Add support for creating a V3 onion service hosted on the IOS device.

Question

Add support for creating a V3 onion service hosted on the IOS device.

Baccount opened this issue 7 years ago · 11 comments

Add support for creating a V3 onion service hosted on the IOS device, making it possible to develop a version of Onionshare for IOS.

Answer 1 · 2020-08-05T15:29:42.000Z

Is it possible to create a v2 ?

Answer 2 · 2020-08-06T01:59:44.000Z

@Fonta1n3 V2 services will be officially deprecated on September 15th, 2020 and officially removed from the stable code base on October 15th, 2021. So there's no reason to support them. It's not currently possible to create a V2 onion service using this framework on iOS.

https://blog.torproject.org/v2-deprecation-timeline

Answer 3 · 2020-08-06T04:43:35.000Z

Understood, i was just wondering if it was possible. Would be really cool if it was...

Answer 4 · 2020-08-06T08:37:33.000Z

All iOS apps will be stopped after ~3 minutes in the background, latest, and their network resources taken away.

You would need to do it in a Network Extension (which we couldn't run Tor stable in, yet) or as an app, which is kept in the foreground.

Then, I guess, it should be doable.

Report on your progress, esp. when you dive into Network Extensions. I'm curious about your learnings!

Answer 5 · 2020-08-06T08:40:26.000Z

All iOS apps will be stopped after ~3 minutes in the background, latest, and their network resources taken away.

You would need to do it in a Network Extension (which we couldn't run Tor stable in, yet) or as an app, which is kept in the foreground.

Then, I guess, it should be doable.

Report on your progress, esp. when you dive into Network Extensions. I'm curious about your learnings!

In my use case I would only theoretically need a static HS hosted from the app while the user is actively using the app in the foreground, with that in mind, can I simply create the HS via the config options as normal? I guess I can find out :)

Answer 6 · 2020-08-06T10:01:45.000Z

In my use case I would only theoretically need a static HS hosted from the app while the user is actively using the app in the foreground, with that in mind, can I simply create the HS via the config options as normal? I guess I can find out :)

It's a full fledged Tor, so, yes. Although I have to admit that I don't have a clue about setting up a service. Never done that. But, besides that: whatever you have to do on a normal computer, you need to do on iOS.

Of course you also need to have a (HTTP?) server set up listening on a localhost port, I guess. Which should be no problem. In my experience, iOS doesn't limit apps in that regard at all.

Answer 7 · 2020-09-12T13:27:07.000Z

I got it working on macOS via a Catalyst build, very cool indeed.

I imagine it will be exactly the same for iOS. My only issue is Tor looks for the torrc like so:
Sep 12 21:20:34.124 [notice] Configuration file "/private/var/mobile/Containers/Data/Application/F8EB4E2E-E8AD-4839-B699-B0A8279E2688/.torrc" not present, using reasonable defaults.

The issue is /private/var/mobile/Containers/Data/Application/F8EB4E2E-E8AD-4839-B699-B0A8279E2688/ is not writable on iOS, you need to specify one directory up from there to work with as I am sure you know.

I have tried passing config args such as -f <path> to utilize a custom directory for the torrc but get an error about f option not recognized, similarly for --defaults-torrc <path>

Do you have any ideas how I may specify my ow torrc in iOS? Ideally pointing it to a path that is writable.

Thanks

Answer 8 · 2020-09-12T17:52:36.000Z

@Fonta1n3 It's definitely possible. I got a proof of concept working a number of years ago using CPAProxy: https://github.com/chrisballinger/ChatSecure-Mac/blob/a1bb6323d029f8a857eca5cddb0b060f09894d15/TorService/TorService.m#L65

Answer 9 · 2020-09-13T01:50:21.000Z

@Fonta1n3 It's definitely possible. I got a proof of concept working a number of years ago using CPAProxy: https://github.com/chrisballinger/ChatSecure-Mac/blob/a1bb6323d029f8a857eca5cddb0b060f09894d15/TorService/TorService.m#L65

Thanks for that @chrisballinger , however that looks like a Mac version? I have it working on Mac no issue, my problem is with iOS the default location where Tor looks for the torrc is not a writable location no matter what you do :( afaik

Answer 10 · 2020-09-13T01:57:04.000Z

@Fonta1n3 It's definitely possible. I got a proof of concept working a number of years ago using CPAProxy: https://github.com/chrisballinger/ChatSecure-Mac/blob/a1bb6323d029f8a857eca5cddb0b060f09894d15/TorService/TorService.m#L65

Thanks for that @chrisballinger , however that looks like a Mac version? I have it working on Mac no issue, my problem is with iOS the default location where Tor looks for the torrc is not a writable location no matter what you do :( afaik

If you look at how that project does it, it passes a custom torrc path that is within the macOS process sandbox, which functions similarly to the iOS sandbox. Tor.framework likely just needs to be modified to accept a custom torrc path similarly to how CPAProxy does.

Answer 11 · 2022-02-21T12:44:05.000Z

Heyhey!

This is finally fully supported within Tor.framework:

https://github.com/iCepa/Tor.framework/blob/pure_pod/Tor/Classes/TORConfiguration.h#L20-L21
https://github.com/iCepa/Tor.framework/blob/pure_pod/Tor/Classes/TOROnionAuth.h
https://github.com/iCepa/Tor.framework/blob/pure_pod/Tor/Classes/TORX25519KeyPair.h

Here's a reference implementation:
https://github.com/onionshare/onionshare-ios