Skip to content

fixup! Bug 30237: Add v3 onion services client authentication prompt

  • strip subdomain off of onion hostname when extracting the onion service id for use with the ONION_CLIENT_AUTH_ADD command

fixes #40465 (closed)

This function receives a hostname from an onon URI. I haven't tested this end-to-end but have verified the regex works as expected with the following:

const onionServiceIdRegExp = /^(.*\.)*(?<onionServiceId>[a-z2-7]{56})\.onion$/i;
// duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad
"duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();
"DUCKDUCKGOgg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();
"duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.ONION".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();
"foo.FOO.duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();
// throws because of null due to not matching 
"".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();
"www.cnn.com".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();
"fake.onion".match(onionServiceIdRegExp).groups.onionServiceId.toLowerCase();

The 'Invalid v3 address...' error comes from the tor daemon itself (rather than Tor Browser), so it seems the original cypherpunk was spot-on in their diagnoses of the problem and this error most likely comes from the invalid arg to the ONION_CLIENT_AUTH_ADD command.

Merge request reports

Loading