Project

General

Profile

Feature #9001

Onion Circuits should connect via the Tor control port filter

Added by intrigeri almost 5 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
03/03/2015
Due date:
% Done:

100%

Feature Branch:
feature/7870-include_onionshare
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Onion Circuits

Description

One of my main motivations to remove Vidalia is to get rid of this "one X application has full control over Tor" situation, so it would be good if Tor Monitor was only allowed to get the information it needs, as opposed to being allowed to do everything such as configure a well-chosen set of M attacker-controlled bridges and de-anonymize the user (with precision = N bits, given N total bridges controlled by the attacker).

As of 20150220, Tor Monitor directly uses:

  • GETINFO circuit-status
  • GETINFO stream-status
  • GETINFO ip-to-country

It also uses Stem, that probably sends more control commands to Tor.


Related issues

Related to Tails - Bug #9366: Is user separation enough to hide Tor state from Vidalia? Resolved 05/09/2015
Related to Tails - Bug #9365: Evaluate consequences of full Tor circuit/stream state and restrict it as needed Confirmed 05/09/2015
Related to Tails - Feature #8927: Replicate Vidalia's ability to close arbitrary circuits Confirmed 02/21/2015
Related to Tails - Feature #6742: Make tor-controlport-filter reusable Resolved 02/21/2014
Related to Tails - Feature #11542: Evaluate using roflcoptor as Tor control port filter Resolved 06/23/2016
Related to Tails - Feature #11826: Evaluate using Whonix' control-port-filter-python as Tor control port filter Resolved 09/22/2016
Duplicated by Tails - Feature #10058: Filter TorMonitor access to tor control socket Duplicate 08/17/2015
Blocks Tails - Bug #11197: Onion Circuits is not read by Orca Resolved 03/07/2016

Associated revisions

Revision e3963d1d (diff)
Added by anonym about 3 years ago

Make onioncircuits use the filtered control port.

Will-fix: #9001

Revision 1a3c62b9
Added by intrigeri almost 3 years ago

Merge remote-tracking branch 'origin/feature/7870-include_onionshare' into devel

Fix-committed: #7870, #6742, #6788, #9001

History

#1 Updated by intrigeri almost 5 years ago

  • Affected tool set to Tor Monitor

#2 Updated by intrigeri almost 5 years ago

  • Description updated (diff)

#3 Updated by intrigeri over 4 years ago

  • Related to Bug #9366: Is user separation enough to hide Tor state from Vidalia? added

#4 Updated by alant about 4 years ago

  • Parent task set to #6842

To get the conversation between TorMonitor and the Tor daemon: sudo socat -v UNIX-LISTEN:/tmp/tor-control-copy UNIX-CONNECT:/var/run/tor/control.

Currently TorMonitor uses:

- PROTOCOLINFO
- AUTHCHALLENGE SAFECOOKIE
- AUTHENTICATE
- SETEVENTS
- GETCONF __owningcontrollerprocess
- GETINFO version
- SETEVENTS SIGNAL
- SETEVENTS CONF_CHANGED SIGNAL STREAM CIRC
- GETINFO circuit-status
- GETINFO stream-status
- GETCONF usemicrodescriptors
- GETINFO ip-to-country/*
- GETINFO ns/id/*

#5 Updated by alant about 4 years ago

#6 Updated by alant about 4 years ago

  • Duplicated by Feature #10058: Filter TorMonitor access to tor control socket added

#7 Updated by alant about 4 years ago

  • Assignee deleted (alant)

I'd like help on this task, so deassigning from me to make it clear it looks for a taker (I'm still in charge of #9582 which is blocked by this one).

#8 Updated by alant about 4 years ago

  • Parent task deleted (#6842)

#9 Updated by alant about 4 years ago

#10 Updated by alant about 4 years ago

  • Parent task set to #9582

#11 Updated by intrigeri almost 4 years ago

  • Subject changed from Tor Monitor should connect via the Tor control port filter to Onion Circuits should connect via the Tor control port filter

#12 Updated by intrigeri almost 4 years ago

  • Parent task deleted (#9582)
  • Affected tool changed from Tor Monitor to Onion Circuits

Let's not make it block #9582 as even if we haven't this, it's not a regression compared to Vidalia (and yay, if we don't do this now then likely it won't ever be done, but well, I can live with it or fix it myself I guess).

#13 Updated by intrigeri almost 4 years ago

  • Related to Bug #9365: Evaluate consequences of full Tor circuit/stream state and restrict it as needed added

#14 Updated by sajolida almost 4 years ago

  • Related to Feature #8927: Replicate Vidalia's ability to close arbitrary circuits added

#15 Updated by intrigeri almost 4 years ago

  • Related to Feature #6742: Make tor-controlport-filter reusable added

#16 Updated by anonym almost 4 years ago

alant wrote:

To get the conversation between TorMonitor and the Tor daemon: sudo socat -v UNIX-LISTEN:/tmp/tor-control-copy UNIX-CONNECT:/var/run/tor/control.

Currently TorMonitor uses:

- PROTOCOLINFO
- AUTHCHALLENGE SAFECOOKIE
- AUTHENTICATE
- SETEVENTS
- GETCONF __owningcontrollerprocess
- GETINFO version
- SETEVENTS SIGNAL
- SETEVENTS CONF_CHANGED SIGNAL STREAM CIRC
- GETINFO circuit-status
- GETINFO stream-status
- GETCONF usemicrodescriptors
- GETINFO ip-to-country/*
- GETINFO ns/id/*

Allowing only these should be possible using Whonix' fork of our control port filter, control-port-filter-python (docs). In Git it has support for globs, needed for (at least) the last two GETINFO commands.

Also, it handles concurrent connections, so the same filter can probably be used for the Tor Browser's circuit view.

#17 Updated by intrigeri over 3 years ago

  • Blocks Bug #11197: Onion Circuits is not read by Orca added

#18 Updated by sajolida over 3 years ago

  • Related to Feature #11542: Evaluate using roflcoptor as Tor control port filter added

#19 Updated by intrigeri about 3 years ago

  • Related to Feature #11826: Evaluate using Whonix' control-port-filter-python as Tor control port filter added

#20 Updated by anonym about 3 years ago

  • Status changed from Confirmed to In Progress

#21 Updated by anonym almost 3 years ago

  • Assignee set to intrigeri
  • Target version set to Tails 2.10
  • % Done changed from 0 to 50
  • QA Check set to Ready for QA
  • Feature Branch set to feature/7870-include_onionshare

#22 Updated by intrigeri almost 3 years ago

  • Status changed from In Progress to 11
  • % Done changed from 50 to 100

#23 Updated by intrigeri almost 3 years ago

  • Assignee deleted (intrigeri)
  • QA Check changed from Ready for QA to Pass

#24 Updated by anonym almost 3 years ago

  • Status changed from 11 to Resolved

Also available in: Atom PDF