Skip to content

GitLab

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by Mark Smith@mcs

assertion failure when "all zero" client auth key provided

While doing some Tor Browser testing for Sponsor 27, I experienced the following after I intentionally used an incorrect client auth key for a v3 onion service:

... [err] tor_assertion_failed_: Bug: src/feature/hs/hs_descriptor.c:1423: decrypt_descriptor_cookie: Assertion !fast_mem_is_zero((char *) client_auth_sk, sizeof(*client_auth_sk)) failed; aborting. (on Tor 0.4.4.0-alpha-dev 1da0b05a5cace6ed)

As it turns out, I happened to enter a key that is consists entirely of zero bits. This is an unusual thing to do, but I do not think tor should exit.

Steps to reproduce in Tor Browser:

  1. Try to load an http or https page for a v3 onion service that requires client authentication, e.g., dgoulet's test server.
  2. Enter 56 'A's when prompted for a client auth key.

Result: tor exits due to the assertion failure. Behind the scenes, the browser installs the key via a control port command like the following:

onion_client_auth_add <onion-addr> x25519:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

and then tries to access the onion service again (page reload).

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information