search

meejah / txtorcon

Twisted-based asynchronous Tor control protocol implementation. Includes unit-tests, examples, state-tracking code and configuration abstraction.
http://fjblvrw2jrxnhtg67qpbzi45r7ofojaoo3orzykesly2j3c2m3htapid.onion/
MIT License
250 stars 72 forks source link

Some hiddenServiceDirs don't make sense when passed directly through to the Tor configuration. #77

Closed dreid closed 10 years ago

dreid commented 10 years ago

I've found a few cases where hiddenServiceDir being passed through to the underlying tor configuration causes a violent crash with very few clues as to what the problem is.

An example with a ~/ path:

↪︎ twistd -n web --port "onion:80:hiddenServiceDir=~/hs" --path ~/Public
2014-06-16 12:19:04-0700 [-] Log opened.
2014-06-16 12:19:04-0700 [-] twistd 14.0.0 (/Users/dreid/.virtualenvs/tempenv-15f922967276f/bin/python 2.7.5) starting up.
2014-06-16 12:19:04-0700 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2014-06-16 12:19:04-0700 [-] (TCP Port 65116 Closed)
2014-06-16 12:19:04-0700 [-] Config was unsaved when launch_tor() called; calling save().
2014-06-16 12:19:04-0700 [-] Spawning tor process with DataDirectory /var/folders/fb/bfn8yfln3_d_3bb8r1h_yhkc0000gn/T/tortmpcJpG5f
2014-06-16 12:19:06-0700 [TorControlProtocol,client] 10% Finishing handshake with directory server
2014-06-16 12:19:06-0700 [TorControlProtocol,client] 15% Establishing an encrypted directory connection
2014-06-16 12:19:07-0700 [TorControlProtocol,client] 20% Asking for networkstatus consensus
2014-06-16 12:19:07-0700 [TorControlProtocol,client] 25% Loading networkstatus consensus
2014-06-16 12:19:11-0700 [TorControlProtocol,client] 40% Loading authority key certs
2014-06-16 12:19:11-0700 [TorControlProtocol,client] 45% Asking for relay descriptors
2014-06-16 12:19:13-0700 [TorControlProtocol,client] 50% Loading relay descriptors
2014-06-16 12:19:13-0700 [TorControlProtocol,client] 51% Loading relay descriptors
2014-06-16 12:19:13-0700 [TorControlProtocol,client] 53% Loading relay descriptors
2014-06-16 12:19:13-0700 [TorControlProtocol,client] 55% Loading relay descriptors
2014-06-16 12:19:13-0700 [TorControlProtocol,client] 57% Loading relay descriptors
2014-06-16 12:19:13-0700 [TorControlProtocol,client] 59% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 61% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 63% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 64% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 66% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 68% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 70% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 72% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 74% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 76% Loading relay descriptors
2014-06-16 12:19:14-0700 [TorControlProtocol,client] 78% Loading relay descriptors
2014-06-16 12:19:19-0700 [TorControlProtocol,client] 80% Connecting to the Tor network
2014-06-16 12:19:19-0700 [TorControlProtocol,client] 90% Establishing a Tor circuit
2014-06-16 12:19:20-0700 [TorControlProtocol,client] 100% Done
2014-06-16 12:19:20-0700 [TorControlProtocol,client] Site starting on 65123
2014-06-16 12:19:20-0700 [TorControlProtocol,client] Starting factory <twisted.web.server.Site instance at 0x10cc06128>
2014-06-16 12:19:20-0700 [-] unexpected error in processEnded
    Traceback (most recent call last):
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/process.py", line 910, in maybeCallProcessEnded
        self.reapProcess()
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/process.py", line 312, in reapProcess
        self.processEnded(status)
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/_baseprocess.py", line 51, in processEnded
        self.maybeCallProcessEnded()
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/process.py", line 912, in maybeCallProcessEnded
        _BaseProcess.maybeCallProcessEnded(self)
    --- <exception caught here> ---
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/_baseprocess.py", line 63, in maybeCallProcessEnded
        proto.processEnded(Failure(reason))
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/txtorcon/torconfig.py", line 179, in processEnded
        self.connected_cb.errback(err)
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/defer.py", line 423, in errback
        self._startRunCallbacks(fail)
      File "/Users/dreid/.virtualenvs/tempenv-15f922967276f/lib/python2.7/site-packages/twisted/internet/defer.py", line 483, in _startRunCallbacks
        raise AlreadyCalledError
    twisted.internet.defer.AlreadyCalledError:

I assume this is because the value is passed directly through to the tor configuration file and Tor doesn't know how to expand these paths.

Other things that fail are relative paths with more than one segment: foo/bar.

Relative paths with one segment fail in a slightly different way: 

↪︎ twistd -n web --port "onion:80:hiddenServiceDir=foo" --path ~/Public
2014-06-16 12:27:32-0700 [-] Log opened.
2014-06-16 12:27:32-0700 [-] twistd 14.0.0 (/Users/dreid/.virtualenvs/tempenv-15f922967276f/bin/python 2.7.5) starting up.
2014-06-16 12:27:32-0700 [-] reactor class: twisted.internet.selectreactor.SelectReactor.
2014-06-16 12:27:32-0700 [-] (TCP Port 65208 Closed)
2014-06-16 12:27:32-0700 [-] Config was unsaved when launch_tor() called; calling save().
2014-06-16 12:27:32-0700 [-] Spawning tor process with DataDirectory /var/folders/fb/bfn8yfln3_d_3bb8r1h_yhkc0000gn/T/tortmp3brmZ8
2014-06-16 12:27:33-0700 [TorControlProtocol,client] 10% Finishing handshake with directory server
2014-06-16 12:27:37-0700 [TorControlProtocol,client] 15% Establishing an encrypted directory connection
2014-06-16 12:27:38-0700 [TorControlProtocol,client] 20% Asking for networkstatus consensus
2014-06-16 12:27:38-0700 [TorControlProtocol,client] 25% Loading networkstatus consensus
2014-06-16 12:27:48-0700 [TorControlProtocol,client] 40% Loading authority key certs
2014-06-16 12:27:49-0700 [TorControlProtocol,client] 45% Asking for relay descriptors
2014-06-16 12:27:50-0700 [TorControlProtocol,client] 50% Loading relay descriptors
2014-06-16 12:27:50-0700 [TorControlProtocol,client] 51% Loading relay descriptors
2014-06-16 12:27:50-0700 [TorControlProtocol,client] 53% Loading relay descriptors
2014-06-16 12:27:50-0700 [TorControlProtocol,client] 55% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 57% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 59% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 61% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 63% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 65% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 67% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 68% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 70% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 72% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 74% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 76% Loading relay descriptors
2014-06-16 12:27:51-0700 [TorControlProtocol,client] 78% Loading relay descriptors
2014-06-16 12:27:56-0700 [TorControlProtocol,client] 80% Connecting to the Tor network
2014-06-16 12:27:56-0700 [TorControlProtocol,client] 90% Establishing a Tor circuit
2014-06-16 12:27:57-0700 [TorControlProtocol,client] 100% Done
2014-06-16 12:27:57-0700 [TorControlProtocol,client] Site starting on 65219
2014-06-16 12:27:57-0700 [TorControlProtocol,client] Starting factory <twisted.web.server.Site instance at 0x1012c0128>
2014-06-16 12:27:57-0700 [TorControlProtocol,client] Started hidden service "None" on port 80
2014-06-16 12:27:57-0700 [TorControlProtocol,client] Keys are in "foo".

This causes a directory foo to be created under the DataDirectory, which is a valid hidden service directory unfortunately txtorcon no longer knows about it and can't display the hostname in the output. Also it now gets destroyed when the reactor is shut down, which seems to defeat the purpose of specifying your own hiddenServiceDir.

It'd be nice if txtorcon could resolve relative and ~ paths.

meejah commented 10 years ago

Great, thanks for the report! Yes, making sure the path is a normalized before subjecting Tor to it is a great idea.

meejah commented 10 years ago

Also, yes the launching code is supposed to not delete the directory if it was user-specified...Hopefully this is just an artifact of the two-segment relative paths "not working", but I should also test that.

meejah commented 10 years ago

I think the "foo" directory getting destroyed was from Tor; with the relative paths, it got itself into a bad state and exited. This wasn't getting logged (it is now), and txtorcon also creates the directory if you specify a non-existent one using hiddenServiceDir.

meejah commented 10 years ago

Please re-open if you find it doesn't work for you. thanks!