HSFETCH fails for hidden services which use client authentication
When using HSFETCH with a hidden service which uses client authentication, it does not return the descriptor.
Example:
echo "AUTHENTICATE
HSFETCH prkszpeygn2a3kxo | nc -U /var/run/tor/controlOutput:
650 OK
650 HS_DESC REQUESTED prkszpeygn2a3kxo NO_AUTH $4D596DB0B8214621D60183B6CBF73DF67B0A97CD~CrashM jvdlgb7c3xkihcww5fypqnbkuv5dfima
650 HS_DESC FAILED prkszpeygn2a3kxo NO_AUTH $4D596DB0B8214621D60183B6CBF73DF67B0A97CD~CrashM rhdhss3jibwpmennesop3sops3mr42du REASON=BAD_DESC
650+HS_DESC_CONTENT prkszpeygn2a3kxo jvdlgb7c3xkihcww5fypqnbkuv5dfima $4D596DB0B8214621D60183B6CBF73DF67B0A97CD~CrashMlog:
Aug 27 13:29:45.000 [warn] Failed to parse introduction points. Either the service has published a corrupt descriptor or you have provided invalid authorization data.
Aug 27 13:29:45.000 [warn] Fetching v2 rendezvous descriptor failed. Retrying at another directory.I took a quick look at the code and it seems like HSFETCH simply assumes no authentication is used:
{{{
rend_query = rend_data_client_create(hsaddress, desc_id, NULL,
REND_NO_AUTH);
}}}
https://gitweb.torproject.org/tor.git/tree/src/or/control.c#n4095
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information