This project is archived. Its data is
read-only
.
Changes
Page history
Raw import from Trac using Trac markup language.
authored
Jun 15, 2020
by
Alexander Hansen Færøy
Show whitespace changes
Inline
Side-by-side
doc/TorControlPortWalkthrough-HS.md
0 → 100644
View page @
53a16e3a
== Tor Control Port Walkthrough -- Hidden service client connection ==
The following walk-through will explain the controller events you might
see when visiting a Tor hidden service. It assumes you're familiar with
the general hidden service design (https://www.torproject.org/docs/hidden-services),
and that you know about the Tor specification (https://gitweb.torproject.org/torspec.git/blob/HEAD:/tor-spec.txt)
and the Tor rendezvous specification (https://gitweb.torproject.org/torspec.git/blob/HEAD:/rend-spec.txt).
First we connect to the control
port, authenticate, and ask to hear four categories of events -- circ
will tell us about major circuit events, stream will tell us about new
application-level connections, circ_minor will tell us about more esoteric
circuit events, and hs_desc will tell us about progress at fetching hidden
service descriptors.
(There is a visualization of the event sequence at the end of this section.)
{{{
$ telnet localhost 9051
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
authenticate
250 OK
setevents circ stream circ_minor hs_desc
250 OK
}}}
At this point in another window I ran
{{{usewithtor wget duskgytldkxiuqc6.onion}}} which triggers a stream
event, telling us there is now a new stream, with stream id 1389, and
its destination is the hidden service I've fetched:
{{{
650 STREAM 1389 NEW 0 duskgytldkxiuqc6.onion:80 SOURCE_ADDR=127.0.0.1:50239 PURPOSE=USER
}}}
The first step for the Tor client is to fetch the hidden service
descriptor associated with this .onion address. There are six relays that
the hidden service published its descriptor to, and Tor picks one of them
(CrashM in this case) and generates an internal stream (stream id 1391)
to fetch it via a Tor circuit using http. This stream 1391 triggers a
circuit launch, and also we get an HS_DESC event telling us that we're
initiating a request for the descriptor.
{{{
650 STREAM 1391 NEW 0 212.159.91.22.$A33A225654B9ED688ED9B0D6F0400C373C2C3A72.exit:443 PURPOSE=DIR_FETCH
650 CIRC 725 LAUNCHED BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.562981
650 HS_DESC REQUESTED duskgytldkxiuqc6 NO_AUTH $A33A225654B9ED688ED9B0D6F0400C373C2C3A72~CrashM umqkk5xcj4e57r6upvodzsxaoz7jgah4
}}}
Now the Tor client realizes that it doesn't have enough preemptive circuits
sitting around, so it starts a new one (circuit id 726). We see events
for both circuit 725 and 726 as they finish building. Note that 726 ends
up being the normal three hops, while 725 is four hops because the fourth
hop (CrashM) wasn't chosen by us.
{{{
650 CIRC 726 LAUNCHED BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.704383
650 CIRC 726 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.704383
650 CIRC 725 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.562981
650 CIRC 726 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.704383
650 CIRC 725 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$C59F04BA68B5AF409319E662A8426D70B0CF9BC0~ksfrrl1 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.562981
650 CIRC 726 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.704383
650 CIRC 726 BUILT $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.704383
650 CIRC 725 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$C59F04BA68B5AF409319E662A8426D70B0CF9BC0~ksfrrl1,$0A637C5DB578C91CCA498C3400BFBEDFDB081F07~hviv1024 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.562981
650 CIRC 725 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$C59F04BA68B5AF409319E662A8426D70B0CF9BC0~ksfrrl1,$0A637C5DB578C91CCA498C3400BFBEDFDB081F07~hviv1024,$A33A225654B9ED688ED9B0D6F0400C373C2C3A72~CrashM BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.562981
650 CIRC 725 BUILT $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$C59F04BA68B5AF409319E662A8426D70B0CF9BC0~ksfrrl1,$0A637C5DB578C91CCA498C3400BFBEDFDB081F07~hviv1024,$A33A225654B9ED688ED9B0D6F0400C373C2C3A72~CrashM BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:13.562981
}}}
Now that circuit 725 is finished building, it's ready for us to send a
begin_dir cell down it to establish a connection to fetch the descriptor.
We do, and it gets a 'connected' reply, and then we close the stream and
hear that the hidden service descriptor was received. (Also, interleaved
with these messages, our Tor client has decided to launch a new preemptive
circuit 727, in case it needs it later.)
{{{
650 STREAM 1391 SENTCONNECT 725 212.159.91.22.$A33A225654B9ED688ED9B0D6F0400C373C2C3A72.exit:443
650 STREAM 1391 SUCCEEDED 725 212.159.91.22.$A33A225654B9ED688ED9B0D6F0400C373C2C3A72.exit:443
650 CIRC 727 LAUNCHED BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:15.701996
650 CIRC 727 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:15.701996
650 STREAM 1391 CLOSED 725 212.159.91.22.$A33A225654B9ED688ED9B0D6F0400C373C2C3A72.exit:443 REASON=END REMOTE_REASON=DONE
650 HS_DESC RECEIVED duskgytldkxiuqc6 NO_AUTH $A33A225654B9ED688ED9B0D6F0400C373C2C3A72~CrashM
}}}
Now that we have the descriptor, we want to establish a rendezvous
point. Fortunately circuit 726 is sitting around waiting for a good use.
We change its purpose from OLD_PURPOSE=GENERAL to PURPOSE=HS_CLIENT_REND.
Now that it's a hidden-service-related circuit, the events also tell
us that its HS_STATE is now set to HSCR_CONNECTING.
"HSCR" means "hidden service, client-side (to distinguish from events
we'd get if we were running a hidden service ourselves), rendezvous (as
opposed to introduction)". The "connecting" part means that we sent an
ESTABLISH_RENDEZVOUS cell but haven't gotten a RENDEZVOUS_ESTABLISHED
confirmation yet.
{{{
650 CIRC_MINOR 726 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_REND HS_STATE=HSCR_CONNECTING TIME_CREATED=2014-09-19T20:24:13.704383 OLD_PURPOSE=GENERAL
650 CIRC_MINOR 726 CANNIBALIZED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_REND HS_STATE=HSCR_CONNECTING TIME_CREATED=2014-09-19T20:24:13.704383 OLD_PURPOSE=GENERAL OLD_TIME_CREATED=2014-09-19T20:24:13.978682
}}}
In parallel, we start to establish a circuit (id 728) to one of the
introduction points we learned about in the hidden service descriptor.
{{{
650 CIRC 728 LAUNCHED BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING TIME_CREATED=2014-09-19T20:24:16.180355
}}}
And circuit 727 makes a bit more progress:
{{{
650 CIRC 727 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:15.701996
}}}
Now we get our RENDEZVOUS_ESTABLISHED response on circuit 726, so the
HS_STATE shifts from HSCR_CONNECTING to HSCR_ESTABLISHED_IDLE, i.e. the
rendezvous point is ready for the hidden service to connect to it. Note
that the event now also includes a REND_QUERY argument: while before
this rendezvous point could have been used for any hidden service,
we've now locked it into a particular one.
{{{
650 CIRC_MINOR 726 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_REND HS_STATE=HSCR_ESTABLISHED_IDLE REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:13.704383 OLD_PURPOSE=HS_CLIENT_REND OLD_HS_STATE=HSCR_CONNECTING
}}}
Circuits 727 and 728 establish more hops, and 727 completes:
{{{
650 CIRC 728 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:16.180355
650 CIRC 727 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:15.701996
650 CIRC 727 BUILT $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:15.701996
}}}
Oh noes! We got a destroy cell back instead of establishing the next
hop in circuit 728, which was going to connect to the introduction point.
Maybe this happened because bauruine203 couldn't reach the next hop in
the circuit we were trying to build. In any case it's time to abandon
circuit 728.
{{{
650 CIRC 728 FAILED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:16.180355 REASON=DESTROYED REMOTE_REASON=CHANNEL_CLOSED
}}}
Fortunately circuit 727 is sitting around waiting for a good use. We
convert it from a general-purpose circuit to an HS_CLIENT_INTRO circuit.
It already has three hops established, so we ask it to extend to the
introduction point as its fourth.
{{{
650 CIRC_MINOR 727 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING TIME_CREATED=2014-09-19T20:24:15.701996 OLD_PURPOSE=GENERAL
650 CIRC_MINOR 727 CANNIBALIZED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING TIME_CREATED=2014-09-19T20:24:15.701996 OLD_PURPOSE=GENERAL OLD_TIME_CREATED=2014-09-19T20:24:15.735689
}}}
And now that we don't have enough preemptive circuits sitting around
(since we just used one), we launch a new general-purpose circuit:
{{{
650 CIRC 729 LAUNCHED BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:16.718356
650 CIRC 729 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:16.718356
}}}
Now circuit 727 finishes its final hop to the introduction point:
{{{
650 CIRC 727 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay,$4A0CCD2DDC7995083D73F5D667100C8A5831F16D~Tonga BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:15.701996
650 CIRC 727 BUILT $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay,$4A0CCD2DDC7995083D73F5D667100C8A5831F16D~Tonga BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_CONNECTING REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:15.701996
}}}
and we get notification that we've sent an ESTABLISH_INTRO cell down it
(it goes from HSCI_CONNECTING to HSCI_INTRO_SENT):
{{{
650 CIRC_MINOR 727 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay,$4A0CCD2DDC7995083D73F5D667100C8A5831F16D~Tonga BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_INTRO_SENT REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:15.701996 OLD_PURPOSE=HS_CLIENT_INTRO OLD_HS_STATE=HSCI_CONNECTING
}}}
Circuit 729 makes a bit more progress:
{{{
650 CIRC 729 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$ADDD2CD7747BBAA027C66D2A8C475DD2E158902E~spfTOR4e1 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:16.718356
}}}
Now circuit 727 gets an INTRODUCE_ACK cell back, meaning the introduction
point we tried did indeed have a circuit open to the hidden service,
and it sent our introduce cell down it. Yay; we close circuit 727 since
we're done with it. At the same time, we update our internal state for
circuit 726 to tell it to expect a connection from the hidden service.
{{{
650 CIRC_MINOR 726 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_REND HS_STATE=HSCR_ESTABLISHED_WAITING REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:13.704383 OLD_PURPOSE=HS_CLIENT_REND OLD_HS_STATE=HSCR_ESTABLISHED_IDLE
650 CIRC_MINOR 727 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay,$4A0CCD2DDC7995083D73F5D667100C8A5831F16D~Tonga BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_DONE REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:15.701996 OLD_PURPOSE=HS_CLIENT_INTRO OLD_HS_STATE=HSCI_INTRO_SENT
650 CIRC 727 CLOSED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$F7A53029D904C56CC525C142829FE6B78F7253DB~UECENETit,$1099983E2C5C3ECDAD0B7D5AABD2AC6BF2CBBF70~chaoxrelay,$4A0CCD2DDC7995083D73F5D667100C8A5831F16D~Tonga BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_INTRO HS_STATE=HSCI_DONE REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:15.701996 REASON=FINISHED
}}}
Circuit 729 continues to build, and we also decide to start a new
preemptive circuit 730.
{{{
650 CIRC 729 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$ADDD2CD7747BBAA027C66D2A8C475DD2E158902E~spfTOR4e1,$06923B596647244629FE3447C8E4795BFC6AAB3D~freespeech4thedumb3 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:16.718356
650 CIRC 729 BUILT $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$ADDD2CD7747BBAA027C66D2A8C475DD2E158902E~spfTOR4e1,$06923B596647244629FE3447C8E4795BFC6AAB3D~freespeech4thedumb3 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:16.718356
650 CIRC 730 LAUNCHED BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:17.702080
650 CIRC 730 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:17.702080
650 CIRC 730 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$6F545A39D4849C9FE5B08A6D68C8B3478E4B608B~Chandler02 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:17.702080
}}}
Now we get a RENDEZVOUS2 cell on circuit 726, indicating that the hidden
service has connected to our rendezvous point. So we send a BEGIN cell
down it, to make a connection to the webserver on the other side.
{{{
650 CIRC_MINOR 726 PURPOSE_CHANGED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$8806C3E6FA42B07113F3A1553DE70C0A30101201~Unnamed,$43AF032EE73B4595B8E18037676704DA01212F01~EuropeCoastDE BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_REND HS_STATE=HSCR_JOINED REND_QUERY=duskgytldkxiuqc6 TIME_CREATED=2014-09-19T20:24:13.704383 OLD_PURPOSE=HS_CLIENT_REND OLD_HS_STATE=HSCR_ESTABLISHED_WAITING
650 STREAM 1389 SENTCONNECT 726 duskgytldkxiuqc6.onion:80
}}}
Circuit 730 finishes building:
{{{
650 CIRC 730 EXTENDED $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$6F545A39D4849C9FE5B08A6D68C8B3478E4B608B~Chandler02,$3F1ED718AA40BBA2FDF06E948DF3859E826FFBD3~toxiroxiNL1 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:17.702080
650 CIRC 730 BUILT $3C79699D4FBC37DE1A212D5033B56DAE079AC0EF~bauruine203,$6F545A39D4849C9FE5B08A6D68C8B3478E4B608B~Chandler02,$3F1ED718AA40BBA2FDF06E948DF3859E826FFBD3~toxiroxiNL1 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=GENERAL TIME_CREATED=2014-09-19T20:24:17.702080
}}}
Finally, we get a CONNECTED cell back from the hidden service. We send
a relay cell that contains our http get request, and receive a pile of
relay cells that contain the html page we wanted. When wget has gotten
enough data, it closes its connection to our socks port, and we're done.
{{{
650 STREAM 1389 SUCCEEDED 726 duskgytldkxiuqc6.onion:80
650 STREAM 1389 CLOSED 726 duskgytldkxiuqc6.onion:80 REASON=DONE
}}}
The following table contains a visualization of the event sequence:
||= Time=||=CIRC 725 (directory) =||=CIRC 726 (rendezvous point) =||=CIRC 727 (introduction point) ||=CIRC 728 (introduction point) =||=CIRC 729 (unrelated) =||=CIRC 730 (unrelated) =||
|||||||||||||| '' Received application request, establishing directory circuit to fetch descriptor. '' ||
|| 1|| ||STREAM 1389 NEW 0 || || || || ||
|| 2||STREAM 1391 NEW 0 || || || || || ||
|| 3||CIRC 725 LAUNCHED || || || || || ||
|| 4||HS_DESC REQUESTED || || || || || ||
|| 5|| ||CIRC 726 LAUNCHED || || || || ||
|| 6|| ||CIRC 726 EXTENDED || || || || ||
|| 7||CIRC 725 EXTENDED || || || || || ||
|| 8|| ||CIRC 726 EXTENDED || || || || ||
|| 9||CIRC 725 EXTENDED || || || || || ||
|| 10|| ||CIRC 726 EXTENDED || || || || ||
|| 11|| ||CIRC 726 BUILT || || || || ||
|| 12||CIRC 725 EXTENDED || || || || || ||
|| 13||CIRC 725 EXTENDED || || || || || ||
|| 14||CIRC 725 BUILT || || || || || ||
|||||||||||||| '' Built directory circuit, fetching descriptor. '' ||
|| 15||STREAM 1391 SENTCONNECT 725 || || || || || ||
|| 16||STREAM 1391 SUCCEEDED 725 || || || || || ||
|| 17|| || ||CIRC 727 LAUNCHED || || || ||
|| 18|| || ||CIRC 727 EXTENDED || || || ||
|| 19||STREAM 1391 CLOSED 725 || || || || || ||
|| 20||HS_DESC RECEIVED || || || || || ||
|||||||||||||| '' Received descriptor, establishing rendezvous point and circuit to introduction point. '' ||
|| 21|| ||CIRC_MINOR 726 PURPOSE_CHANGED || || || || ||
|| 22|| ||CIRC_MINOR 726 CANNIBALIZED || || || || ||
|| 23|| || || ||CIRC 728 LAUNCHED || || ||
|| 24|| || ||CIRC 727 EXTENDED || || || ||
|| 25|| ||CIRC_MINOR 726 PURPOSE_CHANGED || || || || ||
|||||||||||||| '' Received confirmation from rendezvous point that it's ready for the hidden service to connect. '' ||
|| 26|| || || ||CIRC 728 EXTENDED || || ||
|| 27|| || ||CIRC 727 EXTENDED || || || ||
|| 28|| || ||CIRC 727 BUILT || || || ||
|| 29|| || || ||CIRC 728 FAILED || || ||
|||||||||||||| '' Detected problem with introduction circuit, giving up and retrying another introduction circuit. '' ||
|| 30|| || ||CIRC_MINOR 727 PURPOSE_CHANGED || || || ||
|| 31|| || ||CIRC_MINOR 727 CANNIBALIZED || || || ||
|| 32|| || || || || || ||
|| 33|| || || || ||CIRC 729 LAUNCHED || ||
|| 34|| || || || ||CIRC 729 EXTENDED || ||
|| 35|| || ||CIRC 727 EXTENDED || || || ||
|| 36|| || ||CIRC 727 BUILT || || || ||
|||||||||||||| '' Built introduction circuit, sending introduction. '' ||
|| 37|| || ||CIRC_MINOR 727 PURPOSE_CHANGED || || || ||
|| 38|| || || || ||CIRC 729 EXTENDED || ||
|| 39|| || || || || || ||
|| 40|| ||CIRC_MINOR 726 PURPOSE_CHANGED || || || || ||
|| 41|| || ||CIRC_MINOR 727 PURPOSE_CHANGED || || || ||
|||||||||||||| '' Received confirmation from introduction point that introduction was received. '' ||
|| 42|| || ||CIRC 727 CLOSED || || || ||
|| 43|| || || || ||CIRC 729 EXTENDED || ||
|| 44|| || || || ||CIRC 729 BUILT || ||
|| 45|| || || || || ||CIRC 730 EXTENDED ||
|| 46|| || || || || ||CIRC 730 EXTENDED ||
|| 47|| ||CIRC_MINOR 726 PURPOSE_CHANGED || || || || ||
|||||||||||||| '' Received confirmation from rendezvous point that hidden service has connected, starting application connection to remote webserver. '' ||
|| 48|| ||STREAM 1389 SENTCONNECT 726 || || || || ||
|| 49|| || || || || || ||
|| 50|| || || || || ||CIRC 730 EXTENDED ||
|| 51|| || || || || ||CIRC 730 BUILT ||
|| 52|| ||STREAM 1389 SUCCEEDED 726 || || || || ||
|| 53|| ||STREAM 1389 CLOSED 726 || || || || ||
|||||||||||||| '' Learned that application request has succeeded and circuit has been closed. '' ||
