Refactor Tor process handling and use control port #4501
Comments
|
Approach ACK. I'm not sure about details, like:
Do you have writing permission there? I'm not sure probably yes, but it needs to be checked.
Using own Tor is good to make implementation & testing easier. Not sure whether it has downsides. @lontivero and @nopara73 may probably know more about this subject. |
The installer put the files there similarly like with hwi and bitcoind. From Wasabi we are not writing anything. |
It adds an extra Tor layer on torified OSs like Tails or Whonix. Nothing biggie. |
|
@kiminuo can you take this from here? |
|
Yes. |
|
Sources to research:
|
|
In this PR you can find a naive payjoin receiver implementation where I controlled Tor using the tor control port in order to create hidden services on the fly. About Torino, it allows to create/list/destroy hidden services, listen for all kind of events, measure the bandwidth used by circuit/stream/total, stop/pause tor, get info tor (version, PID, user, auth method, etc), reload configuration, change/save configuration, change the guards among other things. It doesn't support cookie authentication (the one we should use) but I think it is a two lines of code change.
This is not necessary because Tor will close automatically once the connection with the tor control port is closed. This is a very clever design and it is the behavior by default. |
Tor over Tor is discouraged by both Tor and Whonix developers. https://torproject.org/docs/faq.html.en#ChoosePathLength The TL;DR quotes:
A simple very bad example I can imagine is if, as sometimes happens, the onion service of the coordinator goes down and the clients start connecting to the clearnet site. In a Tor over Tor scenario a client could get his guard node also as exit node (the guard node of e.g., Whonix will turn out to be the same node used by Wasabi Tor as exit), which is kinda one of the worst possible thing for a Tor user. There are not many users that use torified OSs, and Wasabi uses mostly onion services (which should alleviate some of the problems), but those users should have the option to opt-out and not use the Wasabi Tor instance. |
I just took a bit of a look on how to do that, and my impression is that the "official" way to do this is as follows:
The main benefit of this approach seems to be that one can't run into already used port issues ever because the ports to be used are not hard coded, but tor instead can always pick some ports that are free. |
|
We should not use external Tor anymore, that leaves room for a bunch of issues. If we do that, then we can easily have control port. If we'll want to keep supporting external Tor, then that's problematic. |
|
Also guys a few years ago I wrote a Tor control port implementation and even a CodeProject tutorial for it, feel free to check it out. This is the Tor that eventually ended up in Wasabi. |
|
@davidanthoff yes, that's the way. In fact the process can be improved even a bit more:
|
|
@davidanthoff Do you plan to work on this? If so maybe kiminuo@43bb42d contains some useful bits too. |
|
btw: Does anyone know an answer for this: https://tor.stackexchange.com/questions/22342/how-to-correctly-read-the-control-port-when-tor-is-started-with-controlport-a/22380? @davidanthoff friendly ping :) |
|
@molnard Is there anything left to do or can we close it? |
|
Sorry for not responding, too much other stuff going on. I won't have the bandwidth to work on this. |
No problem. Thanks for chiming in anyway! I think this issue is solved now. Obviously, I have many ideas to improve it but the main task is done. Please re-open if I'm wrong. |
Is your feature request related to a problem?
Tor process handling was written in the early stages of the software. Since then a lot of stuff happened and it is time to revisit Tor handling and what can be done with the control port.
Concept of steps
Execute Tor from the installation directory instead of copying it to datadir. Similarly like we do with
hwiandbitcoind. Tor data-folder handled like before.Use custom ports, Wasabi should always run it's own Tor instance.
Use the control port to ask the Tor instance to quit.
Unleash the power of the control port, make optimizations if possible, like checking Tor status on control port instead of trying to figure out the problem by checking exceptions in WasabiSynchronizer.
The text was updated successfully, but these errors were encountered: