Hidden service regexes
ageis opened this issue · 4 comments
server_name
%ONION_ADDRESS%
~^(?<servernamesubdomain>([-0-9a-z]+\\.)+)%ONION_ADDRESS_RE2%$
;
eotk/templates.d/nginx.conf.txt
Line 524 in 8c040ed
I assume the dashes before 0 are because of subdomains?
However, this regex is wrong. The official Tor regex (for v2 HSes) is [a-z2-7]{16}\.onion
No 1s, 8s or 9s.
Also the {16} will be absolute with v3, which has 56 chars. Do we have the regex for that yet?
I see you have the v1+v2 address regex correct here: https://github.com/alecmuffett/eotk/blob/master/templates.d/nginx.conf.txt#L620
Hi Kevin!
That regular expression does not do what you think it does; it captures loosely-matched DNS-compliant (ie: I am not enforcing syntax checks / leading alphanumeric) hostnames (eg: "www.") and/or hostname+domainname (eg: "www.test.") and captures those to the servernamesubdomain variable.
You will note elsewhere in the code the onion-matching regexp:
\\b[a-z2-7]{16}(?:[a-z2-7]{40})?\\.onion\\b
I invite you to consider what 16 + 40, equals. :-)
However, this is all prettymuch moot until both STEM and OnionBalance get v3 support, hence this code is not functional nor supported, yet. See #23 for details.
Debugging tip: sometimes it's more clear to build a disposable configuration and see how the template finally renders, which should make matters more clear:
v3 onions always end with a "d", so \\b[a-z2-7]{16}(?:[a-z2-7]{39}d)?\\.onion\\b might be a better fit.
closing as not relevant