Opened 5 years ago

Closed 16 months ago

#11616 closed defect (wontfix)

ooni-backend (oonib) doesn't prompt any error when Tor is killed or crashes

Reported by: anadahz Owned by: hellais
Priority: Medium Milestone:
Component: Archived/Ooni Version:
Severity: Normal Keywords: archived-closed-2018-07-04
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

It seems that I can always reproduce this case.
ooni-backend doesn't report any connection issues with Tor.

  1. Running ooni-backend in virtualenv (debug mode)

# oonib.conf

main:
    report_dir: data/reports/
    archive_dir: data/archive/
    input_dir: data/inputs/
    deck_dir: data/decks/
    policy_file: data/policy.yaml
    bouncer_file: data/bouncer.yaml

    logfile: null
    tor_datadir: null
    database_uri: 'sqlite://oonib_test_db.db'
    db_threadpool_size: 10
    tor_binary: null
    socks_port: 9055
    tor2webmode: false
    pidfile: 'oonib.pid'
    nodaemon: true
    originalname: null
    chroot: null
    rundir: .
    umask: null
    euid: null
    uid: null
    gid: null
    uuid: null
    no_save: true
    profile: null
    debug: true
    stale_time: 3600

    tor_hidden_service: true

helpers:
    http-return-json-headers:
        address: null
        port: 57001
    gid: null
    uuid: null
    no_save: true
    profile: null
    debug: true
    stale_time: 3600

    tor_hidden_service: true

helpers:
    http-return-json-headers:
        address: null
        port: 57001
        server_version: Apache

    tcp-echo:
        address: null
        port: 57002

    daphn3:
        address: null
        yaml_file: null
        pcap_file: null
        port: 57003

    dns:
        address: null
        udp_port: 57004
        tcp_port: 57005
        resolver_address: '8.8.8.8:53'

    ssl:
        address: null
        private_key: 'private.key'
        certificate: 'certificate.crt'
        port: 57006

$ oonib --version
Twisted version: 13.2.0

# git commit https://github.com/TheTorProject/ooni-backend/commit/7b35b7fa5a3d81f6574c7494cde0ac705d4e2cea

$ oonib

Starting SSL helper on 57006
Starting TCP DNS Helper on 57005
Starting UDP DNS Helper on 57004
Starting Daphn3 helper on 57003
Starting TCP echo helper on 57002
Starting HTTP return request helper on 57001
Log opened.
HTTPReturnJSONHeadersHelper (TLS) starting on 57006
Starting factory <oonib.testhelpers.http_helpers.HTTPReturnJSONHeadersHelper instance at 0x420fcb0>
DNSTestHelper starting on 57005
Starting factory <oonib.testhelpers.dns_helpers.DNSTestHelper instance at 0x420fd88>
DNSDatagramProtocol starting on 57004
Starting protocol <twisted.names.dns.DNSDatagramProtocol object at 0x4214850>
Daphn3Server starting on 57003
Starting factory <oonib.testhelpers.tcp_helpers.Daphn3Server instance at 0x4219560>
TCPEchoHelper starting on 57002
Starting factory <oonib.testhelpers.tcp_helpers.TCPEchoHelper instance at 0x4219758>
HTTPReturnJSONHeadersHelper starting on 57001
Starting factory <oonib.testhelpers.http_helpers.HTTPReturnJSONHeadersHelper instance at 0x42197e8>
[W] Option 'tor_datadir' in oonib.conf is unspecified!
[W] Using /tmp/tmp1NH5ua
> /home/user/.virtualenvs/oonib/local/lib/python2.7/site-packages/twisted/internet/base.py(1191)run()
-> self.mainLoop()
(Pdb) n
5%: Connecting to directory server
10%: Finishing handshake with directory server
15%: Establishing an encrypted directory connection
20%: Asking for networkstatus consensus
25%: Loading networkstatus consensus
40%: Loading authority key certs
45%: Asking for relay descriptors
50%: Loading relay descriptors
52%: Loading relay descriptors
54%: Loading relay descriptors
56%: Loading relay descriptors
59%: Loading relay descriptors
61%: Loading relay descriptors
63%: Loading relay descriptors
66%: Loading relay descriptors
68%: Loading relay descriptors
70%: Loading relay descriptors
73%: Loading relay descriptors
75%: Loading relay descriptors
77%: Loading relay descriptors
80%: Connecting to the Tor network
90%: Establishing a Tor circuit
100%: Done
Application starting on 64535
Starting factory <cyclone.web.Application instance at 0x3eba7a0>
Exposed collector Tor hidden service on httpo://xxxxxxxxx.onion
Application starting on 16140
Starting factory <cyclone.web.Application instance at 0x3eba560>
Exposed bouncer Tor hidden service on httpo://yyyyyyyyyyyyy.onion
  1. Tor service is being stopped and all instances of Tor killed

$ service tor stop ; killall tor

  1. Running ooniprobe pointing to our collector.

# ~/.ooni/ooniprobe.conf

# This is the configuration file for OONIProbe
# This file follows the YAML markup format: http://yaml.org/spec/1.2/spec.html
# Keep in mind that indentation matters.

basic:
    # Where OONIProbe should be writing it's log file
    logfile: ~/.ooni/ooniprobe.log
privacy:
    # Should we include the IP address of the probe in the report?
    includeip: false
    # Should we include the ASN of the probe in the report?
    includeasn: true
    # Should we include the country as reported by GeoIP in the report?
    includecountry: true
    # Should we include the city as reported by GeoIP in the report?
    includecity: false
    # Should we collect a full packet capture on the client?
    includepcap: false
reports:
    # This is a packet capture file (.pcap) to load as a test:
    pcap: null
    #collector: 'httpo://fyifjaxdhdil6m5f.onion'
    collector: 'httpo://xxxxxxxxx.onion'

advanced:
    geoip_data_dir: /home/user/.virtualenvs/ooniprobe/share/ooni
    debug: false
    # enable if auto detection fails
    #tor_binary: /usr/sbin/tor
    #obfsproxy_binary: /usr/bin/obfsproxy
    # For auto detection
    interface: auto
    # Of specify a specific interface
    #interface: wlan0
    # If you do not specify start_tor, you will have to have Tor running and
    # explicitly set the control port and SOCKS port
   # For auto detection
    interface: auto
    # Of specify a specific interface
    #interface: wlan0
    # If you do not specify start_tor, you will have to have Tor running and
    # explicitly set the control port and SOCKS port
    start_tor: true
    # After how many seconds we should give up on a particular measurement
    measurement_timeout: 60
    # After how many retries we should give up on a measurement
    measurement_retries: 2
    # How many measurments to perform concurrently
    measurement_concurrency: 10
    # After how may seconds we should give up reporting
    reporting_timeout: 80
    # After how many retries to give up on reporting
    reporting_retries: 3
    # How many reports to perform concurrently
    reporting_concurrency: 15
    # Specify here a custom data_dir path
    data_dir: /home/user/.virtualenvs/ooniprobe/share/ooni
    oonid_api_port: 8042
tor:
    #socks_port: 8801
    #control_port: 8802
    # Specify the absolute path to the Tor bridges to use for testing
    #bridges: bridges.list
    # Specify path of the tor datadirectory.
    # This should be set to something to avoid having Tor download each time
    # the descriptors and consensus data.
    #data_dir: ~/.tor/
    torrc:
        #HTTPProxy: host:port
        #HTTPProxyAuthenticator: user:password
        #HTTPSProxy: host:port
        #HTTPSProxyAuthenticator: user:password

$ ooniprobe --version
WARNING: running ooniprobe involves some risk that varies greatly

from country to country. You should be aware of this when
running the tool. Read more about this in the README.

Twisted version: 13.2.0

# git commit https://github.com/TheTorProject/ooni-probe/commit/2fb54faf3b4e6c08270aba6daa4d212dc9328252

$ ooniprobe blocking/http_requests -u http://www.google.com

# ooniprobe.log

2:31+0200 [-] Starting Tor...
2:33+0200 [TorControlProtocol,client] 10%: Finishing handshake with directory server
2:33+0200 [TorControlProtocol,client] 15%: Establishing an encrypted directory connection
2:33+0200 [TorControlProtocol,client] 20%: Asking for networkstatus consensus
2:33+0200 [TorControlProtocol,client] 25%: Loading networkstatus consensus
2:36+0200 [TorControlProtocol,client] 40%: Loading authority key certs
2:36+0200 [TorControlProtocol,client] 45%: Asking for relay descriptors
2:37+0200 [TorControlProtocol,client] 50%: Loading relay descriptors
2:38+0200 [TorControlProtocol,client] 52%: Loading relay descriptors
2:38+0200 [TorControlProtocol,client] 54%: Loading relay descriptors
2:38+0200 [TorControlProtocol,client] 56%: Loading relay descriptors
2:38+0200 [TorControlProtocol,client] 59%: Loading relay descriptors
2:38+0200 [TorControlProtocol,client] 61%: Loading relay descriptors
2:38+0200 [TorControlProtocol,client] 63%: Loading relay descriptors
2:39+0200 [TorControlProtocol,client] 66%: Loading relay descriptors
2:39+0200 [TorControlProtocol,client] 68%: Loading relay descriptors
2:39+0200 [TorControlProtocol,client] 70%: Loading relay descriptors
2:39+0200 [TorControlProtocol,client] 73%: Loading relay descriptors
2:39+0200 [TorControlProtocol,client] 75%: Loading relay descriptors
2:39+0200 [TorControlProtocol,client] 77%: Loading relay descriptors
2:47+0200 [TorControlProtocol,client] 80%: Connecting to the Tor network
2:47+0200 [TorControlProtocol,client] 90%: Establishing a Tor circuit
2:47+0200 [TorControlProtocol,client] 100%: Done
2:48+0200 [TorControlProtocol,client] Successfully bootstrapped Tor
2:48+0200 [TorControlProtocol,client] Found your IP via Tor 188.4.30.189
2:48+0200 [TorControlProtocol,client] Fetching required net test inputs...
2:48+0200 [TorControlProtocol,client] Looking up test helpers...
4:50+0200 [ParserProtocol,client] [!] Lookup failed. Retrying.
5:16+0200 [ParserProtocol,client] We will include some geo data in the report
5:16+0200 [ParserProtocol,client] Setting collector and test helpers for http_requests_test
5:16+0200 [ParserProtocol,client] Using the default collector: httpo://ihiderha53f36lsd.onion
5:16+0200 [ParserProtocol,client] We will include some geo data in the report
5:16+0200 [ParserProtocol,client] Reporting using collector: httpo://xxxxxxxxx.onion
5:16+0200 [ParserProtocol,client] We will include some geo data in the report
5:16+0200 [ParserProtocol,client] Reporting http://xxxxxxxxx.onion/report
5:16+0200 [ParserProtocol,client] Creating report with OONIB Reporter. Please be patient.
5:16+0200 [ParserProtocol,client] This may take up to 1-2 minutes...
5:30+0200 [ParserProtocol,client] [!] Host is not reachable (HostUnreachable error
5:30+0200 [ParserProtocol,client] [!] Failed to open <ooni.reporter.OONIBReporter object at 0x3c60f50> reporter, giving up...
5:30+0200 [ParserProtocol,client] [!] Reporter <ooni.reporter.OONIBReporter object at 0x3c60f50> failed, removing from report...
5:30+0200 [ParserProtocol,client] Performing GET request to http://www.google.com over Tor
5:30+0200 [ParserProtocol,client] Performing GET request to http://www.google.com
5:31+0200 [ParserProtocol,client] The two body lengths appear to match
5:31+0200 [ParserProtocol,client] censorship is probably not happening
5:31+0200 [ParserProtocol,client] Headers appear to match
5:31+0200 [ParserProtocol,client] Summary for http_requests_test
5:31+0200 [ParserProtocol,client] ------------------------------
5:31+0200 [-] Main loop terminated.

Child Tickets

Change History (6)

comment:1 Changed 5 years ago by hellais

So I think the issue is the fact that you are not waiting enough time for the Tor Hidden Service to be published to the HSDir. To be sure that every time you restart oonib a new HS address is not being generated you should set tor_datadir: to some directory where we will store the keys of the HS for the collector.

comment:2 in reply to:  1 Changed 5 years ago by anadahz

Replying to hellais:

To be sure that every time you restart oonib a new HS address is not being generated you should set tor_datadir: to some directory where we will store the keys of the HS for the collector.

Is this possible in a python virtualenv?

comment:3 Changed 5 years ago by anadahz

Issue remains while using tor_datadir: option to some directory inside virtualenv.

comment:4 Changed 5 years ago by hellais

Summary: ooni-backend (oonib) doesn't prompt any error when Tor connection is lostooni-backend (oonib) doesn't prompt any error when Tor is killed or crashes

comment:5 Changed 23 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:6 Changed 16 months ago by teor

Keywords: archived-closed-2018-07-04 added
Resolution: wontfix
Status: newclosed

Close all tickets in archived components

Note: See TracTickets for help on using tickets.