tor: Error connecting to Tor control socket #13397

<!-- This issue tracker is only for technical issues related to Bitcoin Core. General bitcoin questions and/or support requests are best directed to the Bitcoin StackExchange at https://bitcoin.stackexchange.com. For reporting security issues, please read instructions at https://bitcoincore.org/en/contact/. If the node is "stuck" during sync or giving "block checksum mismatch" errors, please ensure your hardware is stable by running memtest and observe CPU temperature with a load-test tool such as linpack before creating an issue! -->

<!-- Describe the issue -->

bitcoin-0.16.0 (pre-compiled, downloaded from bitcoin.org) Debian Stretch

<!--- What behavior did you expect? -->

Following https://github.com/bitcoin/bitcoin/blob/master/doc/tor.md I face a couple of issues:

First, here's my current understanding: Tor offers two ways of being controlled on Linux.

1. TCP Control Port (by default 127.0.0.1:9051 but disabled)
2. Control Socket which is Unix Domain Socket (by default /run/tor/control on Debian)

By reading the Bitcoin Core Tor documentation, it sounds like the 2nd (newer) way is supported:

Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket API, to create and destroy 'ephemeral' hidden services programmatically. Bitcoin Core has been updated to make use of this.

That's what I'm trying to achieve. Tor Control Port (TCP) is disabled by default on Debian anyway, but Tor Control Socket is enabled. Here are the respective sections from the config files:

/etc/bitcoin/bitcoin.conf

# [debug]
debug=tor

# [network]
# Accept incoming connections from peers.   
listen=1
# connect to peers via Tor.
onlynet=onion
# Connect through <ip:port> SOCKS5 proxy.   
proxy=127.0.0.1:9050

/usr/share/tor/tor-service-defaults-torrc

User debian-tor

ControlSocket /var/run/tor/control GroupWritable RelaxDirModeCheck
ControlSocketsGroupWritable 1
SocksPort unix:/var/run/tor/socks WorldWritable
SocksPort 9050

CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /var/run/tor/control.authcookie

However, I get the following error in ~/.bitcoin/debug.log:

tor: Error connecting to Tor control socket
tor: Not connected to Tor control port 127.0.0.1:9051, trying to reconnect

The second error is expected, because Tor control port is disabled. But the first error is unexpected. It's not a file permision issue, because I added the user who runs bitcoind to the group debian-tor:

$ ls -la /run/tor/
total 8
drwxr-sr-x  2 debian-tor debian-tor 100 ---  - --:-- .
drwxr-xr-x 20 root       root       760 ---  - --:-- ..
srw-rw----  1 debian-tor debian-tor   0 ---  - --:-- control
-rw-rw----  1 debian-tor debian-tor  32 ---  - --:-- control.authcookie
-rw-r--r--  1 debian-tor debian-tor   5 ---  - --:-- tor.pid

$ cat /etc/group | grep bitcoind
debian-tor:x:114:bitcoind

ps aux | grep bitcoind
bitcoind  ----  ---  --- ------ ----- ?        Rsl  --:--   --:-- /usr/local/bin/bitcoind -daemon -conf=/etc/bitcoin/bitcoin.conf -pid=/run/bitcoind/bitcoind.pid -rpccookiefile=/run/bitcoind/authcookie

I also tried to explictly tell bitcoind the path to the control socket by adding torcontrol=/run/tor/control as a config option:

# [debug]
debug=tor

# [network]
# Accept incoming connections from peers.   
listen=1
# connect to peers via Tor.
onlynet=onion
torcontrol=/run/tor/control

However, this results the following error:

tor: Error parsing socket address /run/tor/control
tor: Initiating connection to Tor control port /run/tor/control failed

So obviously, the torcontrol option only allows to specify the TCP Tor control port. How does bitcoind know the path to the Tor control socket? Is there an undocumented config option to set it? Is it hard coded? Or is the documentation just ambiguous and it isn't supported yet?

Final issue with the documentation is:

For cookie authentication the user running bitcoind must have write access to the CookieAuthFile specified in Tor configuration.

Why write access??? Read access should be sufficient! It's just the cookie file.

<!--- What was the actual behavior (provide screenshots if the issue is GUI-related)? -->

<!--- How reliably can you reproduce the issue, what are the steps to do so? -->

<!-- What version of Bitcoin Core are you using, where did you get it (website, self-compiled, etc)? -->

<!-- What type of machine are you observing the error on (OS/CPU and disk type)? -->

<!-- Any extra information that might be useful in the debugging process. -->

<!--- This is normally the contents of a `debug.log` or `config.log` file. Raw text or a link to a pastebin type site are preferred. -->

Bitcoin Core does not support interacting with Tor's control protocol through unix sockets. The use of the term "socket" in Bitcoin Core's tor doc and in the error message: "tor: Error connecting to Tor control socket" does not imply unix sockets.
For clarity Bitcoin Core's tor doc should say "through Tor's control protocol API".
The issue with the cookie file has been addressed in fb97437efa06acfbe75a5e34d8bbf8388d5f6432

why is this issue still open?

@pruflyos Let me know if this is still an issue with a recent version of Bitcoin Core