sdwdate and sdwdate-gui development thread

@troubadour I experimented in my above commits with pickle vs text files. Feel free to wipe any non-ideal changes by me when your json based version comes. Please forward port any useful enhancements by me (like improving show_message arg parser) in sdwdate-gui to your json based version.

(If you are going for json. Whatever works best.)

sdwdate-gui should now be more secure without pickle. While doing so I introduced two new bugs in the output.

bTor Bootstrap Result: Tor's Control Port could not be reached.

Did you start Gateway beforehand?\n

• the b at the beginning
• and the \n at the end

Do I have a type error somewhere? Can we prevent this through a type conversion?

Would be cool if you could help with this so it gets fixed for Whonix 14. Otherwise no rush, it would be a minor regression, not a blocker.

More importantly…

Now after the above two git commits… The following code should be safe from code execution even if the file content was malicious?

            with open(self.msg_path, 'rb') as f:
                msg = f.read()
...
        self.setIcon(QtGui.QIcon(status))
        self.message = msg

        self.setToolTip('%s\n%s' %(self.title, self.message))

//cc @troubadour @iry

The following code should be safe from code execution even if the file content was malicious?

Not sure passing binary data is safer than plain strings. (BTW the `b’ at the beginning of each message stems from that).

Why not

with open(self.msg_path, 'r') as f:
      msg = f.read()

and in sdwdate

with open(sdwdate.status_path, 'w') as f:
      f.write(icon)

and pass the icon and messages without encoding?

But in any case I will have to use json to get status and message in the same file for the connection between the gateway and the workstations. It should be relatively straight forward as the data structure is the same.

A internet search security json vs pickle tells that json is a lot more secure. I could have checked before replying in the first place.

I will port some of your enhancements.

Great!

troubadour:>> The following code should be safe from code execution even
if the file content was malicious?

Not sure passing binary data is safer than plain strings. (BTW the `b’ at the beginning of each message stems from that).

Why not

with open(self.msg_path, 'r') as f:
      msg = f.read()

and in sdwdate

with open(sdwdate.status_path, 'w') as f:
      f.write(icon)

and pass the icon and messages without encoding?

Sure. If it works.

(It’s merely a stopgap because sdwdate-gui-qubes / json won’t be ready
for Whonix 14.)

Have you an estimation of Whonix 14 release date?

The json patch works in both versions of sdwdate-gui (was really minor changes).

It requires further testing and I will push “standard” sdwdate-gui.

troubadour:

Have you an estimation of Whonix 14 release date?

The only missing things:

• sdwdate and sdwdate-gui non-pickle (or json :))
• drop whonix-setup-wizard from workstation (as per
  [graphical gui] Whonix Setup Wizard / Anon Connection Wizard - Technical Discussion - #527 by Patrick)
• fix whonixcheck vs Whonix 13 → 14 release upgrade Tor not running
  false-positive bug
• Non-Qubes-Whonix testing
• Qubes R4 Qubes-Whonix new template building and testing (upgraded
  builds work fine)

I want to have a new Whonix 14 testers-only version out at the end of
January.

If that doesn’t require changes, more testing, and bless it stable 2-4
weeks later or so.

The json patch works in both versions of sdwdate-gui (was really minor changes).

It requires further testing and I will push “standard” sdwdate-gui.

json sounds good. Please push.

(Just sdwdate-gui-qubes should go in to Whonix 15 as I anticipate all
the interaction could use a lot testing.)

json sounds good. Please push.

Before pushing, I would like to move the icons from swdate to sdwdate-gui in both versions, so that after this last change, sdwdate-gui non-qubes should be final for Whonix 14.

I know you made the move already, but it’s difficult to merge because of the other changes (remove pickle) and the encoding.

Ported you changes in show-message, with a bug fix (the hard way).

Just override my all of my changes. (Or git revert.) My improvements worth forward porting could be manually re-applied after. (not that many.)

Done.

I created the bug.

sdwdate-gui and sdwdate use json. The icons are moved in sdwdate-gui.

self.msg_path = '/var/run/sdwdate/msg'

Glad you kept it. (/var/run/sdwdate/msg is used by whonixcheck, let’s add a comment for that later…)

write_status(self.busy_icon, (restricted_msg))

Just now noticed… The parentheses around (restricted_msg) are not really required?

msgf.write(msg)

Does that work? I am not seeing any msg =.

def write_status(*args)

Let’s make that

def write_status(icon, msg)
    sdwdate.status['icon'] = icon
    sdwdate.status['message'] = msg

?

May I fix that or would you like to do that?

Since you are on it, please fix it.

Done.

Merged.

Starting /usr/lib/sdwdate-gui/show_message from sdwdate-gui is slow.

    self.popup_process = QProcess()
    self.popup_process.start(popup_process_cmd)

Startup requires more than a second. When clicking it, nothing happens which seems strange. This leads to double clicking when will then result in only sometimes starting it.

Search engines indicate that QProcess() is slow. Do you think there is a solution for this?

That seems very strange. I the Qubes version, the pop-up shows instantly (and I use it quite frequently).

Even if qprocess is slow, it cannot be a second or so delay.

Tested standard sdwdate-gui after merging your last commits, show_message behaves normally, no delay.

Correction.

The delay is showing after changing the ownership of the script to sdwdate-gui (It shows also in or sdwdate-gui-qubes). We cannot open sdwdate’s log either. The konsole pops with a warning chdir: Permission denied