Opened 10 months ago

Closed 13 days ago

#28966 closed defect (fixed)

HSv3 client auth insufficiently documented (was: HiddenServiceAuthorizeClient incompatible)

Reported by: roo Owned by: asn
Priority: High Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor Version: Tor: 0.3.5.6-rc
Severity: Minor Keywords: tor-hs, client-auth, hsv3, postfreeze-ok, network-team-roadmap-october, 042-should, nickm-merge
Cc: asn, dgoulet Actual Points: 0.15
Parent ID: #14389 Points: 0.5
Reviewer: dgoulet Sponsor: Sponsor27-must

Description

According to https://trac.torproject.org/projects/tor/ticket/20700#comment:17 this should be working.

HiddenServiceDir /var/lib/tor/keys/test
#HiddenServiceVersion 3
HiddenServicePort 80 127.0.0.1
HiddenServiceAuthorizeClient basic WUzZTg3OGQ

Dec 31 08:01:15.428 [notice] Tor 0.3.5.6-rc-dev (git-f4874765eabf1596) running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1a, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
Dec 31 08:01:15.428 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Dec 31 08:01:15.428 [notice] Read configuration file "/etc/tor/torrc".
Dec 31 08:01:15.431 [warn] Hidden service option HiddenServiceAuthorizeClient is incompatible with version 3 of service in /var/lib/tor/keys/test
Dec 31 08:01:15.431 [warn] Failed to parse/validate config: Failed to configure rendezvous options. See logs for details.
Dec 31 08:01:15.431 [err] Reading config failed--see warnings above.

Child Tickets

Change History (21)

comment:1 Changed 10 months ago by nickm

Cc: asn dgoulet added
Keywords: tor-hs added
Milestone: Tor: 0.4.0.x-final

comment:2 Changed 10 months ago by asn

Keywords: client-auth hsv3 added
Summary: HiddenServiceAuthorizeClient incompatibleHSv3 client auth insufficiently documented (was: HiddenServiceAuthorizeClient incompatible)

You are supposed to use the ClientOnionAuthDir for the client-side here.

Our docs are very bad here so this ticket is perfectly valid. We don't even mention the client-side in the Client Authorization section of the man page...

Also maybe we should give out some friendly information when someone tries to use the old client autorization torrc option with v3, so that people don't need to guess what they need to do.

Repurposing ticket. Thanks for this.

comment:3 Changed 9 months ago by nickm

Keywords: postfreeze-ok added

Mark some tickets as postfreeze-ok, to indicate that I think they are okay to accept in 0.4.0 post-freeze. Does not indicate that they are all necessary to do postfreeze.

comment:4 Changed 8 months ago by nickm

Keywords: 040-must added

Marking tickets as 040-must based on triage with dgoulet.

comment:5 Changed 8 months ago by nickm

Priority: LowHigh

comment:6 Changed 8 months ago by dgoulet

Owner: set to dgoulet
Status: newassigned

comment:7 Changed 7 months ago by teor

Owner: changed from dgoulet to asn

dgoulet is on leave, so I guess the next best person is asn.

comment:8 Changed 7 months ago by asn

Keywords: 040-must removed
Milestone: Tor: 0.4.0.x-finalTor: 0.4.1.x-final
Points: 0.3

I dont think I have the capacity to do this in the 040 timeframe.
Removing 040-must and if I manage to fit it in, I will submit a patch in time.

comment:9 Changed 6 months ago by teor

Parent ID: #27544

comment:10 Changed 6 months ago by asn

Parent ID: #27544#14389
Points: 0.30.5
Sponsor: Sponsor27-must

comment:11 Changed 5 months ago by gaba

Keywords: network-team-roadmap-2019-Q1Q2 added

comment:12 Changed 5 months ago by nickm

Keywords: 041-should added

comment:13 Changed 4 months ago by asn

Keywords: 041-should removed
Milestone: Tor: 0.4.1.x-finalTor: 0.4.2.x-final

Moving to 042. This is not roadmapped for 041 as part of s27. We will do it later.

comment:14 Changed 3 months ago by gaba

Keywords: network-team-roadmap-october added; network-team-roadmap-2019-Q1Q2 removed

comment:15 Changed 5 weeks ago by nickm

Keywords: 042-should added

comment:16 Changed 4 weeks ago by asn

Milestone: Tor: 0.4.2.x-finalTor: 0.4.3.x-final

Pushing to 043. Too many things happening.

comment:17 Changed 2 weeks ago by asn

Actual Points: 0.15
Status: assignedneeds_review

OK this has been around for too long. Here is a fix https://github.com/torproject/tor/pull/1382

comment:18 Changed 2 weeks ago by teor

Reviewer: dgoulet

Looks fine to me, but dgoulet should probably check the details :-)

comment:19 Changed 2 weeks ago by dgoulet

Keywords: nickm-merge added
Status: needs_reviewmerge_ready

Super good!

comment:20 Changed 2 weeks ago by teor

Milestone: Tor: 0.4.3.x-finalTor: 0.4.2.x-final

comment:21 Changed 13 days ago by nickm

Resolution: fixed
Status: merge_readyclosed

Merged!

Note: See TracTickets for help on using tickets.