add anon-verify and change project name about onionwash HOT 12 CLOSED

These will be a problem if /etc/tor/torrc.d/* is used and there's a file /etc/tor/torrc.d/one.conf as well as /etc/tor/torrc.d/one.conf~ (kate backup file) or other extensions such as /etc/tor/torrc.d/one.conf.dpkg-old. This would lead to unexpected results.

Ok, I see, but this include line depends on the user or if inserted by the OS such as Whonix.

Ah. Didn't consider yet. So that part would have to be ported / moved to this repository too. Or Whonix would have to do this suggestion using some sort of "plug-in".

This can be added again, anyway, one liner detecting Whonix won't break anything.

from onionwash.

From now on I will refer to anon-verify and torrc-parser as the same script, because I already merged them locally.

The script does not understand %include with globs ->

Configuration was valid
ERROR: invalid file: '/etc/tor/torrc.d/*.conf'

It also does not parse the folder and files inside it.

The parsing order is correct, but the indication of the file is repeated after the first included file:
see:

===> Start parsing file /usr/share/tor/tor-service-defaults-torrc
===> Done parsing file /usr/share/tor/tor-service-defaults-torrc
===> Start parsing file /etc/tor/torrc
===> Start parsing folder: /etc/tor/torrc.d
===> Start parsing file /etc/tor/torrc.d/control.conf
===> Done parsing file /etc/tor/torrc.d/control.conf
===> Done parsing folder : /etc/tor/torrc.d/control.conf
===> Done parsing file /etc/tor/torrc.d/control.conf

on:

The Tor configuration files are parsed in such order: 
===> Start parsing file /usr/share/tor/tor-service-defaults-torrc
DataDirectory /var/lib/tor
PidFile /run/tor/tor.pid
RunAsDaemon 1
User debian-tor
ControlSocket /run/tor/control GroupWritable RelaxDirModeCheck
ControlSocketsGroupWritable 1
SocksPort unix:/run/tor/socks WorldWritable
SocksPort 9050
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /run/tor/control.authcookie
Log notice syslog
===> Done parsing file /usr/share/tor/tor-service-defaults-torrc
===> Start parsing file /etc/tor/torrc
#%include /etc/tor/torrc.d/*.conf
%include /etc/tor/torrc.d
===> Start parsing folder: /etc/tor/torrc.d
===> Start parsing file /etc/tor/torrc.d/control.conf
ControlPort 9071
===> Done parsing file /etc/tor/torrc.d/control.conf
===> Done parsing folder : /etc/tor/torrc.d/control.conf
SocksPort 9050 IsolateDestAddr IsolateDestPort
ControlPort 9051
CookieAuthentication 1
#HashedControlPassword 16:
===> Done parsing file /etc/tor/torrc.d/control.conf
=====================================================================

from onionwash.

extraneous files needed?

Just used .config to try it out and it recommends a whonix command.

/===================================================================\
|                 Extraneous Tor Configuration Files                |
\===================================================================/
1 files are do not end with file extension '.conf': 
/etc/tor/torrc.d/z.config
These should be probably removed. To do so, run:
sudo systemctl restart anon-gw-anonymizer-config.service

Even though I purposefully set %include /etc/tor/torrc.d/*.config. So it should not have failed.
The problem is that it is not being analyzed.

Edit:
exclued the extraneous verification, because it is not correct and hardcoded.

• incorrect problem: it is not evaluating the glob to be match and dismiss extraneous files, it is using a hardcode.
• hardcoded problem: someone can genuinely use file.torrc not .conf.

It can be added again on a later date if these things are corrected.

Edit:

It would be better to get all files from like it is done here
https://github.com/nyxnor/tor-ctrl/blob/fd6c4888368ca0152a711159ce67727ba3fd0a41/usr/bin/tor-ctrl#L143
as they are processed the order tor will do when it starts

this way, we can mark if folder is being parsed and there is more files in the forder than being parsed by tor, this can be marked as extraneous.

from onionwash.

The script does not understand %include with globs ->

Configuration was valid
ERROR: invalid file: '/etc/tor/torrc.d/*.conf'

Tor cannot do that yet either? -> Parse only .torrc files in torrc.d directory

It also does not parse the folder and files inside it.

The parsing order is correct, but the indication of the file is repeated after the first included file: see:

Sorry, I didn't see what is repeated?

from onionwash.

Tor cannot do that yet either?

tested now

[notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
[notice] Read configuration file "/etc/tor/torrc".
[notice] Processing configuration path "/etc/tor/torrc.d/*.torrc" at recursion level 1.
[notice] Including configuration file "/etc/tor/torrc.d/example.torrc".

Sorry, I didn't see what is repeated?

Local problem, never mind.

from onionwash.

extraneous files needed?

These will be a problem if /etc/tor/torrc.d/* is used and there's a file /etc/tor/torrc.d/one.conf as well as /etc/tor/torrc.d/one.conf~ (kate backup file) or other extensions such as /etc/tor/torrc.d/one.conf.dpkg-old. This would lead to unexpected results. Therefore Parse only .torrc files in torrc.d directory is important. (Though, I'd prefer .conf instead of .torrc but never mind.)

sudo systemctl restart anon-gw-anonymizer-config.service

Ah. Didn't consider yet. So that part would have to be ported / moved to this repository too. Or Whonix would have to do this suggestion using some sort of "plug-in".

hardcoded problem: someone can genuinely use file.torrc not .conf.

I don't think this kind of flexibility is useful for any user. One file extension should be recommended. That's how most applications with .d folders are implemented.

from onionwash.

Whonix is not using *.conf?

• https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/torrc.d/95_whonix.conf
• https://github.com/Whonix/anon-gw-anonymizer-config/blob/master/etc/tor/torrc.anondist

Because using %include /etc/tor/torrc.d/*.conf on the torrc and then running anon-verify (upstream) does not read the files inside the folder:

[notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc".
[notice] Read configuration file "/etc/tor/torrc".
[notice] Processing configuration path "/etc/tor/torrc.d/*.conf" at recursion level 1.
[notice] Including configuration file "/etc/tor/torrc.d/control.conf".
Configuration was valid
ERROR: invalid file: '/etc/tor/torrc.d/*.conf'
/===================================================================\
|                 Used Tor Configuration Files                      |
\===================================================================/
2 files are used as Tor configuration files: 
/usr/share/tor/tor-service-defaults-torrc /etc/tor/torrc

... 

===> Start parsing file /etc/tor/torrc
%include /etc/tor/torrc.d/*.conf

Fixed now

Adrelanos, extraneous files were added but different.

It evaluates the %include

• if it is %include /etc/tor/torrc.d/, then all files from that directory will be used torrc
• if it is %include /etc/tor/torrc.d/*.conf, then all files mathing the expression will be considered, and every other file inside that directory that did not match before will be considered extraneous.

This is better for portability and I think Whonix should use *.conf in the default config to be more precise.

from onionwash.

Removing this

  ## TODO: $anon_verify_report_html is used by systemcheck
  ## we need to find a way to merge it with $anon_verify_report
  tor_verify_config_output_html="$(/usr/libexec/msgcollector/br_add "${tor_verify_config_output}")"
  # shellcheck disable=SC2034,2154
  anon_verify_report_html="<p>Tor Config Check Result:
<br></br><b>Your Tor config files contain at least one error.</b></p>
...
...
and the rest of html

Because it appears it was never used by systemcheck: https://github.com/Whonix/systemcheck/search?q=anon-verify

from onionwash.

b3dac4b

keeping this issue open for some time and if no error is found, will close it.

from onionwash.

tor_verify_config_output_html

Confirmed.

from onionwash.

Only "problem" I found is related to cosmetics. If the the include has an extesion or wildcard, it will parse through it correctly, but wont show the line Start parsing folder, because the wildcard is expanded on the for loop and it pass directly as the file names.
This does not affect the result, it is just the appearance.

from onionwash.

No problems found. Only one noticeable difference that the parsing takes 1 second more, which I don't know what is causing this.

from onionwash.