Opened 6 months ago

Closed 6 months ago

#33148 closed defect (fixed)

hs-v3: Clean cached descriptor(s) on ONION_CLIENT_AUTH_REMOVE

Reported by: dgoulet Owned by: dgoulet
Priority: High Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: 043-must
Cc: mcs, brade, acat Actual Points:
Parent ID: Points: 0.1
Reviewer: asn Sponsor: Sponsor27-must

Description

When a client authorization is removed with the control command ONION_CLIENT_AUTH_REMOVE, we should also remove the associated descriptor from the cache else the .onion is still accessible even though the credentials have been removed.

Found by mcs/brade/acat during testing: https://trac.torproject.org/projects/tor/ticket/19757#comment:31

Child Tickets

Change History (5)

comment:1 Changed 6 months ago by dgoulet

Status: assignedneeds_review

Branch: ticket33148_043_01
PR: https://github.com/torproject/tor/pull/1706

comment:2 Changed 6 months ago by asn

Status: needs_reviewneeds_revision

Looks good. Two minor things:

  • There is a small synax error in the changes file that makes it weird to read. Perhaps say "so they don't linger and are still usable hence making...".
  • Do you think we should add a log_info to be clear that this operation happened, or that it found a target?

comment:3 Changed 6 months ago by dgoulet

Status: needs_revisionneeds_review

Fixed. See the two fixup commits.

comment:4 Changed 6 months ago by nickm

Priority: MediumHigh

Mark 043-must tickets as high priority

comment:5 Changed 6 months ago by asn

Resolution: fixed
Status: needs_reviewclosed

Thanks! Merged!

Note: See TracTickets for help on using tickets.