field, and it is invalid as the HsDir.

Sending this back over to tor.

comment:13 Changed 4 months ago by atagar

Status: needs_informationnew

comment:14 Changed 3 months ago by maqp

Atagar: Just confirming we get the same error message.

comment:15 Changed 3 months ago by dgoulet

Sponsor: Sponsor8
Status: newaccepted

comment:16 Changed 3 months ago by dgoulet

Status: acceptedneeds_review

The onion address is missing in the HS_DESC CREATED event for an ephemeral v3 service.

This was introduced by commit f7633c1fcaefe72bf97c001bab9062132c919996 (in tor-

With the work on #25500 (reducing CPU client usage), the HS service main loop callback is enabled as soon as the HS service map changes which happens when registering a new service. Unfortunately, for ephemeral services, we are building the onion address *after* the registration leading to the service->onion_address to be empty. Even in the tor logs, we had an empty string.

Fix is trivial, we simply need to build the address before registration.

Branch: bug25939_034_01

comment:17 Changed 3 months ago by maqp

dgoulet: Confirming the fix works for me (bash script).

comment:18 Changed 3 months ago by asn

Reviewer: asn
Status: needs_reviewmerge_ready


comment:19 Changed 3 months ago by nickm

Status: merge_readyneeds_revision

Looks okay, needs a changes file.

comment:20 Changed 3 months ago by asn

Status: needs_revisionmerge_ready

Good point. Pushed changes file to bug25939_034_01 in my repo.

comment:21 Changed 3 months ago by nickm

Resolution: fixed
Status: merge_readyclosed

woo; merged!

Note: See TracTickets for help on using tickets.