On Thu, May 21, 2015, at 07:16 AM, Martin Florian wrote: > I think I've found one or more bugs that appear when Tor clients > hosting HSes change their IP address during operation. I'm slightly > overwhelmed from reading the Tor source code and not sure how to best > fix them.
Thanks for bringing this up. I know Michael from Briar has definitely focused on solving this at some point, and Yaron from the Thali Project (who build this library: https://github.com/thaliproject/Tor_Onion_Proxy_Library), as well. I've been implementing an OnionShare-type app myself, and had hoped this was solved by some recent changes, but it seems not, from your experience. > The central issue that I discovered can be reproduced like this > (assuming Tor clients A, B and C): > 1. (Setup) A hosts the HS X and A, B and C are all booted up. > 2. B connects to X - it works! > 3. A changes its IP address. > 4. B tries to talk to X again - doesn't work! > 5. C tries to talk to X (for the first time) - works like a charm (so > X IS working) > > I digged through the Tor log and source code and have now arrived at > following hypothesis for why this particular error happens: > - - after A changes its IP addresses, it never establishes a circuit to > the old RP with B again. > - - B, on the other hand, keeps trying to talk with A through that RP, > saying that it is an "Active rendezvous point". B never stops trying > to use that RP. I wonder if B also was running a hidden service, if it would be possible at the application level for A to tell B that it has changed IP addresses, and then through some interaction with the Tor Control Port, to fresh the RP? > So, they appear to be two sides to this: > a) A not notifying B or the RP about its IP address change. > b) B not considering the possibility that the RP might not be active > anymore. > > b) seems easier to fix. Some logic needs to be included for forgetting > about RPs that have failed once. I identified > connection_ap_expire_beginning() as one potential place to do this. Am > I on the right track? Is this a good idea? And how do I forget about > RPs? These are some of the questions I'm struggling with... > > I should also probably open a bug report, but I thought I might first > ask for some advice here. I think there is a bug report somewhere, but I am not sure the exact number or state of it. > PS: Why this is important: HSes/Onion services running on mobile > devices will very often have to deal with IP address changes. I'm > thinking about applications like Briar or our own hacky attempts to > enable generic P2P application development on top of Tor hidden > services (https://github.com/kit-tm/PTP). Definitely an important topic. +n _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
