Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 316
    • Issues 316
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 36
    • Merge requests 36
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #26924
Closed
Open
Created Jul 24, 2018 by teor@teor

Make single onion service to rend and Tor2web to intro link authentication into a protocol warning

Single onion services and Tor2web connect directly to relays using untrusted link authentication keys.

These connections can cause a lot of warnings, particularly due to the link auth bugs in legacy/trac#26627 (moved).

We can either:

  • downgrade all link auth warnings to protocol warnings on single onion services and Tor2web (this is the fast fix)
  • taint untrusted link auth keys, and then downgrade connections using tainted keys to protocol warnings (this is very intrusive)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking