Opened 8 years ago

Closed 5 years ago

#4243 closed defect (invalid)

rend_consider_services_upload waits up to 4 hours to publish the first HS descriptor by default

Reported by: rransom Owned by:
Priority: Medium Milestone: Tor: 0.2.6.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-hs
Cc: arma Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

From the documentation comment on rend_consider_services_upload (in src/or/rendservice.c):

 * For the first upload, pick a random time between now and two periods
 * from now, and pick it independently for each service.

“first upload” means the first HS descriptor upload after the service is configured in the Tor instance (i.e. when Tor is started); the ‘period’ referred to there is that specified in the RendPostPeriod configuration option (default 2 hours).

Users have complained that HSes don't work for a while after they are set up. Now we know why they don't work for a while.

Should this be changed? I assume this huge delay was intended to (a) conceal associations between different hidden services run on the same Tor client, and (b) try a little bit to conceal associations between hidden services run on a relay and the relay's uptime. Do users really gain any privacy/security/whatever from this delay? If so, how much?

If this shouldn't be changed, we need an FAQ entry about this somewhere.

Child Tickets

Change History (7)

comment:1 Changed 8 years ago by special

As I noted on IRC yesterday, I don't believe this issue is valid; that may have been the intent of the code, but it looks like the desc_is_dirty flag in rend_consider_services_upload results in uploading descriptors as soon as possible after startup. That matches what I've observed.

This does, of course, bring up the opposing bug: publishing descriptors immediately means that you can correlate the publication times for multiple services on the same Tor instance or with relay uptime.

comment:2 Changed 7 years ago by nickm

Milestone: Tor: 0.2.3.x-finalTor: 0.2.4.x-final

I don't think the resolution here blocks 0.2.3.

comment:3 Changed 7 years ago by nickm

Keywords: tor-hs added

comment:4 Changed 7 years ago by nickm

Component: Tor Hidden ServicesTor

comment:5 Changed 7 years ago by nickm

Milestone: Tor: 0.2.4.x-finalTor: 0.2.5.x-final

comment:6 Changed 6 years ago by nickm

Milestone: Tor: 0.2.5.x-finalTor: 0.2.6.x-final

comment:7 Changed 5 years ago by andrea

Resolution: invalid
Status: newclosed

Closing because this ticket is bullshit and what is salvageable is now #12500.

Note: See TracTickets for help on using tickets.