Commit a68d1da5 authored by anonym's avatar anonym

Run tor-controlport-filter on port 9051, and the unfiltered one on 9052.

This simplifies client configurations and assumptions made in many
applications that use Tor's ControlPort. It's the exception that we
connect to the unfiltered version, so this seems like the more sane
approach.
parent 66b8e6bf
......@@ -6,6 +6,3 @@ SOCKS5_SERVER=127.0.0.1:9050
# Port that the monkeysphere validation agent listens on
MSVA_PORT='6136'
# Needed for onionshare, onioncircuits etc. to use the filtered Tor
# control port.
TOR_CONTROL_PORT=9052
......@@ -48,7 +48,7 @@ domain ip {
}
# White-list access to Tor's ControlPort
daddr 127.0.0.1 proto tcp dport 9051 {
daddr 127.0.0.1 proto tcp dport 9052 {
mod owner uid-owner tor-launcher ACCEPT;
# Needed by a workaround in tordate (NM's 20-time.sh hook)
# for temporarily changing Tor's logging severity.
......@@ -56,7 +56,7 @@ domain ip {
}
# White-list access to the Tor control port filter
daddr 127.0.0.1 proto tcp dport 9052 {
daddr 127.0.0.1 proto tcp dport 9051 {
mod owner uid-owner amnesia ACCEPT;
}
......
// As suggested in TBB's start-tor-browser script for system-wide Tor
// instances
pref("extensions.torbutton.banned_ports", "631,6136,4444,4445,6668,7656,7657,7658,7659,7660,8998,9040,9050,9061,9062,9150,9052");
pref("extensions.torbutton.banned_ports", "631,6136,4444,4445,6668,7656,7657,7658,7659,7660,8998,9040,9050,9061,9062,9150,9051");
pref("extensions.torbutton.custom.socks_host", "127.0.0.1");
pref("extensions.torbutton.custom.socks_port", 9150);
pref("extensions.torbutton.launch_warning", false);
......@@ -44,7 +44,7 @@ pref("extensions.torbutton.startup", true);
pref("extensions.torbutton.startup_state", 1);
pref("extensions.torbutton.test_enabled", false); // Tails-specific
pref("extensions.torbutton.tor_memory_jar", true);
pref("extensions.torbutton.control_port", 9052);
pref("extensions.torbutton.control_port", 9051);
// These must be set to the same value to prevent Torbutton from
// flashing its upgrade notification.
......
......@@ -55,7 +55,7 @@ SocksPort 127.0.0.1:9150 IsolateSOCKSAuth KeepAliveIsolateSOCKSAuth
## The port on which Tor will listen for local connections from Tor
## controller applications, as documented in control-spec.txt.
ControlPort 9051
ControlPort 9052
ControlListenAddress 127.0.0.1
############### This section is just for location-hidden services ###
......
......@@ -23,7 +23,7 @@ PROFILE="${HOME}/.tor-browser/profile.default"
# Setting a password is required, otherwise Torbutton attempts to
# read the authentication cookie file instead, which fails.
export TOR_CONTROL_HOST='127.0.0.1'
export TOR_CONTROL_PORT='9052'
export TOR_CONTROL_PORT='9051'
export TOR_CONTROL_PASSWD='passwd'
# Hide Torbutton's "Tor Network Settings..." context menu entry since
# it doesn't work in Tails, and we deal with those configurations
......
......@@ -9,7 +9,7 @@ set -e
unset TOR_CONTROL_PASSWD
unset TOR_FORCE_NET_CONFIG
export TOR_CONFIGURE_ONLY=1
export TOR_CONTROL_PORT=9051
export TOR_CONTROL_PORT=9052
export TOR_CONTROL_COOKIE_AUTH_FILE=/var/run/tor/control.authcookie
export TOR_HIDE_BROWSER_LOGO=1
if echo "$@" | grep -qw -- --force-net-config; then
......
......@@ -18,7 +18,7 @@ import stem
import stem.control
import yaml
DEFAULT_LISTEN_PORT = 9052
DEFAULT_LISTEN_PORT = 9051
DEFAULT_COOKIE_PATH = '/var/run/tor/control.authcookie'
DEFAULT_CONTROL_SOCKET_PATH = '/var/run/tor/control'
......
From ba720f47d872c01e18150894d73122cec125f2bb Mon Sep 17 00:00:00 2001
From: anonym <anonym@riseup.net>
Date: Thu, 22 Sep 2016 11:25:42 +0200
Subject: [PATCH] Try to get the Tor ControlPort from the environment.
... via the TOR_CONTROL_PORT variable. If set, onionshare will only
try this port.
---
onionshare/onion.py | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/onionshare/onion.py b/onionshare/onion.py
index 5370fe2..2bfd488 100644
--- a/usr/lib/python3/dist-packages/onionshare/onion.py
+++ b/usr/lib/python3/dist-packages/onionshare/onion.py
@@ -57,7 +57,11 @@ class Onion(object):
# connect to the tor controlport
found_tor = False
self.c = None
- ports = [9151, 9153, 9051]
+ env_port = os.environ.get('TOR_CONTROL_PORT')
+ if env_port:
+ ports = [int(env_port)]
+ else:
+ ports = [9151, 9153, 9051]
for port in ports:
try:
self.c = Controller.from_port(port=port)
--
2.9.3
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment