Opened 4 months ago

Last modified 4 weeks ago

#29669 new defect

hs: ADD_ONION with NEW:BEST is still pinned on v2

Reported by: dgoulet Owned by:
Priority: High Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor Version: Tor: 0.3.5.1-alpha
Severity: Normal Keywords: tor-hs, tor-control, hs-v3, tor-spec, security, 041-deferred-20190530
Cc: Actual Points:
Parent ID: Points: 1
Reviewer: Sponsor:

Description

Even though the control spec says:

  (The "NEW:BEST" option obeys the HiddenServiceVersion torrc option default
  value. Since 0.3.5.1-alpha, it is 3. For Tor versions before 0.3.5.1-alpha,
  default HiddenServiceVersion is 2.)

... in control.c, the ADD_ONION command has this condition that basically pins the NEW:BEST to v2:

    if (!strcasecmp(key_type_rsa1024, key_blob) ||
        !strcasecmp(key_type_best, key_blob)) {
      /* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */

Not good! NEW:BEST should obey the default version, not something hardcoded like so. This will need a spec update to mention the correct tor version.

Child Tickets

Change History (3)

comment:1 Changed 6 weeks ago by nickm

Keywords: security added

comment:2 Changed 4 weeks ago by nickm

Keywords: 041-deferred-20190530 added

Marking these tickets as deferred from 041.

comment:3 Changed 4 weeks ago by nickm

Milestone: Tor: 0.4.1.x-finalTor: 0.4.2.x-final
Note: See TracTickets for help on using tickets.