Re: [tor-bugs] #2408 [Tor Relay]: "PublishServerDescriptor hidserv" publishes a public relay descriptor

["Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>]

#2408: "PublishServerDescriptor hidserv" publishes a public relay descriptor
-----------------------+----------------------------------------------------
 Reporter:  rransom    |       Owner:  rransom           
     Type:  defect     |      Status:  assigned          
 Priority:  major      |   Milestone:  Tor: 0.2.1.x-final
Component:  Tor Relay  |     Version:                    
 Keywords:             |      Points:                    
   Parent:             |  
-----------------------+----------------------------------------------------
Changes (by rransom):

  * status:  needs_review => assigned


Comment:

 Replying to [comment:3 arma]:
 > {{{
 > -      *auth |= HIDSERV_AUTHORITY;
 > +      log_warn(LD_CONFIG,
 > +               "PublishServerDescriptor hidserv is obsolete. See "
 > +               "PublishHidServDescriptors.");
 > }}}
 >
 > When you print your warning here, you will likely get bitten by the bug
 where the logs aren't set up while parsing the config. So if the user has
 the default stdout notice log we give him, he'll see the warning. But if
 this Tor is being run in some other way (started in background, launched
 by controller, etc) this log_warn may be silent.

 Vidalia on Windows displays notice messages in its message log on startup,
 so I would expect warnings to show up there, too.

 I don't know what init scripts for the various Unix-like systems do, but
 they can and should arrange to capture early log messages to syslog.  I
 assume at least some of the init scripts out there don't do this.

 > I wonder what documentation we actually recommended using
 !PublishServerDescriptor in this way.

 The man page said that !PublishServerDescriptor accepted a `hidserv`
 argument, and that `PublishServerDescriptor hidserv` would result in Tor
 only publishing descriptors to HS directories.  As far as I can tell, this
 was ''never'' true.

 > I'm tempted to fail the Tor, rather than just warn, so the user will
 notice and fix it.

 That seems reasonable, especially because if that change would halt your
 Tor process, this bug has already shot you in the foot, and you probably
 need to re-key and change your port and/or IP to keep your bridge
 unpublished.

 I'm changing this ticket back to `assigned`, because this change will need
 to be forward-ported from maint-0.2.1 more carefully than usual (at the
 very least, I should forward-port the man page change, but I also want to
 check for other occurrences of !PublishServerDescriptor in maint-0.2.2 and
 master just in case).

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2408#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs