Internal Tor configuration for the scanner

The scanner needs a specific Tor configuration. The following options are either set when launching Tor or required when connection to an existing Tor daemon.

Default configuration:

• SocksPort auto: To proxy requests over Tor.
• CookieAuthentication 1: The easiest way to authenticate to Tor.
• UseEntryGuards 0: To avoid path bias warnings.
• UseMicrodescriptors 0: Because full server descriptors are needed.
• SafeLogging 0: Useful for logging, since there’s no need for anonymity.
• LogTimeGranularity 1
• ProtocolWarnings 1
• FetchDirInfoEarly 1
• FetchDirInfoExtraEarly 1: Respond to MaxAdvertisedBandwidth as soon as possible.
• FetchUselessDescriptors 1: Keep fetching descriptors, even when idle.
• LearnCircuitBuildTimeout 0: To keep circuit build timeouts static.

Configuration that depends on the user configuration file:

• CircuitBuildTimeout ...: The timeout trying to build a circuit.
• DataDirectory ...: The Tor data directory path.
• PidFile ...: The Tor PID file path.
• ControlSocket ...: The Tor control socket path.
• Log notice ...: The Tor log level and path.

Configuration that needs to be set on runtime:

• __DisablePredictedCircuits 1: To build custom circuits.
• __LeaveStreamsUnattached 1: The scanner is attaching the streams itself.

Configuration that can be set on runtime and fail:

• ConnectionPadding 0: Useful for avoiding extra traffic, since scanner anonymity is not a goal.

Currently most of the code that sets this configuration is in sbws.util.stem.launch_tor() and the default configuration is sbws/globals.py.

Note

the location of this code is being refactored.