Opened 3 months ago

Closed 2 months ago

#27335 closed defect (fixed)

Tor bug when hs directory is missing

Reported by: traumschule Owned by:
Priority: Medium Milestone: Tor: 0.3.5.x-final
Component: Core Tor/Tor Version: Tor: 0.3.4.6-rc
Severity: Normal Keywords: tor-hs
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Trying to create an onion service with missing directory /var/lib/tor/hidden_services shows:

Error creating directory /var/lib/tor/hidden_services/hs1: No such file or directory
tor_bug_occurred_(): Bug: ../src/or/hs_service.c:1009: load_service_keys: Non-fatal assertion !(hs_check_service_private_dir(get_options()->User, config->directory_path, config->dir_group_readable, 1) < 0) failed. (on Tor 0.3.4.6-rc )
Bug: Non-fatal assertion !(hs_check_service_private_dir(get_options()->User, config->directory_path, config->dir_group_readable, 1) < 0) failed in load_service_keys at ../src/or/hs_service.c:1009. Stack trace: (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(log_backtrace+0x42) [0x55b0ef49ce92] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(tor_bug_occurred_+0xb9) [0x55b0ef4b7d59] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(hs_service_load_all_keys+0x4f5) [0x55b0ef48aa75] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(set_options+0xf11) [0x55b0ef41aa71] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(options_init_from_string+0x37e) [0x55b0ef41c77e] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(options_init_from_torrc+0x433) [0x55b0ef41cdd3] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(tor_init+0x2f0) [0x55b0ef36c370] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(tor_run_main+0x65) [0x55b0ef36ce25] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(tor_main+0x3a) [0x55b0ef365e4a] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(main+0x19) [0x55b0ef365bb9] (on Tor 0.3.4.6-rc )
Bug:     /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0) [0x7f57e9f12830] (on Tor 0.3.4.6-rc )
Bug:     /usr/bin/tor(_start+0x29) [0x55b0ef365c09] (on Tor 0.3.4.6-rc )

Instead the directory should be automatically created.

apt repository:

deb https://deb.torproject.org/torproject.org xenial main
deb-src https://deb.torproject.org/torproject.org xenial main
deb https://deb.torproject.org/torproject.org tor-experimental-0.3.4.x-xenial main
deb-src https://deb.torproject.org/torproject.org tor-experimental-0.3.4.x-xenial main

Child Tickets

Change History (7)

comment:1 Changed 3 months ago by teor

Keywords: regression? 034-must? added

comment:2 Changed 3 months ago by dgoulet

Keywords: regression? 034-must? removed
Milestone: Tor: 0.3.4.x-finalTor: 0.3.5.x-final

The tor Debian package creates /var/lib/tor/hidden_service... (notice no s) so typo there.

Any case, shouldn't assert() like that... Lets hunt this down and see at which version we have this telling us if this is a regression and how it happened.

comment:3 Changed 3 months ago by traumschule

I suppose if an operator changes the hidden service path Tor should try to create it with -p option (or walk through parent directories first) or fail with "Permission denied".

comment:4 Changed 3 months ago by dgoulet

Hmmm so this one is a bit more deep into Tor.

During the configuration process (which doesn't load the keys nor create directories), the service directory path is validated. Here, the problem lies that the *parent* directory (hidden_services/) doesn't exists but tor do realize that but still makes it OK to continue because it is telling itself "I can probably create the missing directory if asked to".

However, that is not true, Tor can't create hierarchy of directories because we simply don't have the code.

In check_private_dir(), if the directory is not found and we haven't asked to create it, there is this comment:

    /* XXXX In the case where check==CPD_CHECK, we should look at the
     * parent directory a little harder. */
    return 0;

The solution to this is to either teach Tor to create hierarchy of directories (creating in the process the parent) or make check_private_dir() return an error if a parent doesn't exists telling the user to fix that and stopping tor to continue.

comment:5 Changed 2 months ago by dgoulet

Ok so another thing pointed out by traumschule on IRC.

We shouldn't have the BUG() there because it will fail if the directory did not exists before. In hs_config.c, we don't try to create it so the check will pass if it doesn't exists, and then when loading the keys, we'll create the directory but we could still have the permission issues leading to the BUG() being triggered but shouldn't have.

comment:6 Changed 2 months ago by dgoulet

Status: newneeds_review

Branch: bug27335_035_01.

Trivial fix.

comment:7 Changed 2 months ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Cherry-picked to 0.3.2; merged forward.

Note: See TracTickets for help on using tickets.