Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tails interop issue - useless use of IPv6 #2840

Closed
agb19 opened this issue May 17, 2019 · 1 comment

Comments

Projects
None yet
1 participant
@agb19
Copy link
Contributor

commented May 17, 2019

Summary: on Tails, Bisq is difficult to use due to a JVM misconfiguration causing Bisq to use an IPv6 socket to connect to IPv4 address 127.0.0.1, which is unsupported.

Background
The Tails live OS uses a Tor control protocol sanitizer called onion-grater, which acts as a proxy between the user applications and the Tor control port and restricts the Tor control commands to a limited subset defined on a per-application basis. The onion-grater daemon listens on localhost port 9051 and passes the commands to the real Tor control port, which on Tails is set to 9052. An application requiring access to the Tor control port should connect to port 9051 and expect to be allowed to operate within the limits defined in a per-application file located in /etc/onion-grater.d/ (usually supplied as part of the application package). This is realized by matching the TCP connection to PID to executable via the psutil package.
See for details:
https://github.com/Whonix/onion-grater/blob/f01a889cb97a6afb86044407e307fc819aae7f7e/usr/lib/onion-grater#L162

Details:
When Bisq opens the connection to the Tor control port, it first queries the loopback address - (actually this happens in the netlayer library):
https://github.com/JesusMcCloud/netlayer/blob/3467ae96d1abd834246e6c3629b16e16f6c38cdc/tor.external/src/main/kotlin/org/berndpruenster/netlayer/tor/ExternalTor.kt#L32

Depending on the JVM settings and the local IP configuration, this may return an IPv6 address (::1), an IPv4 address (127.0.0.1) or an IPv4-in-IPv6-format (::ffff:127.0.0.1). In the case of Bisq on Tails, it's the third case.

Bisq then proceeds to open the Tor control connection using IPv6 formatting, to the IPv4 address. This causes the connection to be represented in the kernel using IPv6 format. However, from onion-grater's perspective, the connection is still IPv4.
For this reason, the connection-to-PID matching fails in onion-grater and Bisq is denied access.

Steps to reproduce
Bisq version: 1.1.1 installed from .deb
OS: Tails 3.13.2 (Debian 9)

  • boot up Tails with administration password enabled
  • download and install the Bisq DEB:
    sudo dpkg -i Bisq-64bit-1.1.1.deb
  • start up Bisq using onion-grater control port:
    /opt/Bisq/Bisq --torControlPort=9051

Expected result
Communication should be attempted, and fail immediately with a loud, informative error message due to incorrect permissions in onion-grater (separate issue, see #2841).

Actual result
Communication is attempted in the background with no visible progress (UI shows "1/4 Connecting to Tor network..."), and times out after 4 minutes.

May-17 05:10:57.819 [NetworkNode-9999] INFO  b.n.p2p.network.RunningTor: Connecting to running tor 
May-17 05:14:57.800 [JavaFX Application Thread] WARN  bisq.core.app.BisqSetup: startupTimeout called 

Impact
Normal Tails users will find it impossible to use Bisq via the builtin onion-grater and instead will seek awkward workarounds as per #2278 etc , which bypass multiple Tails security protections and create unnecessary risk.

Notes and possible fix
This is technically not a bug in any of the affected packages, it's an interop issue that can be fixed in several ways; the easiest way just happens to be via Bisq.
What fixed the problem for me was adding a line in the [JVMOptions] section of /opt/Bisq/app/Bisq.cfg:
-Djava.net.preferIPv4Stack=true

This change caused Bisq to use pure IPv4 sockets for Tor control and communicate with onion-grater as designed. There don't seem to be any regressions and the previous setting appears to be default rather than deliberate.

In conjunction with a configuration file in /etc/onion-grater.d (issue #2841), this enabled me to run Bisq on Tails as an unprivileged user and without requiring any of the workarounds from #2278

@agb19

This comment has been minimized.

Copy link
Contributor Author

commented Jun 3, 2019

Fixed by merged PR #2862

@agb19 agb19 closed this Jun 3, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.