Opened 4 years ago

Last modified 4 months ago

#18994 new defect

Tor crashes after tor browser update running bridge mode in Windows

Reported by: eli Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tor broser, bridge mode
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In Win 7x86, running a bridge in tor browser:

  1. When updating tor browser 5.5.4 -> 5.5.5 from within the browser, at the last step of the update browser shuts down instead of restarting, OR when trying to restart tor browser 5.5.5 for any other reason while in bridge mode,
  2. The browser cannot be restarted manually. Error message is "Tor unexpectedly exited...." or "cannot open/find Control Port"

Process to restart the browser in bridge mode:

  1. Save torrc. Delete all other files from the installation folder. Reinstall tor browser, but DO NOT ALLOW TORRC TO START AUTOMATICALLY. (i.e., uncheck "start tor now")
  2. Copy the saved (bridge mode) torrc over the null torrc in ...\Tor Browser\Browser\TorBrowser\Data\Tor
  3. Restart tor browser, LETTING IT OPEN THE BROWSER AUTOMATICALLY.

Shutdowns/restarts work fine when the browser is in client mode, but I've only checked that on a Win 7x64 machine.

I can supply torrc and the bridge log (notice) if needed. I'll go through the above shutdown/restart rigmarole creating a debug log, but once again this will mean not letting the bridge go through its full lifecycle yet once again. - eliaz

Child Tickets

Change History (8)

comment:1 Changed 4 years ago by teor

Please supply the warning log message that tor logs right before exiting.
It will tell us what's wrong with your torrc or Tor Browser, and help us assign this bug ti the right component.

comment:2 in reply to:  1 Changed 4 years ago by eli

Replying to teor:

Please supply the warning log message that tor logs right before exiting.
It will tell us what's wrong with your torrc or Tor Browser, and help us assign this
bug ti the right component.

Here are the last lines from the last run that I closed down deliberately:

May 08 21:20:37.000 [notice] Bootstrapped 100%: Done
May 08 21:20:37.000 [notice] Now checking whether ORPort 71.126.229.56:443 is
reachable... (this may take up to 20 minutes -- look for log messages
indicating success)
May 08 21:20:38.000 [warn] Failure from drain_fd: No error
May 08 21:20:38.000 [notice] Self-testing indicates your ORPort is reachable
from the outside. Excellent. Publishing server descriptor.
May 08 21:20:40.000 [notice] New control connection opened from 127.0.0.1.
May 08 21:20:40.000 [notice] New control connection opened from 127.0.0.1.
May 08 21:20:41.000 [notice] Performing bandwidth self-test...done.
May 08 21:27:27.000 [notice] Owning controller connection has closed --
exiting now.
May 08 21:27:27.000 [notice] Catching signal TERM, exiting cleanly.

Over many runs there has been no [warn] associated with the shutdown. The
warning "Failure from drain_fd: No error" shown seven lines above the
shutdown appears that close only because I shut down after it happened to
appear - in longer runs it occurs way before the shutdown.
The notice "Owning controller connection has closed -- exiting now" has some
variations in other logs:

May 08 16:22:47.000 [notice] Monitored process 4128 is dead.
May 08 16:22:47.000 [notice] Owning controller process has vanished --
exiting now.

I hoped to catch the PID (I presume of firefox.exe or tor.exe) in this last
run, but I got the variant shown first above.

The last notice "Catching signal TERM, exiting cleanly" always appears.
HTH, eliaz

comment:3 Changed 4 years ago by teor

Severity: MajorNormal
Version: Tor: 0.2.7.6

Your Tor is running as a bridge relay using the Tor Browser bundle on Windows.
I'm not sure if that's something we support.
Where are those instructions from?

It's also worth noting that you just leaked your bridge's IP address, so it might be worth getting another IP address if it's static.

It looks like your torrc is not set up in a way that Tor Browser can find the ControlPort. Is the ControlPort on 9150 where Tor Browser expects it to be?

comment:4 in reply to:  3 Changed 4 years ago by eli

Replying to teor:

Your Tor is running as a bridge relay using the Tor Browser bundle on Windows.
I'm not sure if that's something we support.
Where are those instructions from?

It's also worth noting that you just leaked your bridge's IP address, so it might be worth getting another IP address if it's static.

It looks like your torrc is not set up in a way that Tor Browser can find the ControlPort. Is the ControlPort on 9150 where Tor Browser expects it to be?

Interesting questions. I have to knock off now, will answer them ASAP (= in a day or so as things are going. Thanks for the help.

comment:5 Changed 4 years ago by eli

Apologies for this tardy reply, day job has left me no time until this weekend. I did perform a number of other tests, nothing of interest to report.

comment by teor:

Your Tor is running as a bridge relay using the Tor Browser bundle > on Windows.
I'm not sure if that's something we support.
Where are those instructions from?


Nowhere. Based on my experience running windows bridges in previous versions of tor I assumed that the same could be done in tor browser 4+. I guess I should've taken the hint when torrc-defaults no longer had any suggestions for bridge lines. I did ask about this at help@… before I learned that it had been shut down.

FWIW: I'd bought a low-power box intending to dedicate it to running bridges 24/7, assuming that I could load a linux distro onto it. Turns out that's not true; the CPU/graphics chips, which are hardwired in, can't load Debian or even run it from a live USB or CD. So as long as I'm using that box I'll have to run tor for windows.

The other reason that I thought I should be able to run a bridge mode under tor browser is the windows bridges I'm seeing in .../server-descriptors/ .

(Admittedly a small number: currently less than 100. I haven't been able to make the time to extract previous numbers from archives. Tor browser in client mode is excellent; but are devs moving toward bridge mode being enabled in *nix only?)

It's also worth noting that you just leaked your bridge's IP address, > so it might be worth getting another IP address if it's static.

That may be because I've been testing different configurations, and not paying attention to DNS leakage. Could it be because I'm enabling SafeLogging 1 during tests?

It looks like your torrc is not set up in a way that Tor Browser can
find the ControlPort. Is the ControlPort on 9150 where Tor Browser
expects it to be?

Yes, that's the error msg about half the time. I was able to use ControlPortWriteToFile to identify the control port in previous configurations (I recall it was 9150, but I killed that log and may be misremembering.) In the few configurations I was able to (too quickly) run this past week, that line hasn't been producing output.

I guess I'll do a little more testing just to satisfy my curiosity. But since bridge mode is nonstandard and I don't expect help in this project, I'll give up the idea of running a reliable bridge until I can get a low-power linux-capable box that I can run 24/7. - eliaz

comment:6 in reply to:  5 ; Changed 4 years ago by teor

Replying to eli:

comment by teor:

Your Tor is running as a bridge relay using the Tor Browser bundle > on Windows.
I'm not sure if that's something we support.
Where are those instructions from?


Nowhere. Based on my experience running windows bridges in previous versions of tor I assumed that the same could be done in tor browser 4+. I guess I should've taken the hint when torrc-defaults no longer had any suggestions for bridge lines. I did ask about this at help@… before I learned that it had been shut down.

FWIW: I'd bought a low-power box intending to dedicate it to running bridges 24/7, assuming that I could load a linux distro onto it. Turns out that's not true; the CPU/graphics chips, which are hardwired in, can't load Debian or even run it from a live USB or CD. So as long as I'm using that box I'll have to run tor for windows.

The other reason that I thought I should be able to run a bridge mode under tor browser is the windows bridges I'm seeing in .../server-descriptors/ .

Do you mean bridges, or relays?

Bridges are relays with BridgeRelay 1 set in their torrc, and they don't appear in the standard set of Tor network descriptors.

The supported way of running a bridge or relay on Windows is using the expert bundle linked from https://www.torproject.org/download/download.html.en

(Admittedly a small number: currently less than 100. I haven't been able to make the time to extract previous numbers from archives. Tor browser in client mode is excellent; but are devs moving toward bridge mode being enabled in *nix only?)

No, we are happy for people to run relays or bridges on Windows, but it's not a very common configuration. So we sometimes have trouble debugging and maintaining it.

We would love people to test relays and bridges on Windows and help improve support for them.

It's also worth noting that you just leaked your bridge's IP address, > so it might be worth getting another IP address if it's static.

That may be because I've been testing different configurations, and not paying attention to DNS leakage. Could it be because I'm enabling SafeLogging 1 during tests?

Do you mean SafeLogging 0?
SafeLogging 1 is the default, and hides client IP addresses in some log messages.
But it doesn't hide bridge IP addresses, see #19060 for a suggested fix for this.

It looks like your torrc is not set up in a way that Tor Browser can
find the ControlPort. Is the ControlPort on 9150 where Tor Browser
expects it to be?

Yes, that's the error msg about half the time. I was able to use ControlPortWriteToFile to identify the control port in previous configurations (I recall it was 9150, but I killed that log and may be misremembering.) In the few configurations I was able to (too quickly) run this past week, that line hasn't been producing output.

Why not set a static ControlPort using ControlPort 9150?

comment:7 in reply to:  6 Changed 4 years ago by eli

Replying to teor:

Replying to eli:

comment by teor:

Your Tor is running as a bridge relay using the Tor Browser bundle > on Windows.
I'm not sure if that's something we support.
Where are those instructions from?


Nowhere. Based on my experience running windows bridges in previous versions of tor I assumed that the same could be done in tor browser 4+. I guess I should've taken the hint when torrc-defaults no longer had any suggestions for bridge lines. I did ask about this at help@… before I learned that it had been shut down.

FWIW: I'd bought a low-power box intending to dedicate it to running bridges 24/7, assuming that I could load a linux distro onto it. Turns out that's not true; the CPU/graphics chips, which are hardwired in, can't load Debian or even run it from a live USB or CD. So as long as I'm using that box I'll have to run tor for windows.

The other reason that I thought I should be able to run a bridge mode under tor browser is the windows bridges I'm seeing in .../server-descriptors/ .

Do you mean bridges, or relays?

Bridges.

Bridges are relays with BridgeRelay 1 set in their torrc, and they don't appear in the standard set of Tor network descriptors.

Yes, that's how I configure torrc.

The supported way of running a bridge or relay on Windows is using the expert bundle linked from https://www.torproject.org/download/download.html.en

Thanks, I was about to go looking for that.

(Admittedly a small number: currently less than 100. I haven't been able to make the time to extract previous numbers from archives. Tor browser in client mode is excellent; but are devs moving toward bridge mode being enabled in *nix only?)

No, we are happy for people to run relays or bridges on Windows, but it's not a very common configuration. So we sometimes have trouble debugging and maintaining it.

We would love people to test relays and bridges on Windows and help improve support for them.

Good. I'll teach myself how to build from source.

It's also worth noting that you just leaked your bridge's IP address, > so it might be worth getting another IP address if it's static.

That may be because I've been testing different configurations, and not paying attention to DNS leakage. Could it be because I'm enabling SafeLogging 1 during tests?

Do you mean SafeLogging 0?

Yes, sorry for the mistype. I do follow the instructions in tor-manual.html.en.pdf

SafeLogging 1 is the default, and hides client IP addresses in some log messages.
But it doesn't hide bridge IP addresses, see #19060 for a suggested fix for this.

Tnanks for this pointer.

It looks like your torrc is not set up in a way that Tor Browser can
find the ControlPort. Is the ControlPort on 9150 where Tor Browser
expects it to be?

Yes, that's the error msg about half the time. I was able to use ControlPortWriteToFile to identify the control port in previous configurations (I recall it was 9150, but I killed that log and may be misremembering.) In the few configurations I was able to (too quickly) run this past week, that line hasn't been producing output.

Why not set a static ControlPort using ControlPort 9150?

I did that, but for some reason it didn't work during last weeks trials. Probably something I overlooked during the rushed sessions. Will try again.

thanks again, I'll move along on all you've suggested. Unfortunately I don't get much time except on weekens, so more result s will come along slowly. FWIW here's the torrc I've generally been testing:

# This file was generated by Tor; if you edit it, comments will not be preserved
# The old torrc file was renamed to torrc.orig.1 or similar, and Tor will ignore it

BridgeRelay 1
ClientTransportPlugin obfs2,obfs3,obfs4,scramblesuit exec TorBrowser\Tor\PluggableTransports \obfs4proxy
ContactInfo eliaz [at] riseup.net
ControlPort 127.0.0.1:9150
ControlPortWriteToFile C:\Users\Ed Agro\AppData\Roaming\tor\Log\control-port160511-1705HRS.txt
DataDirectory C:\sources\tor\TBB installed\Tor Browser\Browser\TorBrowser\Data\Tor
ExitPolicy reject *:*
GeoIPFile C:\sources\tor\TBB installed\Tor Browser\Browser\TorBrowser\Data\Tor\geoip
GeoIPv6File C:\sources\tor\TBB installed\Tor Browser\Browser\TorBrowser\Data\Tor\geoip6
HiddenServiceStatistics 0
Log notice file C:\Users\Ed Agro\AppData\Roaming\tor\Log\bridge160511-1705HRS.txt
Nickname obfsmaus
NumCPUs 2
ORPort 443
PublishServerDescriptor bridge
RelayBandwidthBurst 196608
RelayBandwidthRate 79000
SafeLogging 0


comment:8 Changed 4 months ago by pili

Can we close this one?

Note: See TracTickets for help on using tickets.