Re: [Tails-dev] Tails control port filter proxy in Whonix?

Nachricht löschen

Nachricht beantworten
Autor: Patrick Schleizer
Datum:  
To: tails-dev, Whonix-devel
Betreff: Re: [Tails-dev] Tails control port filter proxy in Whonix?
Happy to report, that a few profiles have been successfully written.
That are using Whonix forked config parsing code.

They are now living here:

-
https://github.com/Whonix/control-port-filter-python/tree/master/usr/share/tor-controlport-filter/examples

There is one for onionshare, one for ricochet as well as one for
ZeroNet. So onionshare and ricochet will most likely run fine in the
next version of Whonix, Whonix 14.

I am impressed by the rewrite functionalities which are a blessing.
Ricochet does something rather ugly, requesting several GETINFO status
at once.

GETINFO status/circuit-established status/bootstrap-phase
net/listeners/socks

With Tails control port filter proxy, these are elegantly rewritten.

    GETINFO:
      - pattern: 'status/circuit-established status/bootstrap-phase
net/listeners/socks'
        response:
        - pattern:     '250-status/bootstrap-phase=*'
          replacement: '250-status/bootstrap-phase=NOTICE BOOTSTRAP
PROGRESS=100 TAG=done SUMMARY="Done"'
        - pattern:     '250-net/listeners/socks=".*"'
          replacement: '250-net/listeners/socks="127.0.0.1:9150"'


The ZeroNet profile latter however might require some more hackery. Or
fixes in ZeroNet or fixes in the control port filter proxy. This is
probably because ZeroNet has custom code for Tor control protocol
authentication. Not using python-stem. ZeroNet works when having a
direct Tor control connection but not through the control port filter proxy.

- https://github.com/HelloZeroNet/ZeroNet/blob/master/src/Tor/TorManager.py

Reported two issues.

- https://github.com/HelloZeroNet/ZeroNet/issues/756
- https://github.com/HelloZeroNet/ZeroNet/issues/758

Best regards,
Patrick