Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tor control channel #4802

Merged
merged 24 commits into from
Sep 17, 2020
Merged

Tor control channel #4802

merged 24 commits into from
Sep 17, 2020

Conversation

riastradh-brave
Copy link
Contributor

@riastradh-brave riastradh-brave commented Mar 2, 2020

Resolves brave/brave-browser#359
Resolves brave/brave-browser#649
Resolves brave/brave-browser#1113

Tor control channel spec:
https://gitweb.torproject.org/torspec.git/plain/control-spec.txt

This PR implements access to the Tor control socket, which lets us monitor the status of the tor daemon and control it without restarting it. This is a necessary step for brave/brave-browser#649, as well as getting the progress bar that browser-laptop used to have, along with other amenities like displaying where the exit nodes you're using are.
Also it improves tor crashes or tor launcher crashes with cleanup method before launch.

Work to do before merge:

  • Finish management of event subscriptions.
  • Monitor bootstrap progress, network liveness, and circuit establishment events.
  • Get the SOCKS proxy port from the tor daemon.
  • Work out how to change the SOCKS proxy configuration driven by what the tor daemon says, rather than choosing it up front and telling both the profile and the daemon what to use.

Follow-up issues:

  1. More tests for these new codes Add more tests for TorLauncherFactory and TorControl brave-browser#11759
  2. Switch to a local socket (file system namespace) instead of an IP loopback socket (127.0.0.1 namespace) as in Use a local socket for tor socks proxy and control channel where available brave-browser#650.
  3. Incorporate output from GETINFO VERSION somewhere, perhaps in brave://version or in brave://tor as in Expose Tor log in brave://tor brave-browser#8106.

Submitter Checklist:

Test Plan:

OS-chosen port for tor

  1. Open Tor window
  2. Check tor listen port number
    On Mac and Linux: lsof -nP -iTCP -sTCP:LISTEN
    On Windows: netstat -ano -p tcp -b (requires admin privileges because of -b)
    There are two port, one is control port (which should be same as user_dir/tor/watch/controlport) another is what we really care about. (should not be 9250, 9260, 9270, 9280, or 9290)
  3. Close Tor window
  4. Open Tor window
  5. Check tor listen port again which should be different than step 2

Tor initialization progress indicator

  1. Launch Brave with clean profile (so we can see longer init progress)
  2. Open tor window and paste https://check.torproject.org/ immediately
  3. The request shouldn't get through (tab keeps spinning)
  4. There will tor initialization progress on NTP
  5. When tor is connected to tor network, the previous request will continue and we should see connected to Tor network on https://check.torproject.org/
    tor-NTP

Tor process crash handling

  1. Open Tor window
  2. Kill tor progress (it looks like this, tor-VERSION-PLATFORM-brave-REVISION, eg tor-0.3.5.11-darwin-brave-0)
  3. There will be a new tor process launched in 1s
  4. Go back to tor window and go to https://check.torproject.org/, it should be connected to tor network

Tor launcher crash handling

  1. Open Tor window
  2. Go to https://check.torproject.org/
  3. Open Brave's Task Manager and kill Tor Launcher

Screen Shot 2020-08-31 at 10 07 36

  1. Go back to tor window and go to https://check.torproject.org/, it should be connected to tor network ((MacOS & Windows only, on Linux tor process will be killed when Tor Launcher dies)
  2. Close Tor window and open a new tor window
  3. Open Brave's Task Manager and check Tor Launcher is there with a new pid
  4. Go to https://check.torproject.org/, it should be connected to tor network

Reviewer Checklist:

  • New files have MPL-2.0 license header.
  • Request a security/privacy review as needed.
  • Adequate test coverage exists to prevent regressions
  • Verify test plan is specified in PR before merging to source

After-merge Checklist:

  • The associated issue milestone is set to the smallest version that the
    changes has landed on.
  • All relevant documentation has been updated.

@darkdh darkdh force-pushed the riastradh-torcontrol-v2 branch from 88f5bdf to f0f8170 Compare July 30, 2020 21:35
@darkdh darkdh self-assigned this Aug 6, 2020
@darkdh darkdh force-pushed the riastradh-torcontrol-v2 branch 4 times, most recently from d7f8272 to 54647a3 Compare August 11, 2020 18:53
@darkdh darkdh force-pushed the riastradh-torcontrol-v2 branch 6 times, most recently from 7a8c911 to 137c310 Compare August 26, 2020 19:41
@darkdh darkdh force-pushed the riastradh-torcontrol-v2 branch 3 times, most recently from 72d7c33 to 7c2cfe7 Compare August 29, 2020 01:48
@darkdh darkdh marked this pull request as ready for review August 31, 2020 17:13
@darkdh darkdh requested a review from bridiver as a code owner August 31, 2020 17:13
@darkdh darkdh requested a review from simonhong August 31, 2020 17:13
@darkdh darkdh force-pushed the riastradh-torcontrol-v2 branch 2 times, most recently from af889e8 to 429c208 Compare August 31, 2020 17:18
@darkdh darkdh changed the title WIP: Tor control channel Tor control channel Aug 31, 2020
@darkdh darkdh force-pushed the riastradh-torcontrol-v2 branch 5 times, most recently from b4d9660 to 15d1a5e Compare September 12, 2020 04:58
--- a/sandbox/policy/win/sandbox_win.cc
+++ b/sandbox/policy/win/sandbox_win.cc
@@ -887,6 +887,7 @@ ResultCode SandboxWin::StartSandboxedProcess(
launcher_process_command_line.HasSwitch(switches::kNoSandbox)) {
base::LaunchOptions options;
options.handles_to_inherit = handles_to_inherit;
+ BraveLaunchOption(cmd_line, &options);
+ BraveLaunchOption(process_type, &options);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we convert this to a define since you're changing it anyway?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure, will do

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

#else
const char maxpid[] = "4194304"; // 0x400000
#endif
const size_t kBufSiz = strlen(maxpid);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't look right, the pid string is not going to be 4294967292 characters long and this whole thing seems overly complicated. Why aren't we just reading the file as a string like normal?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is strlen of it so it would be 10 characters long max on Windows and 7 characters long on POSIX

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but yeah, will just read the file as a string

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed in 12c003763561ef5dc1ef014d4769d24a84c58883

}

// XXX DEBUG
static std::string escapify(const char *buf, int len) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be at the top in an anonymous namespace

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed in 12c003763561ef5dc1ef014d4769d24a84c58883

KillTorProcess();
// Post delayed relaucn for control to stop
content::GetUIThreadTaskRunner({})
->PostDelayedTask(FROM_HERE,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit - 4 spaces for continuation of a line

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed in 60f91be

Remove kTorProxyString without migration is becasue it was always default value
cause the cookies to be truncated if we store it as std::string
…ndency and it is fully encapsulated by TorLauncherFactory
1. Build failed
2. Not handling CRLF when reading port file
3. Not checking process validity before killing it

Fix tor crash handler is not getting called
relaunch tor with 1s interval when tor crashes
and remove owner_task_runner to avoid confusion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
4 participants