Miguel Jacq <m...@mig5.net> writes: > Hi George, > > On Wed, Jun 17, 2020 at 12:37:18PM +0300, George Kadianakis wrote: >> >> Hmm, this is a bit embarassing for both of us, but if I'm not mistaken >> ONION_CLIENT_AUTH_ADD only controls the client-side of client auth >> credentials. This is not obvious at all by the command name, and it only >> becomes a bit clearer by reading the control-spec.txt... >> >> We added that control port command so that the browser could present a >> UX for client authorization. > > Ahahahah. Riiight, thanks for that clarification. This whole time I indeed > thought this was a novel way for adding Client Auth for v3 onions via the > control port. > > I had been reading the rend-spec-v3 > https://github.com/torproject/torspec/blob/master/rend-spec-v3.txt > > G.2.1 'Service side' says '[XXX figure out control port command format]' and > I figured it just hadn't been updated to reflect the new command. I hadn't > even thought to read the control spec.. > >> >> AFAIK there is no control port command for adding service-side client >> auth credentials. You will need to do this using the filesystem by using >> the '<HiddenServiceDir>/authorized_clients/' directory as displayed by >> the "CLIENT AUTHORIZATION" section of the manual... Or you will need to >> implement the control port commands in tor :/ >> >> Sorry for the sad news here....... :/ > > Okay, thanks for all the clarification. Indeed, OnionShare uses purely > ephemeral onions, so the standard filesystem method won't work (unless we > switch to that). >
Right.... Seems like v2 supports adding client auth credentials through the control port using the ADD_ONION command, but that's not the case for v3... Just a simple matter of programming as always ;) _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev