[tahoe-lafs-trac-stream] [Tahoe-LAFS] #2490: anonymous friendly tahoe create-node/create-client

Tahoe-LAFS trac at tahoe-lafs.org
Wed Sep 21 08:11:48 UTC 2016 

#2490: anonymous friendly tahoe create-node/create-client
--------------------------------+-------------------------------
     Reporter:  dawuud          |      Owner:  warner
         Type:  defect          |     Status:  assigned
     Priority:  normal          |  Milestone:  1.12.0
    Component:  code-nodeadmin  |    Version:  1.10.1
   Resolution:                  |   Keywords:  tor i2p anonymous
Launchpad Bug:                  |
--------------------------------+-------------------------------

Comment (by warner):

 New idea. There are two objects involved:

 The first object is the "creator". It's actually just a function that
 returns a Deferred. It's invoked with the `twisted.python.usage.Usage`
 "options" object (which records the `--listen=tor`, `--tor-launch`, and
 other CLI argument flags). Its job is:

 * parse the options, figure out if we need to launch tor, or if we've been
 given a control port
 * if we're launch tor: allocate a control port (maybe unix-domain?),
 launch tor, wait for it to start, build the control-port endpoint
 * if not: build the control-port endpoint
 * use txtorcon to build the control protocol from the control-port
 endpoint
 * allocate a local port (maybe unix-domain?), build an entry for
 `tub.port`
 * pick an external port (doesn't matter)
 * use the control protocol to allocate an onion address. retrieve the
 private key and the .onion hostname
 * build an entry for `tub.location` from the .onion hostname and the
 external port
 * write the private key to `BASEDIR/private/tor-onion.privkey`
 * return `tub.port`, `tub.location`, and a dictionary of key/values for
 the `[tor]` section of tahoe.cfg
 * (maybe shut down the launched tor now? and/or delete the ephemeral onion
 service when using a pre-existing tor control port? in general it won't
 matter, the `tahoe create-node` process will terminate a moment later, but
 it might make a difference for tests, and we need to make sure the pre-
 existing tor won't get confused if we temporarily start the onion during
 create-node and then start it a second time at runtime)

 The second object is the "provider". It's created with a synchronous
 function that's called with the `[tor]` portion of tahoe.cfg (not sure of
 the best way to manage this, maybe just give it a reference to
 `Node.get_config`, or maybe the whole Node). Its job:

 * first, it has a synchronous function which returns a Foolscap connection
 handler (or None if tor/txtorcon is unavailable or disabled). This is
 called at node startup, inside `Node.init_connections()`, and subsumes
 `Node._make_tor_handler`. It needs to parse the tahoe.cfg data and decide
 if we're launching or control-port-ing or socks-port-ing. For control.port
 and socks.port, it can return a foolscap-provided handler. For "launch",
 it needs to prepare to launch Tor (but *not* actually launch it yet, since
 we're still in synchronous startup land). It will use the new
 `foolscap.connections.tor.control_endpoint_maker()` to build a handler
 that will launch tor on demand, and it will share that launched Tor with
 the onion listener.
 * second, it is a `MultiService`, and when `startService` happens, *if*
 tahoe.cfg says to start an onion listener, it needs to launch Tor (if not
 already launched by the connection handler, probably because the
 `IntroducerClient` FURL was processed), wait for it to start, establish
 the control protocol, then use the control protocol to start the onion
 service that was allocated by the creator.
 * note that `tub.port` and `tub.location` are *not* controlled by the
 provider. These values are written into `tahoe.cfg` like the user-provided
 `--port=` and `--location=` values. That means we're allocating the local
 port at create-node time, and making Tor re-use that same local port at
 runtime.

 The last part (starting the onion service) might require something unusual
 from txtorcon.

 All the information about the onion service to be started will be recorded
 in tahoe.cfg. We'll document the keys it uses, but mark them as normally
 generated by create-node, and thus not really intended for user
 modification.

 I'm sketching this out in my github `2490-tor` branch, in case anyone
 wants to take a look.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2490#comment:13>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list