Opened 7 months ago

Closed 17 hours ago

#30381 closed enhancement (fixed)

Provide control port commands to ADD/REMOVE/VIEW v3 client-auth

Reported by: asn Owned by: asn
Priority: Medium Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-hs, tbb-usability, ux-team, hs-auth, network-team-roadmap-september, 042-deferred-20190918
Cc: antonela, arthuredelstein, brade, mcs, gk, michael, special, erinn, patrick@…, lunar, linda, dmr Actual Points: 4.5
Parent ID: #14389 Points: 6
Reviewer: dgoulet Sponsor: Sponsor27-must

Description (last modified by asn)

We need control port commands so that TB can add/remove/view client auth credentials.

Furthermore, the 'add' command should be able to decrypt any existing non-decryptable descriptors in the cache (see #30382).

Child Tickets

Attachments (1)

tor-os-auth-crash.txt (4.7 KB) - added by mcs 5 months ago.
assertion failure log

Download all attachments as: .zip

Change History (23)

comment:1 Changed 7 months ago by asn

Points: 6

comment:3 Changed 7 months ago by asn

Description: modified (diff)

comment:4 Changed 7 months ago by asn

Owner: set to asn
Status: newassigned

comment:6 Changed 7 months ago by pili

Sponsor: Sponsor27-must

comment:7 Changed 6 months ago by gaba

Keywords: network-team-roadmap-2019-Q1Q2 added

comment:8 Changed 6 months ago by asn

Status: assignedneeds_review

Pushed branch here: https://github.com/torproject/tor/pull/1070

It's based on david's #30382 branch so that I can use his 'decrypt pending descriptors upon add' functionality. That's also the only part that is not unittested.

I also pushed a fixup commit to my spec patch based on the latest implementation: https://github.com/torproject/torspec/pull/81/commits/dafda3944241e4ab6dfe0fee90d2e97979ac8f94

comment:9 Changed 6 months ago by asn

Reviewer: dgoulet

comment:10 Changed 6 months ago by asn

Actual Points: 4.5

comment:11 Changed 6 months ago by dgoulet

Status: needs_reviewneeds_revision

Review on the PR. Looking good. No show stopper, just few minor things.

Changed 5 months ago by mcs

Attachment: tor-os-auth-crash.txt added

assertion failure log

comment:12 Changed 5 months ago by mcs

Kathy and I are trying to integrate our work-in-progress Tor Browser code with a tor we built from the code at https://github.com/asn-d6/tor/tree/bug30381. Unfortunately, when we access a v3 onion service that requires client auth we encounter an assertion failure inside tor. See the attached file tor-os-auth-crash.txt. Please let us know if you need any more info in order to debug the problem.

comment:13 Changed 5 months ago by dgoulet

Oh no... that is currently fixed in #30382... Let me do an updated branch for you to work with:

Try to use this branch: ticket30381_042_01
https://gitweb.torproject.org/user/dgoulet/tor.git/log/?h=ticket30381_042_01

It is not clean or anything but will have the latest code we have for your testing. Hopefully, should help you go forward!

comment:14 in reply to:  13 Changed 5 months ago by mcs

Replying to dgoulet:

Oh no... that is currently fixed in #30382... Let me do an updated branch for you to work with:

Try to use this branch: ticket30381_042_01
https://gitweb.torproject.org/user/dgoulet/tor.git/log/?h=ticket30381_042_01

Thanks; this works much better. We now receive the correct SOCKS error code (after a 120 second delay, which is a problem asn already mentioned in his review of your #30382 pull request). Kathy and I should be able to make more progress using this branch though. Next we will experiment with ONION_CLIENT_AUTH_ADD.

comment:15 Changed 4 months ago by gaba

Keywords: network-team-roadmap-september added; network-team-roadmap-2019-Q1Q2 removed

comment:16 Changed 3 months ago by asn

OK I pushed fixes to David's comments in: https://github.com/torproject/tor/pull/1070

The branch needs to be rebased to latest master, and also incorporated withe fixes of comment:13. I will do that when David fixes up #30382 and we have a final branch from that side.

comment:17 Changed 3 months ago by nickm

Type: defectenhancement

Mark a number of current 0.4.2.x "defects" as "enhancements."

comment:18 Changed 2 months ago by nickm

Keywords: 042-deferred-20190918 added
Milestone: Tor: 0.4.2.x-finalTor: 0.4.3.x-final

Defer numerous 0.4.2 tickets to 0.4.3.

comment:19 Changed 3 weeks ago by asn

OK here is branch based on David's updated #30381: https://github.com/torproject/tor/pull/1483

This is meant to be used by the Tb team for testing since it includes all features.

comment:20 Changed 7 days ago by asn

Status: needs_revisionneeds_review

comment:21 Changed 6 days ago by dgoulet

Status: needs_reviewneeds_revision

We need a version based on the latest master once #30382 gets merged. Moving to needs_revision until then.

comment:22 Changed 38 hours ago by asn

Status: needs_revisionneeds_review

OK now that #30382 is merged upstream, here is the #30381 branch rebased to latest master: https://github.com/torproject/tor/pull/1550

comment:23 Changed 17 hours ago by dgoulet

Resolution: fixed
Status: needs_reviewclosed

Awesome work! lgtm! Merged to master!

Note: See TracTickets for help on using tickets.