Page MenuHomePhabricator

review and merge anon-connection-wizard pull request by iry
Closed, ResolvedPublic

Details

Impact
Normal

Event Timeline

Patrick created this task.Jun 29 2017, 6:53 PM
Patrick updated the task description. (Show Details)Jun 29 2017, 6:53 PM

I pulled his changes, compiling now, then I install and run this new connection wizard and look for what? That each button has its intended effect? Or something more formal?

JasonJAyalaP added a comment.EditedJun 30 2017, 2:24 AM

@iry

There are complaints while making about not using standard python folders. I don't know if that's important.

running /usr/bin/anon-connection-wizard gives me an import error. I don't know how python looks up it's modules. Why can't it find /usr/lib/python3.4/dist-packages/anon_connection_wizard ?

running sudo python3 anon_connection_wizard.py loads the gui, and the options seem to modify torrc successfully, but then I get some sort of tor control port communication message in the terminal ("unable to connect to tor. Maybe it's running without a controlport?") Is this because of something in whonix 14 developers / onion_grater ?

About the UI:
Do we need the advanced button? It only shows one option. I think we planned on putting more there, but right it's kinda silly. And "disable tor" doesn't seem that advanced

Can we have a "cancel" button on all pages that aborts at any time? Or can we move the cancel button to the left so that the back and next buttons stay in the same position?

The final "next >" button should be "Done" or "Finished"

iry added a comment.EditedJun 30 2017, 5:19 AM

Hi @JasonJAyalaP !

Thank you so much for offering me feedback! I really appreciate your help!

The first thing is I just did another pull request which implemented the torrc.d approach and fixed some other issues like "having a conceal button on every page".

I actually have no idea on how to compile the anon-connection-wizard. I always setup the dependencies by coping/downloading them manually (http://forums.kkkkkkkkkk63ava6.onion/t/graphical-gui-whonix-setup-wizard-anon-connection-wizard-technical-discussion/650/273). Could you please share some instructions on how to compile it? Thank you very much!

About the UI:
Do we need the advanced button? It only shows one option. I think we planned on putting more there, but right it's kinda silly. And "disable tor" doesn't seem that advanced

Agree. I will remove the button.

Can we have a "cancel" button on all pages that aborts at any time?

Good idea. I have implemented this in the new pull request.

Or can we move the cancel button to the left so that the back and next buttons stay in the same position?

Let me try this. This can be a good idea because it will reduce the chance that a user accidentally click the canceal button.

The final "next >" button should be "Done" or "Finished"

Agree.

Again, thank you so much for your feedback!

I pulled his changes, compiling now, then I install and run this new connection wizard and look for what? That each button has its intended effect?

Yes.

Also logic. Such as backing up torrc. Restoring it. And thinking about any corner cases with upgrading where unexpected stuff happens or stuff breaks. Migration to torrc.d and whatnot.

As for usability... Not so much. We have a plan in place already. That is "same as torbrowser-launcher" and/or "as per usability research papers" and/or "as per usability research".

Generally, we should merge most. For simplicity. Because fixes can be added on top.

Or something more formal?

No.

JasonJAyalaP added a comment.EditedJul 1 2017, 4:53 AM

I'd like to settle what /etc/tor/tor* looks like.
We have torrc, torrc orig, anondist, anondist-orig... I'm confused.

@Patrick can you refresh my memory about torrc.d? Is it in issue tracker hell?

@iry
TODOs:

  1. Better error message when not running as sudo. Is it possible to make a dialog box pop up asking for root password, like many desktop apps?
  2. Please disagree with me if you know better (as I am not a pythonista), but: Change your hash bang in /usr/bin/anon-c to python3 -u; put your dist-packages in python3/dist-packages, not python3.4. Checkout /usr/bin/whonix-setup-wizard. Switch your import tor_status to the commented out line (from anon_ import tor status). This is how whonix-setup-wizard does it at least, and that should solve two problems (not finding the module, module placement error while building).
  3. the signal handling in whonix-setup-wizard might be useful to you too. I dunno.
  4. RE: packaging (I'm learning this myself.) I do sudo make deb-icup in the anon_con folder. It builds and installs.
  5. The whole torrc, torrc.tmp etc thing once we figure it out. I noticed that it fails if torrc.orig is missing. In my opinion, it should survive a total rm -rf of /etc/tor/. Instead of using torrc.tmp inside /etc/tor (hacky), consider using python's temporary directory features (which should automatically nuke the .tmp file when done).

Debian default (non-Whonix!):

  • /etc/tor/torrc owned by package tor
  • /usr/share/tor/tor-service-defaults-torrc owned by package tor

Whonix 13:

  • We are using Debian package config-package-dev action displace. #anon-gw-anonyminizer uses file debian/anon-gw-anonymizer-config.displace-extension .anondist.
  • /etc/tor/torrc.anondist-orig is the original by Debian
  • /etc/tor/torrc.anondist is owned by Whonix's #anon-gw-anonyminizer
  • /etc/tor/torrc is a symlink
  • This is necessary because #anon-gw-anonyminizer cannot take over ownership of /etc/tor/torrc. apt-get won't allow that. Manual dpkg-divert are fragile. config-package-dev is a stable solution.
  • We shouldn't use sed etc. to edit /etc/tor/torrc because when a script by Whonix modified a file and then Debian's tor package pushed an upgrade, the user would run into a dpkg interactive conflict resolution dialog ( https://www.whonix.org/wiki/Whonix_Configuration_Files#dpkg_interactive_conflict_resolution_dialog ) which is bad for usability.
  • Same for:
    • /usr/share/tor/tor-service-defaults-torrc.anondist-orig
    • /usr/share/tor/tor-service-defaults-torrc.anondist
    • /usr/share/tor/tor-service-defaults-torrc
  • Whonix's Tor config was implemented in /usr/share/tor/tor-service-defaults-torrc.anondist becuase there was no torrc.d drop-in folder.

Whonix 14:

  • If torrc.d drop-in folder is available, we should config-package-dev action undisplace (undo!) previous config-package-dev displace actions. (10 minutes to explain, 1 minute to do, I can do that one.)
  • (From perspective of a new build, /usr/share/tor/tor-service-defaults-torrc.anondist and /etc/tor/torrc.anondist will have never existed.)
  • Should avoid modification of /etc/tor/torrc.
  • Should avoid modification of /usr/share/tor/tor-service-defaults-torrc.
  • Perhaps we must still keep /usr/share/tor/tor-service-defaults-torrc displaced if Debian is slow to add include.
  • As per https://trac.torproject.org/projects/tor/ticket/1922#comment:55
    • there will be services-available and instances-available folders
    • and services-enabled and /etc/tor/instances-enabled folders.
    • If that's true, Whonix's Tor configuration should be in the appropriate "available" folder, and then symlinked by default in the approrpiate "enabled" folder.
    • Probably the same for anon-connection-wizard.
  • It's not clear to me yet where we put DisableNetwork 1.
  • Perhaps /etc/torrc.d/30_anon-gw-anonyminizer.torrc (all of Whonix's config and DisableNetwork 1)
  • Perhaps /etc/torrc.d/40_anon-connection-wizard-autogenerated.torrc (with DisableNetwork 0 and bridges if chosen by user)
  • torrc_orig was just recently invented by @iry used by anon-connection-wizard. We should avoid that file by using /etc/torrc.d.

I'd like to settle what /etc/tor/tor* looks like.
We have torrc, torrc orig, anondist, anondist-orig... I'm confused.
@Patrick can you refresh my memory about torrc.d? Is it in issue tracker hell?
@iry
TODOs:

  1. Better error message when not running as sudo. Is it possible to make a dialog box pop up asking for root password, like many desktop apps?

Don't run gui applications with sudo anyhow.

https://www.whonix.org/wiki/Install_Software#GUI_Applications_with_Root_Rights

Users should run anon-connection-wizard will auto start. Or will start it from start menu or perhaps a desktop shortcut. Then it shouldn't ask for a sudo password. Should be passwordless on Whonix-Gateway. Like whonix-setup-wizard is.

When starting whonix-setup-wizard from console, it says:
run

kdesudo whonix-setup-wizard repository

So anon-connection-wizard should say

kdesudo anon-connection-wizard

?

like many desktop apps?

Do you know any examples on Whonix?

  1. RE: packaging (I'm learning this myself.) I do sudo make deb-icup in the anon_con folder. It builds and installs.

Don't use sudo make deb-icup. Just make deb-icup. Only the package installation command needs to run as root.

make help
iry added a comment.Jul 3 2017, 4:20 AM

It's not clear to me yet in which order configuration files will be parsed.

Daniel answered this: http://forums.kkkkkkkkkk63ava6.onion/t/torrc-d-is-comming/4041/10

It's not clear to me yet where we put DisableNetwork 1.

According to Daniel's answer, /etc/tor/torrc has the highest priority in the parsing sequence, which means command lines here will overwrite another lines in other Tor config files. Patirck said

Should avoid modification of /etc/tor/torrc.

But does it make sense to put DisableNetwork 0 in it? Because we know what states in /etc/tor/torrc will be the "final result". tor_status module currently used by whonix-setup-wizard and will be used by anon-connection-wizard is also modifying DisableNetwork 0 /etc/tor/torrc .

anon-connection-wizard itself will not modify DisableNetwork 0 , instead, it calls tor_status module to do so.

iry added a comment.Jul 3 2017, 4:40 AM

I have a concern that:

  1. if we put 40_anon-connection-wizard-autogenerated.torrc in /etc/torrc.d/
  2. the %include /etc/torrc.d line is in /usr/share/tor/tor-service-defaults-torrc

Then if the user used anon-connection-wizard to generate a file with a proxy config, let's say. And after a while, the proxy setting is no longer needed/valid, there is no obvious way to find previous settings. As a normal user, he/she may examine /etc/tor/torrc, but there will be no proxy settings, which may cause a confusing and frustrating debugging process.

One solution (just a first thought) is to add %include /path/to/anon-connection-wizard.torrc in /etc/tor/torrc:
Benifits:

  1. it may give user a hint that some other configurations are in /path/to/anon-connection-wizard.torrc
  2. since configs generated by anon-connection-wizard is user's own options, it deserves the same priority as /etc/tor/torrc?

Disadvantage:

  1. /etc/tor/torrc is modified by Whonix
iry added a comment.Jul 3 2017, 4:02 PM

Hi @JasonJAyalaP !

I have fixed some bugs you mentioned in the todo list. And I encountered the following problem now:

Switch your import tor_status to the commented out line (from anon_ import tor status). This is how whonix-setup-wizard does it at least, and that should solve two problems (not finding the module, module placement error while building).

I did this, switching from import tor_status to from anon_connection_wizard import tor_status, however, I got the following error:

ImportError: cannot import name 'tor_status'

I also tried to run the whonix-setup-wizard cloned from the current Whonix repository and got the same error. Could you please tell me what I did wrong? Thank you very much!

I also tried to run make deb-icup in anon-connection-wizard directory, however, I got the following error:

E: anon-connection-wizard source: missing-build-dependency-for-dh-addon python2 =>

python | python-all | python-dev | python-all-dev

  1. BEGIN ERROR in /usr/share/genmkfile/make-helper.bsh detected! ##
  2. ERROR LOG:
  3. See above. ##
  4. BASH_COMMAND: sudo dpkg -i "$package"
  5. EXIT_CODE: 1 ##
  6. END ERROR in /usr/share/genmkfile/make-helper.bsh detected!
  7. Please report this bug!

Could you please instruct me on how to build it successfully, or could you please tell me some keywords that I can use to search educational resources online? Thank you very much!

iry (iry):

iry added a comment.
I have a concern that:

  1. if we put 40_anon-connection-wizard-autogenerated.torrc in

/etc/torrc.d/ 2. the %include /etc/torrc.d line is in
/usr/share/tor/tor-service-defaults-torrc
Then if the user used anon-connection-wizard to generate a file with
a proxy config, let's say. And after a while, the proxy setting is no
longer needed/valid, there is no obvious way to find previous
settings. As a normal user, he/she may examine /etc/tor/torrc, but
there will be no proxy settings, which may cause a confusing and
frustrating debugging process.

It's a valid concern. But... This goes not only for changes by
anon-connection-wizard but any configuration that is using .d. So not
really an issue that can be solved at the level of Whonix /
anon-connection-wizard?

One solution (just a first thought) is to add `%include
/path/to/anon-connection-wizard.torrc` in /etc/tor/torrc:

This defeats the very purpose for Tor's .d support.

The issue with %include /path/to/anon-connection-wizard.torrc in
/etc/tor/torrc is, that it would be non-standard, surprising.

  • an %include by Debian's /usr/share/tor/tor-service-defaults-torrc
  • an %include by Whonix's /etc/tor/torrc

Solution? Perhaps this...?

  • At the very top (?) of /etc/tor/torrc as per Debian's default should

explain the .d folder set up by Debian
(/usr/share/tor/tor-service-defaults-torrc`).

  • /etc/tor/torrc as per Debian's default should discourage users

modification of /etc/tor/torrc? And advice users to use /etc/torrc.d
(or whatever folder(s) Debian will set up) since that won't throw dpkg
interactive conflict resolution dialogs when /etc/tor/torrc gets
modified by Debian?

If that sounds good, could you suggest that in the Debian ticket please?

iry added a comment.EditedJul 4 2017, 5:34 AM

If that sounds good, could you suggest that in the Debian ticket please?

Sounds like a good plan to me.
Done: https://trac.torproject.org/projects/tor/ticket/22391#comment:4

iry added a comment.Jul 8 2017, 2:05 PM

Hi, Patrick and JasonJAyalaP !

I have made some exciting changes:

  • switched from /usr/lib/python3.4 to /usr/lib/python3/dist-packages
  • default settings will be adjusted according to .torrc (anon-con will "remember" user's last choices)
  • switch from self-made .tmp file to python tmpfile
  • better instructions and UI

torrc_orig was just recently invented by @iry used by anon-connection-wizard. We should avoid that file by using /etc/torrc.d.

Agree. torrc.orig is no longer needed.

With the new change, the only file will be used is /etc/torrc.d/anon-connection-wizard.torrc.

My pull request is here: https://github.com/Whonix/anon-connection-wizard/pull/7

Could you please help me to review it, @JasonJAyalaP ? There is no need to hurry, btw.

Thank you very much! I really appreciate your effort and time!

iry added a comment.Jul 9 2017, 11:32 AM

Hi @JasonJAyalaP !

Current anon-connection-wizard will complain "no tor control connected!!!" and strangely open an application called kde accessible.

This is because Tor ControlPort 9051 on Whonix-Gateway will not be opened in Whonix14.
Details of the change can be found here: https://github.com/Whonix/anon-gw-anonymizer-config/commit/49ce21f97965609e4fe06af20005637878324fcc , which is made by @Patrick .

My understanding is that no Tor control port by default will reduce the attack surface a little bit. I am not sure how important this reduction is, but if it does help, I am going to let anon-connection-wizard support Tor cookie file authentication to work around the problem.
Could you please share your opinion on this, Patrick?

Currently, for testing other features in anon-connection-wizard, one can work around by adding the following control port settings back to usr/share/tor/tor-service-defaults-torrc.anondist:

ControlPort 9051
ControlListenAddress 127.0.0.1

Other related questions:

  1. do you have any idea on why an application called kde accessible will be open?
  2. do you think it will be a good design to let anon-connection-wziard repair missing control port or other "dependencies" ?

Thank you very much! I really appreciate your help and feedback!

iry (iry):

I am going to let anon-connection-wizard support Tor cookie file authentication to work around the problem.

Could you please share your opinion on this, Patrick?

It's not a workaround. This is the fix. :)

  1. do you have any idea on why an application called kde accessible

will be open?

No idea.

  1. do you think it will be a good design to let anon-connection-wziard

repair missing control port or other "dependencies" ?

Not repair. But kinda. It should bring all it needs.

Let's imagine someone using Debian doing `sudo apt-get install
tor-connection-wizard`. Or having some distribution that installs
tor-connection-wizard by default. In that case, it should ship the
required torrc.d snippet.

But that shouldn't be needed since plain Debian stretch (non-Whonix) by
default adds a Tor ControlSocket.

The issue with plain Debian stretch is, that the user (non-root) account
is by default not part of the group debian-tor, hence will not be able
to access the Tor ControlSocket. This is a usability issue. Adding the
user's user account (non-root) to group debian-tor will probably not
be allowed by Debian policy.

How to solve this? Start tor-connection-wizard with root rights?

Easy in Whonix - have some anon-meta-package depend on kdesudo. Then
hardcode kdesudo in tor-connection-wizard's .desktop file. But how to
solve this in Debian? Not easy due to:

Perhaps ask on the tor-dev mailing list / #tor-dev / contact Debian?

iry added a comment.Jul 11 2017, 8:11 PM
In T699#14098, @Patrick wrote:

iry (iry):

I am going to let anon-connection-wizard support Tor cookie file authentication to work around the problem.

Could you please share your opinion on this, Patrick?

It's not a workaround. This is the fix. :)

I encountered a bug when trying to fix the issue. I tried to debug it for a long time, but failed. Could you please share some hints on the problem?

@Patrick , @JasonJAyalaP

I tried to add the following line to TorBootstrap Class, the commit is here:
(tor_controller should be self.tor_controller, but the problem is still not fixed)

+        import stem
+        import stem.control
+        import stem.socket
+        from stem.connection import connect
+
+        #self.control_cookie_path = '/run/tor/control.authcookie'
+        #self.control_socket_path = '/run/tor/control'
+
+        # Provides a Controller based on a socket file connection
+        tor_controller = stem.control.Controller.from_socket_file('/run/tor/control')
+
+        # Does authentication using cookie
+        with open('/run/tor/control.authcookie', "rb") as f:
+            cookie = f.read()
+        tor_controller.authenticate(cookie)
+
+        print(tor_controller.get_info("status/bootstrap-phase"))
+        print("Tor is running version {0}".format(tor_controller.get_version()))

However, it complains:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/stem/socket.py", line 442, in _make_socket
    control_socket.connect(self._socket_path)
FileNotFoundError: [Errno 2] No such file or directory

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 1233, in run
    self.tor_controller = self.connect_to_control_port()
  File "/usr/lib/python3/dist-packages/anon_connection_wizard/anon_connection_wizard.py", line 1219, in connect_to_control_port
    tor_controller = stem.control.Controller.from_socket_file('/run/tor/control')
  File "/usr/lib/python3/dist-packages/stem/control.py", line 1014, in from_socket_file
    control_socket = stem.socket.ControlSocketFile(path)
  File "/usr/lib/python3/dist-packages/stem/socket.py", line 425, in __init__
    self.connect()
  File "/usr/lib/python3/dist-packages/stem/socket.py", line 243, in connect
    self._socket = self._make_socket()
  File "/usr/lib/python3/dist-packages/stem/socket.py", line 445, in _make_socket
    raise stem.SocketError(exc)
stem.SocketError: [Errno 2] No such file or directory

I tried to run the following script in the same whonix-gateway and it worked fine:

#!/usr/bin/python3 -u
# -*- coding: utf-8 -*-

import os
import stem
import stem.control
import stem.socket
from stem.connection import connect

control_cookie_path = '/run/tor/control.authcookie'
control_socket_path = '/run/tor/control'

if not os.path.exists(control_cookie_path):
    print(control_cookie_path + ' not found!!!')            


# Provides a Controller based on a socket file connection
tor_controller = stem.control.Controller.from_socket_file(control_socket_path)

# Does authentication using cookie
with open(control_cookie_path, "rb") as f:
    cookie = f.read()
tor_controller.authenticate(cookie)

print(tor_controller.get_info("status/bootstrap-phase"))
print("Tor is running version {0}".format(tor_controller.get_version()))

I also tried to add the code above to the Common Class in anon-connection-wizard.py, and it also worked fine.

My guess is that I did something wrong related to python Class relationship, however, I am not able to figure out what it was. Could you please help me with that? Thank you very much!

In T699#14098, @Patrick wrote:

How to solve this? Start tor-connection-wizard with root rights?
Easy in Whonix - have some anon-meta-package depend on kdesudo. Then
hardcode kdesudo in tor-connection-wizard's .desktop file. But how to
solve this in Debian? Not easy due to:

Perhaps ask on the tor-dev mailing list / #tor-dev / contact Debian?

Sure! I will be working on this :)

iry added a comment.Jul 13 2017, 1:16 PM

I encountered a bug when trying to fix the issue.

Finally I figured out the problem :)
It turns out that: every time tor_status restart the Tor, it takes sometime for Tor to generate the socket which is /run/tor/control, therefore, we have to wait for a while until '/run/tor/control' exists and then connect to it.

I am going to let anon-connection-wizard support Tor cookie file authentication to work around the problem.

Done. Related commit: https://github.com/Whonix/anon-connection-wizard/pull/7/commits/1472d5c5e6e6211f3f3919fbe2305695786eb6fe

iry added a comment.EditedJul 13 2017, 1:27 PM

tor_status.py module will be in anon-connection-wizard package, instead of whonix-setup-wizard (which will be aborted?).

In tor_status.py, two of the situations are /etc/tor/torrc does not exist and DisableNetwork 0 line does not exist.

My question is whether we should fix these two situation, instead of just complaining bad torrc? Fixing these situations can be fairly easy, the question we should ask is if we should fix these.

Normally, the absent of DisableNetwork 0 line or /etc/tor/torrc is strange. Therefore, we may inform the user we have helped to fixed the torrc because the previous one is missing/broken, however, the one we fixed may not be the one they intended to use.

If DisableNetwork 0 line is missing:

  1. append #DisableNetwork 0 or DisableNetwork 0 to /etc/tor/torrc, depending on it is in set_enabled() or set_diabled()

/etc/tor/torrc is missing:

  1. create /etc/tor/torrc
  2. append #DisableNetwork 0 to /etc/tor/torrc

Do you have any thoughts on this? Thank you very much!

iry added a comment.Jul 13 2017, 1:37 PM

TODO:

  1. investigate on why KDE Accessible will be open when kdesudo anon-connection-wizard

log:

user@host:~$ kdesudo anon-connection-wizard
kdesudo(7566) KDESu::KDESuPrivate::KCookie::getXCookie: No X authentication info set for display  ":0" 

kdesudo(7566) Bridge::setRootObject: "KAccessibleBridge: setRootObject object=" "kdesudo (KApplication)"

And after the expected output from anon-connection-wizard:

kdesudo(7566) Bridge::Private::app: Connected with the org.kde.kaccessibleapp dbus-service
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "prompt (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "errorMessage (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "anonymousRadioButton (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "usePasswordButton (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "userNameLabel (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "userEdit (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "domainLabel (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "domainEdit (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "passwordLabel (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "passEdit (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "keepCheckBox (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "credentialsGroup (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "KPasswordDialog (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" "Password  KdeSudo"
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "internal clipboard owner (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" "internal clipboard requestor (QWidget)" "name=" ""
kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""

TODO: can we let Tor generate a cookie to fix this situation?

I doubt that. It should be done by Debian torrc-defaults config already.
If the user deactivated that, we shouldn't try to repair such corner cases.

iry (iry):

iry added a comment.
tor_status.py module will be in anon-connection-wizard package,
instead of whonix-setup-wizard (which will be aborted?).
In tor_status.py
https://github.com/irykoon/anon-connection-wizard/blob/1472d5c5e6e6211f3f3919fbe2305695786eb6fe/usr/lib/python3/dist-packages/anon_connection_wizard/tor_status.py,
two of the situations are /etc/tor/torrc does not exist and
DisableNetwork 0 line does not exist.
My problem is whether we should fix these two situation, instead of
just complaining bad torrc. Fixing these situations can be fairly
easy, the question we should ask is if we should fix these.

Usability wise, I doubt it is useful to ask. A user who messed that up
likely does no longer remember and will be confused by the question. And
all that tor-connection-wizard is doing, is honestly explained to the
user. (Enable vs disable Tor vs bridges vs no bridges.)

Normally, the absent of DisableNetwork 0 line or /etc/tor/torrc
is strange. Therefore, we may inform the user we have helped to fixed
the torrc because the previous one is missing/broken, however, the
one we fixed may not be the one they intended to use.

Information could be done as a comment within the anon-connection-wizard
edit markers.

If DisableNetwork 0 line is missing:

  1. append DisableNetwork 0 to /etc/tor/torrc

/etc/tor/torrc is missing:

  1. create /etc/tor/torrc 2. append DisableNetwork 0 to

/etc/tor/torrc
Do you have any thoughts on this?

Yes. Sounds good.

(All of that is, as long we don't learn how exactly torrc.d will be
working and when deb.torproject.org will start shipping a stable package
with torrc.d enabled by default.)

Perhaps removing kde-accessible test wise (create a snapshot so you can
revert that) would help to debug this. Because then perhaps another
thing happens which makes it easier to identify why this is happening.

iry (iry):

kdesudo(7566) Bridge::notifyAccessibilityUpdate: "ObjectDestroyed" "object=" " (QWidget)" "name=" ""

Such useless messages are often shown when starting KDE apps from the
command line. No matter if you start kate or kdesudo something-else
from the command line. Probably unrelated and best ignored.

iry added a comment.Jul 14 2017, 11:46 AM

Yes. Sounds good.
(All of that is, as long we don't learn how exactly torrc.d will be
working and when deb.torproject.org will start shipping a stable package
with torrc.d enabled by default.)

I created a new module call repair_torrc.py under the anon-connection-wizard packages.

Here is a description from the comments:

repair_torrc() function will be called when we want to gurantee there will be
a /etc/tor/torrc file with a "#DisableNetwork 0" and "%include /etc/torrc.d" line.
It will also gurantee there is an existing /etc/torrc.d/ directory

So far, anon-connection-wizard.py and tor_status.py will use that module. However, user can also use it to fix torrc related issue manually.

The repair is based on the assumption that:
%include /etc/torrc.d will go to tor .deb package.
If that is not ture enventually, I can adjust the code to fit the real torrc situiation.

iry added a comment.EditedJul 31 2017, 5:10 PM

Hi @JasonJAyalaP !

Could you help me review my new pull request please ?

It seems anon-connectioin-wizard itself is mature enough to work as a standalone application. However, I am not sure if it will be a better idea to integrate it with or replace it to whonix-setup-wizard before merging my pull request. Could you please share your idea on this? Thank you very much for your time and efforts!

New features:

  • create a censorship circumvention help button with detailed instructions
  • check invalid input and make warnings
  • add instructions to proxy help button
  • redesign the torrc page based on Linda's paper

Other improvement:

  • adjust label positions
  • use bigger and more general fonts
Patrick reassigned this task from JasonJAyalaP to joysn1980.

Review is in progress.

@iry Can you please let me know how to run your scripts in whonix13? The steps which I require to run/test your modified scripts. I could pull your changes to my local branch. But how do I run them?

Forget about Whonix 13.

iry added a comment.Aug 2 2017, 3:21 PM

Hi @joysn1980 !

I wish you had not started viewing my previous code. Because a huge amount of changes have been made to anon-connection-wizard, especially in terms of UX:

  • hide username and password input when SOCKS4 is selected
  • different bridge settings will not show up at the same time
  • merge the proxy_wizard_page_1 into proxy_wizard_page_2
  • redesign the proxy_page_2
  • merge the bridge_wizard_page_1 into bridge_wizard_page_2
  • redesign the bridge_page_2
  • set fixed size window
  • change the default summary info

Other improvement includes:

  • fix several logic flaws in showing warning message
  • fix bug that /etc/tor/torrc accumulates '\n'

Here is my pull request and you probably need to pull it again if you did that before. I apologize if there is any inconvenience I caused.

Can you please let me know how to run your scripts in whonix13?

Here is the Whonix wiki that you may find helpful when trying to upgrade to Whonix14: http://www.kkkkkkkkkk63ava6.onion/wiki/Upgrading_Whonix_13_to_Whonix_14

The steps which I require to run/test your modified scripts. I could pull your changes to my local branch. But how do I run them?

Good question! Here is the steps worked for me:

  1. upgrade to Whonix14
  2. out commented the #deb http://deb.torproject.org/torproject.org tor-nightly-master-jessie main in /etc/apt/sources.list.d/torproject.list
  3. sudo apt-get update to update Tor to nightly version
  4. tor --version : Tor version > 0.3.1.1-alpha-dev
  5. git clone https://github.com/irykoon/anon-connection-wizard.git
  6. cd anon-connection-wizard
  7. copy all the ./directory to /directory, for example, cp ./usr/lib/python3/dist-packages/anon_connection_wizard /usr/lib/python3/dist-packages/anon_connection_wizard
  8. sudo anon-connection-wizard to run it

Thank you very much for spending your time and effort in reviewing my code, @joysn1980 !

I really appreciate your help!

Please let me know if there is anything else that I can help with! :)

iry added a comment.Aug 2 2017, 3:25 PM

copy all the ./directory to /directory, for example, cp ./usr/lib/python3/dist-packages/anon_connection_wizard /usr/lib/python3/dist-packages/anon_connection_wizard

This is probably not the proper way to install it. But I have not figured out how to package it as .deb

joysn1980 added a comment.EditedAug 2 2017, 3:56 PM

Thanks @iry

This is probably not the proper way to install it. But I have not figured out how to package it as .deb

make deb-icup

I will get back to you if I need anything. First run looked awesome!!

Packaging is sorted out.

  • requires Debian stretch based Debian or Whonix 14
  • https://github.com/Whonix/genmkfile needs to be installed
  • make deb-pkg builds a package
  • make deb-icup builds a package, installs it and cleans up
  • see also make help

@iry - Is there any reason why the all windows doesn't have "X" at the top right corner even though they have "cancel" button?
There are some windows with "X" at the top and some doesn't.
Is it fine to have a "X" button for all windows which can be either "Cancel"led or "OK"ayed?

Does not have "X"

have "X" at the top right corner

iry added a comment.EditedAug 5 2017, 7:47 PM

Hi @joysn1980 !

I have enabled the "X" button and fixed some quit-program related issues.

Is there any reason why the all windows doesn't have "X" at the top right corner even though they have "cancel" button?

Not anymore. In the past we disabled/hide the close button as a work around that forced user to use cancel button. However, since now clicking cancel button and clicking close button share the same result, we can enable close button. This also gives user a feeling of control.

Thank you very much for your feedback!

joysn1980 added a comment.EditedAug 9 2017, 7:00 AM

Thanks @iry

@iry and @Patrick

3 screen shots here - one after another

Screen 1

Screen 2

Screen 3

The question is
In Screen 3, should we have a back button?
I think "No, we shouldn't".

Right now. if we click on "Back" it goes to Screen 2, I think that is also not correct

Suggestion:- Instead, we can have something like "Home", when clicked it should go to the Screen 1.

Also, we need to update the text accordingly. Right now it says - "Press the Back button and select another option"

iry added a comment.Aug 9 2017, 5:30 PM

Hi @joysn1980 !

Thank you very much for your feedback.

I agree with you that there was something wrong with the process when disable_tor is selected. Since Screen2 did not really provide any useful information, I have let anon-connection-wizard skip the torrc_page (Screen2) when disable_tor option is selected. This fix will simplify the configuration which increase the usability.

I appreciate your valuable feedback!

Btw, from the screenshot, the close button problem seems to be unfixed. Is it true, or it is just because you were not using the latest anon-connection-wizard? I am using Qubes OS which will provide a window-wrapper with close button, therefore, I have no idea whether the bug is really fixed.

iry added a comment.Aug 9 2017, 5:31 PM

Several termination-related problems have been fixed or improved:

  • make the consequences of clicking close button same with clicking the cancel button
  • enable close button
  • recover Tor to the initial tor status when quiting or canceling
  • fix "Thread termination error

Other improvement include:

  • eliminate outdated code that may cause IO error
  • skip torrc_page when disable_tor option is selected
joysn1980 added a comment.EditedAug 10 2017, 12:52 PM

@iry

Thanks for all the updates

Yes I was using old one. That is why my comments were no more on the same issue.

I got your new code now. I see following issues

  1. Close Button is now enabled. So this issue is now resolved
  2. No error checking done for Ip Address and Port fields. It is expected that

a) port field should be between 1-65535 only whole numbers, Right now everything entered is accepted
b) ipaddress - some checks on the format would be useful too.

  1. Do you know why are we seeing Unsupported types when we enter custom bridge?

  1. https://bridges.torproject.com/ is not accessible. Is it correct website?

Thanks
Joy

@iry

One more issue

  1. Click on configure
  2. Choose obfs4
  3. Next (do not choose proxy)
  4. Next - Here we get the summary showing "Bridges" Provided Pbfs4"
  5. Now go "Back", "back" twice and now choose "enter custom bridges".
  6. Next, Next. Now see the summary pages. "Bridges:" info is not refreshed. It is still showing the old value.
iry added a comment.Aug 10 2017, 7:10 PM

Hi @joysn1980 !

Thank you very much for your detailed feedback!

No error checking done for Ip Address and Port fields. It is expected that
a) port field should be between 1-65535 only whole numbers, Right now everything entered is accepted
b) ipaddress - some checks on the format would be useful too.

Agreed. Since it is the same issue with the above one, I will explain them together.

Do you know why are we seeing Unsupported types when we enter custom bridge?

Next, Next. Now see the summary pages. "Bridges:" info is not refreshed. It is still showing the old value.

These two problems were actually the same issue, which were also related to the input validation check. This happened when you were using a custom bridge but failed to provide a valid one. Specifically, this happened when the input started without "obfs3" or "obfs4". I have fixed the "still showing the old value" problem, now it will show "ERROR: Unsupported bridge type".

However, it is not the final fix. The eventual solution will be preventing user who has entered an invalid bridge from going to the next page. This solution needs a well-written regular expression to check the validation of the input.

  1. For Port number and custom bridges, it won't be too hard.
  2. For valid IP address input check, the difficulty is that it also allows hostname, causing a valid can be almost anything.

Tor launcher solved the problem by not checking the input validation by Tor launcher. Instead, Tor launcher will listen to the Tor log. If the following complains happen, Tor launcher will pop up a warning and redirect the users to related setting pages:

[WARN] Too few items to Bridge line. 
[WARN] Controller gave us config lines that didn't validate: Bridge line did not parse. See logs for details. 
[WARN] Error parsing Bridge address 'fdsgsdhghr'

or

[WARN] Controller gave us config lines that didn't validate: HTTPSProxy failed to parse or resolve. Please fix. 
[WARN] Controller gave us config lines that didn't validate: Socks4Proxy failed to parse or resolve. Please fix. 
[WARN] Controller gave us config lines that didn't validate: Socks5Proxy failed to parse or resolve. Please fix.

I will try to find out the best solution to this problem :)

iry added a comment.Aug 10 2017, 7:23 PM

I am thinking about integrating three pages into one, which are the main connection page, bridge setting page and proxy page. It seems that this is also the design by TPO UX team.

By doing so, it brings a great number of benefits:

  1. simplify the configuration process, leading to better UX. For example, if the user realize a reconfigure in bridge setting, he/she does not need to go back to the previous page to reconfigure it.
  2. code is much simpler to extend and maintain because of much less code amount and simpler logic. For example, the input invalidation check problem above can be easily handled by Tor log complain without worrying about the check before going to next page .
  3. summary page may be removed since all the settings are presented in one page, a summary seems to be redundant? However, show torrc file function will be also removed.

Any thoughts and insights on this will be much appreciated!

joysn1980 added a comment.EditedAug 11 2017, 7:33 AM

Thanks @iry for the detail explanation.

That is correct. This is how it was showed by the UX team. I think this will be good. All in same page, so validation and other stuff will be quite easy to handle


Also I see that here we have something like B4 - i.e. requesting from a bridge. I didn't notice it in your UI. Is it implemented?

One more question, is this part not in your code [from the UX team screen shots]?

iry added a comment.Aug 11 2017, 8:36 PM

Hi @joysn1980 !

That is correct. This is how it was showed by the UX team. I think this will be good. All in same page, so validation and other stuff will be quite easy to handle

Agreed!

Also I see that here we have something like B4 - i.e. requesting from a bridge. I didn't notice it in your UI. Is it implemented?
One more question, is this part not in your code [from the UX team screen shots]?

It seems that they are the same question. So far, I have not implemented the feature. Here is a discussion on the implementation of this feature: http://forums.kkkkkkkkkk63ava6.onion/t/graphical-gui-whonix-setup-wizard-anon-connection-wizard-technical-discussion/650/291

(I am sorry for my cross-posting that caused you did not notice it.)

https://bridges.torproject.com/ is not accessible. Is it correct website?

The URL should be: https://bridges.torproject.org/

Did you find the .com URL anywhere in the anon-connection-wizard? Because I did an overhaul which indicated all the related URL did appear to be .org.

Again, thank you very much for your feedback, @joysn1980 !
I understand that testing out all the hard-to-notice bugs can be very time and effort consuming! So I really appreciate your help!

Thanks @iry

My mistake, it was indeed .org.
btw, I now see the url as https://bridges.torproject.org/options, which seems perfect

One small request - is it possible to make the first 4 characters of the bridge case insensitive?
Example:

obfs4 109.109.202.103:44514 C52DA34113488533340ECDDBEA7DA4FABEEE7A39 cert=FzzNqEIGM39D3Zb2SdVZFA8K//xx4N82zkmfiWM8MceuChlsNZ9eOSN0jRAjiYR801sAFQ iat-mode=0

as well as

OBFS4 109.109.202.103:44514 C52DA34113488533340ECDDBEA7DA4FABEEE7A39 cert=FzzNqEIGM39D3Zb2SdVZFA8K//xx4N82zkmfiWM8MceuChlsNZ9eOSN0jRAjiYR801sAFQ iat-mode=0

should work. You can handle this in your code by making the first 4 character case insensitive.
If you think that is really not the case, let me know.

Let me know when you consolidate the pages and implement some basic error checks - the ones which are feasible - like port #s etc.
I will give your code another try

iry added a comment.Aug 17 2017, 8:43 PM

One small request - is it possible to make the first 4 characters of the bridge case insensitive?
Example:

obfs4 109.109.202.103:44514 C52DA34113488533340ECDDBEA7DA4FABEEE7A39 cert=FzzNqEIGM39D3Zb2SdVZFA8K//xx4N82zkmfiWM8MceuChlsNZ9eOSN0jRAjiYR801sAFQ iat-mode=0

as well as

OBFS4 109.109.202.103:44514 C52DA34113488533340ECDDBEA7DA4FABEEE7A39 cert=FzzNqEIGM39D3Zb2SdVZFA8K//xx4N82zkmfiWM8MceuChlsNZ9eOSN0jRAjiYR801sAFQ iat-mode=0

should work. You can handle this in your code by making the first 4 character case insensitive.

Thank you very much for your careful examination! I have fixed this bug :)

Let me know when you consolidate the pages and implement some basic error checks - the ones which are feasible - like port #s etc.
I will give your code another try

Thank you! I have made several changes, however, you do not need to review them right now since all of them are minor changes :)

Changes details:

Several bridge and bridge type related changes have been made:

  • Warn unsupported bridge type in summary page
  • Update unsupported bridge type warning in summary page
  • Make bridge types case insensitive
  • Update custom bridge help instructions
  • Update default bridges

Other changes include:

  • Update the initial comments for anon-connection-wizard.torrc
joysn1980 added a comment.EditedAug 22 2017, 2:49 PM

sorry @iry I have been busy lately, will get back to you very soon on this

Hi @iry
Did you by any chance forgot to add verifications for the port#? I still see non-numbers, -ve numbers etc are accepted

Thanks

Hi @iry

Two screen shots below to disable Tor.
Screen 1

Screen 2

Suggestions

  1. Do you think it is good to have a warning message from screen 1 to screen 2?
  2. Do you think it will good to rename the "back" button in screen 2 to "Reconfigure" and probably "Finish" to "Exit"? Trying to make them more intuitive.

Thanks

iry added a comment.Aug 26 2017, 6:56 AM

Hi @joysn1980 !

Thank you very much for your feedback!

Did you by any chance forgot to add verifications for the port#? I still see non-numbers, -ve numbers etc are accepted

Thank you for your testing! It should have been fixed now!

  1. Do you think it is good to have a warning message from screen 1 to screen 2?

Do you think it is needed because users need a transitional stage to think about it twice? I personally think it is better not to do so for efficiency. Additionally, accidentally choosing this option causing Tor disabled seems not to be a big deal? Because the user can simply press "Back" to go back?

  1. Do you think it will good to rename the "back" button in screen 2 to "Reconfigure" and probably "Finish" to "Exit"? Trying to make them more intuitive.

I am not sure if it is because I am too familiar with these two button, but I personally find Back and Finish more intuitive.:
Back will let users know they will go back to previous page;
Exit, to me, gives a potential doubt on whether my decision will be taken or will be canceled.
What do you think? Does my argument make sense?

Thank you very much!

iry added a comment.Aug 26 2017, 7:12 AM

TODO:

  • when parsingTorrc() parses a corrupt file, it will get an out-of-bound error, causing anon-connection-wizard can not be started. We need to give up parsing.
  • RE to check input validation (Current implementation is not using regular expression, which means it is not the perfect validation check. However, it is good enough to prevent most common input mistakes.)
iry added a comment.Aug 27 2017, 11:02 PM

Hi @joysn1980 and @Patrick !

I was trying to complete the final evaluation of GSoC, which requires:

a short description of what work was done, what code got merged, what code didn't get merged, and what's left to do

It seems no code written in the summer has been merged into Whonix repository.

Do you think it will be okay to merge my pull request ? I will still be working on anon-connection-wizard.

Thank you very much for your time and effort!

Consider it all merged, if possible.

Do we have some deadline for it?

iry added a comment.Aug 28 2017, 5:49 PM

https://github.com/Whonix/anon-connection-wizard/pull/7 merged

Thank you very much for your work, @joysn1980 !

Do we have some deadline for it?

The due of the final evaluation of GSoC is within 24 hours. But since it has been merged, case resolved :)

Patrick closed this task as Resolved.Aug 29 2017, 1:00 AM

Great! Please create new tickets for follow-ups or future work.