[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] tor as Onion Service (only) Wrote about "Requested exit point" in .log



On Fri, Apr 30, 2021 at 07:16:08PM -0400, Drew@xxxxxxxxxxxxxxxxxxxxx wrote:
> Why would tor running as an onion service write this to its log? 
> 
> Apr 29 02:06:22.000 [warn] {APP} Requested exit point ???$1FINGER-PRINT-XYZ*??? is not known. Closing.

It's just a terminology confusion. What Tor means is that it wanted to
make a circuit whose last hop was XYZ, but it couldn't.

Onion services make circuits like this when, for example, they want to
upload your onion descriptor to particular HSDir relays -- the 'exit'
is the HSDir it's trying to end its circuit at.

> Among other stuff, the torrc contains: 
> 
> SOCKSPolicy reject *
> SocksPort 0
> ExitRelay 0 
> ExitPolicy reject *:*  

All of those are fine. I wonder why you have ExitRelay and ExitPolicy
set if you don't have ORPort set though -- if there's no ORPort, you're
not a relay, so then your exit policy doesn't matter.

> In case it???s related, I see about an hour earlier there was a large number of dirservers that rejected an HS descriptor as invalid. In the past I???d seen a line or two or three of similar [warn] {REND} errors, but near the time below, there were 40 such lines. All within the span on one minute; 32 rejected in one second. I don???t think I???d seen that many at once before. 
> 
> Apr 29 00:50:25.000 [warn] {REND} Uploading hidden service descriptor: http status 400 ("Invalid HS descriptor. Rejected.") response from dirserver [IPv4**]:9001. Malformed hidden service descriptor?

Are you sure these are v3 onion services, and not v2 onion services?

You shouldn't be getting descriptor upload failures from v3 onion
services. If you are, please make an account on gitlab.torproject.org
and file a ticket in the 'Tor' component:
https://gitlab.torproject.org/tpo/core/tor/-/issues
and provide as many details (ways to reproduce it) as you can.

Whereas if they're actually v2 onion services, failures are going
to become more and more normal as relays upgrade:
https://blog.torproject.org/v2-deprecation-timeline

--Roger

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk