Merge pull request 'Clarified and Split Apart Environment Variables that alter port binding behaviour.' (#47) from whonix into master

Reviewed-on: #47
Reviewed-by: Dan Ballard <dan@openprivacy.ca>

README.md

@@ -10,6 +10,8 @@ A library providing an ACN (Anonymous Communication Network
 ## Environment Variables
 
 - `TOR_LD_LIBRARY_PATH` - override the library path given to the Tor process as different from the one given to the parent process.
+- `CWTCH_RESTRICT_PORTS` - forces connectivity to bind to a subset of ports `15000-15378`
+- `CWTCH_BIND_EXTERNAL_WHONIX` - forces connectivity to bind to external interfaces (only supported/recommended on certain Whonix-based setups. Please open an issue if you think this should be expanded.)
 
 ## Requirements for ACN Support
 
@@ -54,4 +56,4 @@ service:
         acn.Restart()
 and
         
-        acn.Close()
+        acn.Close()

error_acn.go

@@ -1,20 +1,25 @@
 package connectivity
 
 import (
-	"errors"
-	"fmt"
 	"net"
 )
 
-const acnError = "error initializing anonymous communication network"
-
 // ErrorACN - a status-callback safe errored ACN. Use this when ACN construction goes wrong
 // and you need a safe substitute that can later be replaced with a working ACN without impacting calling clients.
 type ErrorACN struct {
+	acnError             error
 	statusCallbackCache  func(int, string)
 	versionCallbackCache func(string)
 }
 
+func NewErrorACN(err error) ErrorACN {
+	return ErrorACN{
+		acnError:             err,
+		statusCallbackCache:  func(int, string) {},
+		versionCallbackCache: func(string) {},
+	}
+}
+
 func (e *ErrorACN) GetStatusCallback() func(int, string) {
 	return e.statusCallbackCache
 }
@@ -24,15 +29,15 @@ func (e *ErrorACN) GetVersionCallback() func(string) {
 }
 
 func (e *ErrorACN) GetInfo(addr string) (map[string]string, error) {
-	return nil, errors.New(acnError)
+	return nil, e.acnError
 }
 
 func (e *ErrorACN) GetBootstrapStatus() (int, string) {
-	return -1, acnError
+	return -1, e.acnError.Error()
 }
 
 func (e *ErrorACN) WaitTillBootstrapped() error {
-	return errors.New(acnError)
+	return e.acnError
 }
 
 func (e *ErrorACN) SetStatusCallback(callback func(int, string)) {
@@ -47,20 +52,21 @@ func (e *ErrorACN) Restart() {
 }
 
 func (e *ErrorACN) Open(hostname string) (net.Conn, string, error) {
-	return nil, "", fmt.Errorf(acnError)
+	return nil, "", e.acnError
 }
 
 func (e *ErrorACN) Listen(identity PrivateKey, port int) (ListenService, error) {
-	return nil, fmt.Errorf(acnError)
+	return nil, e.acnError
 }
 
 func (e *ErrorACN) GetPID() (int, error) {
-	return -1, fmt.Errorf(acnError)
+	return -1, e.acnError
 }
 
 func (e *ErrorACN) GetVersion() string {
-	return acnError
+	return e.acnError.Error()
 }
 
 func (e *ErrorACN) Close() {
+	// nothing to do...
 }

tor/torProvider.go

@@ -170,8 +170,9 @@ var progRe = regexp.MustCompile("PROGRESS=([0-9]*)")
 var sumRe = regexp.MustCompile("SUMMARY=\"(.*)\"$")
 
 // GetBootstrapStatus returns an int 0-100 on the percent the bootstrapping of the underlying network is at and an optional string message
-//   returns -1 on network disconnected
-//   returns -2 on error
+//
+//	returns -1 on network disconnected
+//	returns -2 on error
 func (tp *torProvider) GetBootstrapStatus() (int, string) {
 	tp.lock.Lock()
 	defer tp.lock.Unlock()
@@ -267,7 +268,28 @@ func (tp *torProvider) Listen(identity connectivity.PrivateKey, port int) (conne
 		localport += 1024
 	}
 
-	localListener, err := net.Listen("tcp", "127.0.0.1:"+strconv.Itoa(localport))
+	var localListener net.Listener
+	var err error
+
+	if cwtchRestrictPorts := os.Getenv("CWTCH_RESTRICT_PORTS"); strings.ToLower(cwtchRestrictPorts) == "true" {
+		// for whonix like systems we tightly restrict possible listen...
+		// pick a random port between 15000 and 15378
+		// cwtch = 63 *77 *74* 63* 68 = 1537844616
+		log.Infof("using restricted ports, CWTCH_RESTRICT_PORTS=true");
+		localport = 15000 + (localport % 378)
+	}
+	
+	if bindExternal := os.Getenv("CWTCH_BIND_EXTERNAL_WHONIX"); strings.ToLower(bindExternal) == "true" {
+		if _, ferr := os.Stat("/usr/share/anon-ws-base-files/workstation"); !os.IsNotExist(ferr) {
+			log.Infof("WARNING: binding to external interfaces. This is potentially unsafe outside of a containerized environment.");
+			localListener, err = net.Listen("tcp", "0.0.0.0:"+strconv.Itoa(localport))
+		} else {
+			log.Errorf("CWTCH_BIND_EXTERNAL_WHONIX flag set, but /usr/share/anon-ws-base-files/workstation does not exist. Defaulting to binding to local ports");
+			localListener, err = net.Listen("tcp", "127.0.0.1:"+strconv.Itoa(localport))
+		}
+	} else {
+		localListener, err = net.Listen("tcp", "127.0.0.1:"+strconv.Itoa(localport))
+	}
 
 	if err != nil {
 		return nil, err
@@ -289,6 +311,8 @@ func (tp *torProvider) Listen(identity connectivity.PrivateKey, port int) (conne
 		return nil, err
 	}
 
+	// We need to set os.ID here, otherwise os.Close() may not shut down the onion service properly...
+	os.ID = onion
 	os.CloseLocalListenerOnClose = true
 
 	ols := &onionListenService{os: os, tp: tp}
@@ -442,19 +466,18 @@ func newHideCmd(exePath string) process.Creator {
 		loggerDebug := &logWriter{log.LevelDebug}
 		loggerError := &logWriter{log.LevelError}
 
-		
 		cmd := exec.CommandContext(ctx, exePath, args...)
 		cmd.Stdout = loggerDebug
 		cmd.Stderr = loggerError
 		cmd.SysProcAttr = sysProcAttr
-		
+
 		// override tor ld_library_path if requested
-		torLdLibPath,exists := os.LookupEnv("TOR_LD_LIBRARY_PATH")
+		torLdLibPath, exists := os.LookupEnv("TOR_LD_LIBRARY_PATH")
 		if exists {
 			ldLibPath := fmt.Sprintf("LD_LIBRARY_PATH=%v", torLdLibPath)
-			cmd.Env = append([]string{ldLibPath},os.Environ()...)
+			cmd.Env = append([]string{ldLibPath}, os.Environ()...)
 		}
-		
+
 		return cmd, nil
 	})
 }
@@ -665,4 +688,4 @@ func dialControlPort(port int) (*control.Conn, error) {
 		return nil, err
 	}
 	return control.NewConn(textConn), nil
-}
+}