When using NSS, connection to onion service closed when sending data to client
Tor built from master branch (1eec42de) appears to close the connection when sending data from the onion service to the client.
Setup
client:
$ tor --version
Tor version 0.4.5.4-rc
$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
server:
$ tor --version
Tor version 0.4.6.0-alpha-dev (git-1eec42dee4aa3c07).
Tor is running on Linux with Libevent 2.1.8-stable, NSS 3.42.1, Zlib 1.2.11, Liblzma 5.2.4, Libzstd 1.3.8 and Glibc 2.28 as libc.
Tor compiled with GCC version 8.3.0
$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
Relevant server configuration:
ClientUseIPv6 1
ClientPreferIPv6ORPort 1
Sandbox 1
NoExec 1
KeepBindCapabilities 0
ClientOnionAuthDir /var/lib/tor/client_auth
# Default Hidden Service
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServiceVersion 3
HiddenServicePort 22
Issue
I can reproduce the issue connecting via SSH to the onion service:
ssh tessa.arbitrary.onion cat /dev/urandom |wc -c
Connection to lkb3yqplxb3gqreiuxcuvm3l4vyianr63ekyf7t4wrxfn5e3bdangzyd.onion closed by remote host.
16384
With info logging the connection is usually aborted after 16384 bytes as shown above. With debug logging the timing appears to differ and usually more data can be transferred sometimes without the connection be aborted at all. The issue doesn't happen when transferring data from the client to the server.