Skip to content

ONION_CLIENT_AUTH_ADD does not have an error-code specified if caller tries to add too many clients

Summary

So currently the number of allowed authenticated clients an onion service can have is roughly sizeof(onion service descriptor) / sizeof(client auth data) This currently comes out to 32'ish authenticated clients (per @dgoulet on IRC) but this value is technically configurable and could change in the future.

What is the expected behavior?

If a tor controller attempts to add an authenticated client, but there is no more space, an error code that can be handled should be returned by the ONION_CLIENT_AUTH_ADD command.

ONION_CLIENT_AUTH_ADD spec: https://gitweb.torproject.org/torspec.git/tree/control-spec.txt#n1901

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information