ADD_ONION assumes bitcoind to reside in hardcoded 127.0.0.1 #16693

issue henrikuittinen opened this issue on August 23, 2019
  1. henrikuittinen commented at 9:54 AM on August 23, 2019: none

    https://github.com/bitcoin/bitcoin/blob/d72758c3f6c34cd835f5de3efc230964f3b1ea56/src/torcontrol.cpp#L539

    If a user is running Tor proxy outside localhost (perhaps on other host inside LAN or in containerised environment) , the automatic creation of onion services ends up creating an onion service listening to hardcored 127.0.0.1 address on the Tor proxy's host instead of the private address of the bitcoind – effectively running an empty onion service listening the Tor proxy's localhost.

  2. fanquake added the label P2P on Aug 23, 2019
  3. emilengler commented at 5:02 PM on August 23, 2019: contributor

    Good point but do people actually run Tor outside? Everyone who really wants to protect his privacy through Tor would never do this

  4. henrikuittinen commented at 6:05 PM on August 23, 2019: none

    Good point but do people actually run Tor outside?

    I'd say it's relatively common to have a separate Tor proxy in your LAN somewhere, not necessarily on the same host. Especially if you're running several hidden services in separate containers or perhaps routing traffic of all your devices through torified Raspberry Pi, for example.

  5. sipa commented at 6:14 PM on August 23, 2019: member

    @henrikuittinen Sure, but how would you be using the Tor control interface in that case?

  6. henrikuittinen commented at 6:17 PM on August 23, 2019: none

    @henrikuittinen Sure, but how would you be using the Tor control interface in that case?

    Through -torcontrol=<ip>:<port> and -torpassword=<pass>. It connects perfectly and creates a hidden service, but assumes the bitcoind is in 127.0.0.1 – which is of course hardcoded at the moment.

  7. sipa commented at 6:17 PM on August 23, 2019: member

    Oh, interesting. That sounds like a bug.

  8. henrikuittinen commented at 6:27 PM on August 23, 2019: none

    Yeah, it's right here: https://github.com/bitcoin/bitcoin/blob/d72758c3f6c34cd835f5de3efc230964f3b1ea56/src/torcontrol.cpp#L539

    I reckon instead of hardcoding 127.0.0.1 it should take in GetBindAddress().

  9. meeDamian commented at 5:03 PM on May 3, 2020: contributor

    Wow, I've spent so much time trying to figure out why the bitcoind I run in a container doesn't want to work with Tor on host, and inventing dirty hacks to go around that 😬. Needless to say, glad this issue exists :).

  10. MDrollette cross-referenced this on May 21, 2020 from issue torcontrol: add -tortarget config by MDrollette
  11. kristapsk cross-referenced this on Jul 29, 2020 from issue .onion address doesn't work when bitcoin is trying to call TOR from another host by nolim1t
  12. hebasto commented at 11:12 AM on September 28, 2020: member

    @henrikuittinen Mind testing #19991?

  13. hebasto cross-referenced this on Sep 28, 2020 from issue net: Use alternative port for incoming Tor connections by hebasto
  14. henrikuittinen commented at 8:15 PM on September 28, 2020: none

    @henrikuittinen Mind testing #19991?

    Unfortunately I don't have this setup anymore. Thanks for the PR though!

  15. laanwj closed this on Oct 2, 2020
  16. sidhujag referenced this in commit 9d14195e7b on Oct 4, 2020
  17. bitcoin locked this on Feb 15, 2022
Contributors
henrikuittinenemilenglersipameeDamianhebasto
Labels
P2P
Linked (view graph)
#19043 torcontrol: add -tortarget config#19618 .onion address doesn't work when bitcoin is trying to call TOR from another host#19991 net: Use alternative port for incoming Tor connections
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-20 06:54 UTC