Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tor null auth and listen fixes #2490

Merged

Conversation

@aakselrod
Copy link
Contributor

@aakselrod aakselrod commented Jan 17, 2019

This PR should fix #2388 and #2176 in the following ways:

  • allowing NULL authentication when attempting to create a hidden service automatically
  • when automatic hidden service configuration is disabled, defaulting to listening on localhost and allowing manual override for manual or alternative hidden service configuration

This allows lnd to work better in environments where the Tor daemon lives on a different machine, such as Whonix or OnionPi, and where certain Tor control protocol requests and responses are filtered.

Fixes #2388
Fixes #2176

@aakselrod aakselrod requested a review from wpaulino Jan 17, 2019
@qubenix
Copy link

@qubenix qubenix commented Jan 17, 2019

Awesome of you to work on this! I'm just testing this out on Whonix.

For me the null auth fix worked, but I'm still running into an issue listening on something other than localhost.

user@host:~$ lnd
lnd must *only* be listening on localhost when running with Tor inbound support enabled

I think it may have to do with these lines:

lnd/config.go

Lines 950 to 962 in 570b60e

// Ensure that we are only listening on localhost if Tor inbound support
// is enabled.
if cfg.Tor.V2 || cfg.Tor.V3 {
for _, addr := range cfg.Listeners {
if lncfg.IsLoopback(addr.String()) {
continue
}
return nil, errors.New("lnd must *only* be listening " +
"on localhost when running with Tor inbound " +
"support enabled")
}
}

@aakselrod
Copy link
Contributor Author

@aakselrod aakselrod commented Jan 18, 2019

@qubenix, I think you might be correct. You can work around it by manually configuring the hidden service for now, and I'll fix the other issue momentarily.

aakselrod added 2 commits Jan 17, 2019
This change allows the Tor controller to request hidden service
configuration over unauthenticated Tor control ports, such as used
in Whonix.
When Tor is enabled, this change allows manual hidden service
configuration by defaulting to listening for p2p connections on
the loopback address. It also allows overriding this manually
for situations where the Tor daemon is running on another machine,
such as when using Whonix or OnionPi-like systems.
@aakselrod aakselrod force-pushed the aakselrod:tor-null-auth-and-listen-fixes branch from 570b60e to 66a1502 Jan 19, 2019
@aakselrod
Copy link
Contributor Author

@aakselrod aakselrod commented Jan 19, 2019

I've made the fix and rebased. I tested this on my Whonix system with a brand new lnd installation and was able to successfully auto-create a v3 service (with a new onion-grater merge file for the lnd request) while listening on eth0.

@qubenix
Copy link

@qubenix qubenix commented Jan 19, 2019

Tested ACK: 288870f 66a1502

@NicolasDorier
Copy link
Contributor

@NicolasDorier NicolasDorier commented Mar 12, 2019

Concept ACK, I needed this.

if len(cfg.RawListeners) == 0 {
addr := fmt.Sprintf(":%d", defaultPeerPort)
if cfg.Tor.Active {
addr = fmt.Sprintf("localhost:%d", defaultPeerPort)

This comment has been minimized.

@NicolasDorier

NicolasDorier Mar 14, 2019
Contributor

I don't think it makes sense.

I want to use Tor with LND as an alternative way for people to connect to me, not as an exclusive way.

This comment has been minimized.

@wpaulino

wpaulino Mar 15, 2019
Collaborator

This will only happen if you don't explicitly set the listen flag. It can be overridden.

@tzarebczan
Copy link

@tzarebczan tzarebczan commented Mar 15, 2019

I'm running into this same problem...anyone have a windows build to test this out?

Copy link
Collaborator

@wpaulino wpaulino left a comment

LGTM 🎲

Copy link
Member

@Roasbeef Roasbeef left a comment

LGTM 💣

@Roasbeef Roasbeef merged commit b4a1024 into lightningnetwork:master Mar 15, 2019
1 of 2 checks passed
1 of 2 checks passed
coverage/coveralls Coverage decreased (-0.006%) to 56.304%
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@tzarebczan
Copy link

@tzarebczan tzarebczan commented Mar 15, 2019

Awesome @Roasbeef, can't wait to try this out!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

6 participants