Opened 2 years ago

Closed 23 months ago

#27310 closed defect (wontfix)

Tor fails to upload v3 hidden service descriptors

Reported by: traumschule Owned by:
Priority: High Milestone: Tor: 0.3.5.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Normal Keywords: tor-hs regression?
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


This instance has several hidden services configured and v2 onions are reachable with this version of Tor.

Starting Tor (git-6809bbe766dbf6b3) i got following warning 32 times:

{REND} Uploading hidden service descriptor: http status 400 ("Invalid HS descriptor. Rejected.") response from dirserver '$address'. Malformed hidden service descriptor?

I wonder if files created by the previously used Tor are incompatible with

Will attach a scrubbed info log later, debug log is available on demand.

Child Tickets

Attachments (2)

tor-27310.scrubbed.log.xz (29.8 KB) - added by traumschule 2 years ago.
info log
log.txt.gz (17.5 KB) - added by cstest 2 years ago.

Download all attachments as: .zip

Change History (10)

Changed 2 years ago by traumschule

Attachment: tor-27310.scrubbed.log.xz added

info log

comment:1 Changed 2 years ago by nickm

Keywords: regression? added
Milestone: Tor: unspecifiedTor: 0.3.4.x-final
Priority: MediumHigh

comment:2 Changed 2 years ago by dgoulet

Milestone: Tor: 0.3.4.x-finalTor: 0.3.5.x-final
Resolution: not a bug
Status: newclosed

Hmmm there is a bit too much INFO logs missing. In theory, before the "Malformed" warning happens, we should have a series of logs about building descriptor including the value of the revision counter. Most likely, that is the issue.

If you moved your HS from 035 to 034, you are likely to hit the revision counter issue because you are using a value that is way too low (most likely around 0 since it had to start from the start) from what 035 used which is based on Unix timestamp so much higher.

Either wait 3 hours before uploading a new descriptors or consider changing keys :). If you are unable to make your HS work after those 3 hours which is the HSDir lifetime of a descriptor, then re-open?

comment:3 Changed 2 years ago by traumschule

Started Tor some hours ago and the error did not appear again. Not many users will downgrade this way probably.

comment:4 Changed 2 years ago by cstest

I am experiencing the same problem. Running only single v3 domain which was generated by mkp224o.

When I start v3 hidden service many times does not start immediately but it takes couple of hours.

Adding log file into attachment.

Last edited 2 years ago by cstest (previous) (diff)

comment:5 Changed 2 years ago by cstest

Resolution: not a bug
Status: closedreopened

comment:6 Changed 2 years ago by cstest

On start v3 domain will work but only if domain was offline for several hours. If I restart Tor instance, nobody could connect until next several hours, probably due to those 3 hours caches in HSDirs.

So is my v3 hidden service key valid or invalid?

Last edited 2 years ago by cstest (previous) (diff)

Changed 2 years ago by cstest

Attachment: log.txt.gz added

comment:7 Changed 2 years ago by cstest

When I restart Tor instance I also delete Tor data folder and since "state" file is keeping HidServRevCounter my v3 hidden service will not working immediately. Case closed.

Last edited 2 years ago by cstest (previous) (diff)

comment:8 Changed 23 months ago by traumschule

Resolution: wontfix
Status: reopenedclosed

Closing after a clarifying chat with dgoulet. Thanks! In case someone runs into this, this is what i understood (paraphrasing here):

That "400 Rejected" error is ambiguous (hence the fix is not to improve the log message) and can be caused by two things today

  • 1) Unable to decode the descriptor (which can be caused by many things) or
  • 2) Revision counter is lower than previous one

The reason for 2) could be a replay attack (in theory - "yes (if we rule out a tor bug)") or an operator emptied the state file, or downgraded a client from 0.3.5 to 0.3.4 as i did.

in this case, going from 035 to 034 breaks it for ~3hr but then works ... so logging that one should maybe wait is not ideal because we don't know the context
in 034 HidServRevCounter is based on a value in the state file, 035+ is based on time

The other option is being debugged in #27436.

Note: See TracTickets for help on using tickets.