Skip to content
GitLab
Open
Created by cypherpunks@cypherpunks

Onion Authentication fails when connecting to a subdomain

Specs (shouldn't be very important other than the version):

Tor Browser 10.0.17

Safer Setting

Linux X11

Steps to reproduce:

  1. Obtain a service descriptor for an authenticating onion service.
  2. Open Tor Browser or click New Identity.
  3. Check that the key to the onion service has not been saved (about:preferences#privacy -> Onion Services Authentication -> Saved Keys...).
  4. Go to subdomain.[service descriptor].onion.
  5. Enter the correct authentication key.

What happens:

Tor Browser does not accept the key and an error message pops up: Invalid v3 address "subdomain.[service descriptor]"

What should happen:

Tor Browser authenticates normally with the onion service.

Extra notes:

This does not happen if the user has visited [service descriptor].onion and successfully authenticated before visiting subdomain.[service descriptor].onion, all in the same session. The problem might be with the authentication dialog.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information