Revision counter for v3 ephemeral hidden service is lost
When a controller is using a client to provide two or more v3 ephemeral hidden services, with the private keys managed by the controller, and there's a client session where the controller activates one of the hidden services but not the others, the revision counters for the other hidden services are lost. This prevents the other services from being activated in future sessions because their descriptors are rejected by the HSDirs.
This happens because increment_descriptor_revision_counter() in hs_service.c calls update_revision_counters_in_state(), which loops over all the services currently being provided by the client, saves their counters, and removes any other counters from the state file. Thus if any hidden service is activated during a session, the revision counters of any services not activated during that session are lost.
Steps to reproduce:
- Use
ADD_ONION NEW:ED25519-V3 ...
to create two hidden services - Save the private keys
- Shut down and restart tor
- Use
ADD_ONION ED25519-V3:<private_key_1> ...
to activate the first service - Shut down and restart tor
- Use
SETEVENTS HS_DESC
to register for HS descriptor events - Use
ADD_ONION ED25519-V3:<private_key_1> ...
to activate the first service - The descriptor should be published successfully
- Use
ADD_ONION ED25519-V3:<private_key_2> ...
to activate the second service - The controller receives
HS_DESC_FAILED
events withREASON=UPLOAD_REJECTED
It looks like this bug is related to #25552 (moved). I don't know whether the solution to that ticket will fix it.
Trac:
Username: akwizgran