[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Onion Client Auth on v3 descriptor via Control port
Miguel Jacq <mig@xxxxxxxx> writes:
> Hi George,
>
> On Wed, Jun 17, 2020 at 12:37:18PM +0300, George Kadianakis wrote:
>>
>> Hmm, this is a bit embarassing for both of us, but if I'm not mistaken
>> ONION_CLIENT_AUTH_ADD only controls the client-side of client auth
>> credentials. This is not obvious at all by the command name, and it only
>> becomes a bit clearer by reading the control-spec.txt...
>>
>> We added that control port command so that the browser could present a
>> UX for client authorization.
>
> Ahahahah. Riiight, thanks for that clarification. This whole time I indeed thought this was a novel way for adding Client Auth for v3 onions via the control port.
>
> I had been reading the rend-spec-v3 https://github.com/torproject/torspec/blob/master/rend-spec-v3.txt
>
> G.2.1 'Service side' says '[XXX figure out control port command format]' and I figured it just hadn't been updated to reflect the new command. I hadn't even thought to read the control spec..
>
>>
>> AFAIK there is no control port command for adding service-side client
>> auth credentials. You will need to do this using the filesystem by using
>> the '<HiddenServiceDir>/authorized_clients/' directory as displayed by
>> the "CLIENT AUTHORIZATION" section of the manual... Or you will need to
>> implement the control port commands in tor :/
>>
>> Sorry for the sad news here....... :/
>
> Okay, thanks for all the clarification. Indeed, OnionShare uses purely ephemeral onions, so the standard filesystem method won't work (unless we switch to that).
>
Right.... Seems like v2 supports adding client auth credentials through
the control port using the ADD_ONION command, but that's not the case
for v3...
Just a simple matter of programming as always ;)
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev