sdwdate and sdwdate-gui development thread


For reference:

I could use help with the tool to find out which onions are offline or too inaccurate.

https://github.com/Whonix/sdwdate/blob/master/usr/share/sdwdate/onion_tester

  • takes ages to complete the test
  • tons of onion may be offline and need to be removed from sdwdate config
  • after one failure, these should not be removed, it might be a locally caused connectivity issue
  • we don’t need automatic removal from sdwdate config, just suggestions which are offline for manual remove for the next package upgrade
  • careful when running this test in Whonix, due to sdwdate and clock randomization our local clock could be too much off in the first place, so using that as basis for comparison would be wrong
  • therefore sudo service sdwdate stop
  • change the date to accurate time. syntax:
    • Non-Qubes-Whonix: sudo date --set "Mon Mar 14 17:48:38 UTC 2016"

Developers only (not good for anonymity), easier for Qubes-Whonix:

Set dom0 clock so it is accurate.

In anon-whonix-dev stop sdwdate so it will not run and change the clock during the onion_tester.

sudo systemctl stop sdwdate

Sync dom0 with anon-whonix-dev clock. (Not perfect but accurate enough.) In dom0:

qvm-run --pass-io anon-whonix-dev "sudo date --set \"$(date --utc)\""

Compare dom0 clock with anon-whonix-dev clock.

date --utc ; qvm-run --pass-io anon-whonix-dev date

If they math, you’re good to run the onion_tester.

//cc @troubadour

I can see that many onions must be either down or intermittently online. Working on sdwdate-gui Qubes (some nice progress there), I am doing tons of sdwdate restarts.

I can run the onion tester in a separate anon-vm.

1 Like

Have run the onion tester 7 or 8 times over two days. There are many onions consistently timing out, most of them in pool one.

I removed them in /etc/sdwdate.d/50_default.conf (pushed).

1 Like

30_default.conf not 50. Probably was a mistake? Anyhow. Fixed.

        ## Remove double quotes from message as they would be interpreted as
        ## an argument separator in /usr/lib/sdwdate-gui/show_message (called
        ## by run_popup).

This is fixed. Commit in next post. (Modified the show_message arguments parser so we can simplify sdwdate-gui code a bit.)


@troubadour I experimented in my above commits with pickle vs text files. Feel free to wipe any non-ideal changes by me when your json based version comes. Please forward port any useful enhancements by me (like improving show_message arg parser) in sdwdate-gui to your json based version.

(If you are going for json. Whatever works best.)

sdwdate-gui should now be more secure without pickle. While doing so I introduced two new bugs in the output.

bTor Bootstrap Result: Tor's Control Port could not be reached.

Did you start Gateway beforehand?\n
  • the b at the beginning
  • and the \n at the end

Do I have a type error somewhere? Can we prevent this through a type conversion?

Would be cool if you could help with this so it gets fixed for Whonix 14. Otherwise no rush, it would be a minor regression, not a blocker.

More importantly…


Now after the above two git commits… The following code should be safe from code execution even if the file content was malicious?

            with open(self.msg_path, 'rb') as f:
                msg = f.read()
...
        self.setIcon(QtGui.QIcon(status))
        self.message = msg

        self.setToolTip('%s\n%s' %(self.title, self.message))

//cc @troubadour @iry

1 Like

The following code should be safe from code execution even if the file content was malicious?

Not sure passing binary data is safer than plain strings. (BTW the `b’ at the beginning of each message stems from that).

Why not

with open(self.msg_path, 'r') as f:
      msg = f.read()

and in sdwdate

with open(sdwdate.status_path, 'w') as f:
      f.write(icon)

and pass the icon and messages without encoding?

But in any case I will have to use json to get status and message in the same file for the connection between the gateway and the workstations. It should be relatively straight forward as the data structure is the same.

A internet search security json vs pickle tells that json is a lot more secure. I could have checked before replying in the first place.

I will port some of your enhancements.

1 Like

Great!

troubadour:>> The following code should be safe from code execution even
if the file content was malicious?

Not sure passing binary data is safer than plain strings. (BTW the `b’ at the beginning of each message stems from that).

Why not

with open(self.msg_path, 'r') as f:
      msg = f.read()

and in sdwdate

with open(sdwdate.status_path, 'w') as f:
      f.write(icon)

and pass the icon and messages without encoding?

Sure. If it works.

(It’s merely a stopgap because sdwdate-gui-qubes / json won’t be ready
for Whonix 14.)

Have you an estimation of Whonix 14 release date?

The json patch works in both versions of sdwdate-gui (was really minor changes).

It requires further testing and I will push “standard” sdwdate-gui.

1 Like

troubadour:

Have you an estimation of Whonix 14 release date?

The only missing things:

I want to have a new Whonix 14 testers-only version out at the end of
January.

If that doesn’t require changes, more testing, and bless it stable 2-4
weeks later or so.

The json patch works in both versions of sdwdate-gui (was really minor changes).

It requires further testing and I will push “standard” sdwdate-gui.

json sounds good. Please push.

(Just sdwdate-gui-qubes should go in to Whonix 15 as I anticipate all
the interaction could use a lot testing.)

json sounds good. Please push.

Before pushing, I would like to move the icons from swdate to sdwdate-gui in both versions, so that after this last change, sdwdate-gui non-qubes should be final for Whonix 14.

I know you made the move already, but it’s difficult to merge because of the other changes (remove pickle) and the encoding.

Ported you changes in show-message, with a bug fix (the hard way).

1 Like

Just override my all of my changes. (Or git revert.) My improvements worth forward porting could be manually re-applied after. (not that many.)

Done.

I created the bug.

sdwdate-gui and sdwdate use json. The icons are moved in sdwdate-gui.

1 Like