[tor-bugs] #32604 [Core Tor/Tor]: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID directive
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Dec 5 03:35:41 UTC 2019
#32604: Add HiddenServiceExportRendPoint and HiddenServiceExportInstanceID
directive
-----------------------------------------+---------------------------------
Reporter: moonsikpark | Owner: (none)
Type: enhancement | Status: needs_revision
Priority: Medium | Milestone: Tor:
| 0.4.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs tor-dos extra-review | Actual Points:
Parent ID: #32511 | Points:
Reviewer: dgoulet, ahf, teor | Sponsor: Sponsor27-can
-----------------------------------------+---------------------------------
Comment (by teor):
Here's a pull request that fixes the double-free, documents the current
behaviour, and fixes the changes file:
* master: https://github.com/torproject/tor/pull/1585
Here are the remaining issues:
1. The `fc00::/8` block is undefined, we should be using `fd00::/8`, see
https://en.wikipedia.org/wiki/Unique_local_address
2. The byte order of `global_identifier` and `instance_id` depends on the
host byte order
3. The `source port` duplicates a part of `global_identifier`
4. There are a spare 3 bytes in the IPv6 address, after `fc`, they are
currently set to `00:0000`
5. Adding these new features is already a breaking change, because the
previously constant bytes `dead:beef:4dad` now vary
6. We're missing tests for `destination port`
Here's what I suggest we do, if we want to commit to a breaking change:
1. Use `fd00::/8` and document that it is the unique local address prefix
2. Use network byte order
3. Put part of the fingerprint in the `source port`
4. Use the spare address bytes for part of the fingerprint
5. Document the breaking change in the man page and changes file
6. Test all the old and new features
If we only want to commit to a small breaking change:
1. Document that `fc00::/8` is undefined
2. Use network byte order for new fields, and document host byte order for
the old field
3. Don't change the `source port`
4. Use some spare address bytes for part of the fingerprint, but preserve
`fc00`
5. Document the newly varying fields in the man page and changes file, as
a breaking change
6. Test all the old and new features
dgoulet, ahf, what do you think we should do here?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32604#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list