Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#19374 closed defect (not a bug)

DNSPort broken on OpenBSD 5.9

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version: Tor: 0.2.7.6
Severity: Major Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hello,

I am unable to use DNSPort on OpenBSD. The syslog says the port has opened correctly, and I see it in netstat:

udp          0      0  localhost.10000        *.*

However, there is no "LISTEN" as you can see. And when I use nslookup, I get:

Abort trap (core dumped)

Also when I run a second instance with only DNSPort set to the same, this is the output:

Jun 10 17:14:31.857 [notice] Tor v0.2.7.6 running on OpenBSD with Libevent 2.0.22-stable, OpenSSL LibreSSL 2.3.2 and Zlib 1.2.3.
Jun 10 17:14:31.857 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Jun 10 17:14:31.857 [notice] Read configuration file "/home/user/config".
Jun 10 17:14:31.860 [notice] Opening Socks listener on 127.0.0.1:9050
Jun 10 17:14:31.860 [notice] Opening DNS listener on 127.0.0.1:10000
Jun 10 17:14:31.860 [warn] Could not bind to 127.0.0.1:10000: Address already in use. Is Tor already running?
Jun 10 17:14:31.860 [notice] Closing partially-constructed Socks listener on 127.0.0.1:9050
Jun 10 17:14:31.860 [warn] Failed to parse/validate config: Failed to bind one of the listener ports.
Jun 10 17:14:31.860 [err] Reading config failed--see warnings above.

Child Tickets

Change History (6)

comment:1 Changed 4 years ago by nickm

Milestone: Tor: 0.2.9.x-final
Status: newneeds_information

Hm. Do you usually see "listen" on UDP sockets?

What crashes when you use nslookup -- tor, or the nslookup program? Can you get a stack trace?

(The output with the second instance is as expected if there is already a different process using that socket.)

comment:2 Changed 4 years ago by attila

I believe this is the answer: http://marc.info/?l=openbsd-cvs&m=144575914409861&w=2

When {dig,nslookup} were modified to use pledge(2)
the ability to change what port was used for the lookup was turned off, since it would
violate pledge("dns") to use an arbitrary port.

nslookup is dumping core because of the broken promise to pledge(2). This is also
why your second invocation of tor complains about the port being open: nothing happened
to the first instance, it's still running with that port open.

At least, that's my read on this. Using arbitrary ports for DNS lookups using the programs
in base (dig, nslookup) is not going to work. Nothing to do with tor.

Hope this helps.

Last edited 4 years ago by attila (previous) (diff)

comment:3 Changed 4 years ago by nickm

Thanks, attila! Makes sense to me. I'm going to close this as "notabug", but please reopen if there is something here that we missed.

(Also pledge looks cool.)

comment:4 Changed 4 years ago by nickm

Resolution: not a bug
Status: needs_informationclosed

Thanks, attila! Makes sense to me. I'm going to close this as "notabug", but please reopen if there is something here that we missed.

(Also pledge looks cool.)

comment:5 Changed 4 years ago by cypherpunks

Aha, thank you so much attila and nickm. My apologies for mistakenly filing a bug report here.

comment:6 Changed 4 years ago by nickm

No worries; I'd rather get a few false positives than run the risk of missing a real bug. Cheers!

Note: See TracTickets for help on using tickets.