-
Notifications
You must be signed in to change notification settings - Fork 2.2k
Tor null auth and listen fixes #2490
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tor null auth and listen fixes #2490
Conversation
Awesome of you to work on this! I'm just testing this out on Whonix. For me the null auth fix worked, but I'm still running into an issue listening on something other than localhost. user@host:~$ lnd
lnd must *only* be listening on localhost when running with Tor inbound support enabled I think it may have to do with these lines: https://github.com/lightningnetwork/lnd/blob/570b60e75b2822fc737b46a223c944ceadfedaab/config.go#L950-L962 |
@qubenix, I think you might be correct. You can work around it by manually configuring the hidden service for now, and I'll fix the other issue momentarily. |
This change allows the Tor controller to request hidden service configuration over unauthenticated Tor control ports, such as used in Whonix.
When Tor is enabled, this change allows manual hidden service configuration by defaulting to listening for p2p connections on the loopback address. It also allows overriding this manually for situations where the Tor daemon is running on another machine, such as when using Whonix or OnionPi-like systems.
570b60e
to
66a1502
Compare
I've made the fix and rebased. I tested this on my Whonix system with a brand new |
Concept ACK, I needed this. |
if len(cfg.RawListeners) == 0 { | ||
addr := fmt.Sprintf(":%d", defaultPeerPort) | ||
if cfg.Tor.Active { | ||
addr = fmt.Sprintf("localhost:%d", defaultPeerPort) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it makes sense.
I want to use Tor with LND as an alternative way for people to connect to me, not as an exclusive way.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will only happen if you don't explicitly set the listen
flag. It can be overridden.
I'm running into this same problem...anyone have a windows build to test this out? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🎲
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 💣
Awesome @Roasbeef, can't wait to try this out! |
This PR should fix #2388 and #2176 in the following ways:
This allows
lnd
to work better in environments where the Tor daemon lives on a different machine, such as Whonix or OnionPi, and where certain Tor control protocol requests and responses are filtered.Fixes #2388
Fixes #2176