Skip to content

Add OS Detection and Configuration for Tails and Whonix (Tor Connection) #1091

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Add OS Detection and Configuration for Tails and Whonix (Tor Connection) #1091

wants to merge 2 commits into from

Conversation

Honey-Loverr
Copy link

@Honey-Loverr Honey-Loverr commented Mar 9, 2025
edited
Loading

Summary

Make Tor Connection Tails & Whonix friendly

This merge request introduces OS detection for Tails and Whonix, and configures the Tor connection accordingly. The changes ensure that the application correctly identifies when it is running on Tails or Whonix and configures the Tor connection to use the appropriate settings.

Changes

  1. New File: os_detection.dart

    • Added a new file lib/os_detection.dart that contains the OSDetector class. This class provides methods to detect if the application is running on Tails or Whonix operating systems.
    import 'dart:io';

class OSDetector {
  static Future<bool> isTails() async {
    try {
      final osReleaseFile = File('/etc/os-release');
      if (await osReleaseFile.exists()) {
        final osReleaseContent = await osReleaseFile.readAsString();
        return osReleaseContent.contains('Tails');
      }
    } catch (e) {
      print('Error detecting Tails: $e');
    }
    return false;
  }

  static Future<bool> isWhonix() async {
    try {
      final whonixVersionFile = File('/etc/whonix_version');
      return await whonixVersionFile.exists();
    } catch (e) {
      print('Error detecting Whonix: $e');
    }
    return false;
  }
}

  2. Modified File: main.dart

    • Updated lib/main.dart to include the new os_detection.dart and implement OS detection and Tor configuration logic in the main function.

    • Import Statement:
      Added the import statement for os_detection.dart.

      import 'os_detection.dart';

    • OS Detection and Tor Configuration:
      Added logic in the main function to detect if the application is running on Tails or Whonix and configure the Tor connection accordingly.

      void main(List<String> args) async {
  WidgetsFlutterBinding.ensureInitialized();

  // Add OS detection and Tor configuration
  final isTails = await OSDetector.isTails();
  final isWhonix = await OSDetector.isWhonix();

  if (isTails) {
    print('Tails detected, configuring Tor to use 127.0.0.1:9050');
    // Configure Tor to use 127.0.0.1:9050
    TorService.sharedInstance.init(
      torDataDirPath: (await StackFileSystem.applicationTorDirectory()).path,
      proxySettings: {
        'host': '127.0.0.1',
        'port': 9050,
        'type': 'socks5h',
      },
    );
    await TorService.sharedInstance.start();
  } else if (isWhonix) {
    print('Whonix detected, using gateway Tor');
    // No need to configure Tor, just notify the user
  } else {
    // Existing Tor initialization
    if (Prefs.instance.useTor) {
      TorService.sharedInstance.init(
        torDataDirPath: (await StackFileSystem.applicationTorDirectory()).path,
      );
      await TorService.sharedInstance.start();
    }
  }

  // Rest of the existing main function...
  ...
}

Purpose

The purpose of these changes is to ensure that the application can detect when it is running on Tails or Whonix and configure the Tor connection appropriately. This improves the application's compatibility and security in privacy-focused operating systems.

Testing

  • Tails Detection:
  • Whonix Detection:
    • Run the application on Whonix OS and verify that the appropriate messages are logged, and the Tor connection uses the gateway Tor settings. (This is to avoid Tor over Tor conflicts)
  • Other OS:
    • Run the application on other operating systems to ensure that the existing Tor initialization logic is executed correctly.

Documentation

Please review the changes and let me know if there are any questions or further adjustments needed.
I think this is a good starting point to make Stack Wallet Tails and Whonix friendly.

@Honey-Loverr
Create os_detection.dart
dd74997
@Honey-Loverr
Update main.dart
5a4144a 
Add OS detection and Tor configuration for Tails/Whonix
@Honey-Loverr
Copy link
Author

@sneurlax
@rehrar

After looking at the socks_socket.dart I think the Tor configuration above might be wrong? It is key when using Tails or already have Tor daemon running to use that socks port (default is 9050) on linux. Personally I would like the option to use my system tor daemon running over the one with the stack wallet. Tails cant use the bundled tor that is included with stack wallet due to this. The only way to use it currently on Tails or with another tor instance running is with torsocks command. This however is not user friendly to people that aren't cli familiar or new to linux. I think this would be nice and fairly easy to implement for a plug n play feel in the UI/settings.

Also not sure how SOCKS5 is used in dart implementation but SOCKS5h proxies the DNS requests through the proxy server, while standard SOCKS5 does not if my understanding is correct?

It would also be great if the Tor setting had an input field in the UI that the user could input the socks port (e.g. port 9050). The /etc/os-release that is used to detect if the system is Tails would then input this field/connection setting.

While the detecting that the system is Whonix workstation by the existence of file /etc/whonix_version specific to Whonix (e.g. for systemcheck and updates) would state in UI that Tor is connected via gateway.

@julian-CStack
Copy link
Collaborator

It may be better to add a proxy settings page and set things up to run network calls through that.

Tor is currently very self contained in stack wallet so there would be some setup required for this.

There is an issue with some coins in stack wallet whose libraries do their own networking and do not support proxies. Eth being an example. Most will work with a socks5 proxy though.

Re the above comment and code snippets:
TorService.sharedInstance.init and TorService.sharedInstance.start will start a Tor daemon and find an open port to use locally so plugging into the TorService will require some refactoring and additional functionality added.

@Kyouju1
Copy link

Kyouju1 commented Mar 25, 2025
edited
Loading

final whonixVersionFile = File('/etc/whonix_version');

While /etc/whonix_version might be valid I would change it along the lines to this Whonix documentation Programmatically_Detecting_Whonix

I think starting with a manual proxy setting within the Tor setting like @julian-CStack stated would be a good start then you could use the os detection to set those upon first start if those are detected. If they are already set then do nothing.

@sneurlax sneurlax mentioned this pull request Apr 28, 2025
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Honey-Loverr @julian-CStack @Kyouju1