Opened 11 months ago
Closed 6 months ago
#25529 closed defect (not a bug)
Tor not reading torrc-defaults when started from command line, while it reads it successfully when started from Tor Browser
Reported by: | omareg94 | Owned by: | tbb-team |
---|---|---|---|
Priority: | Medium | Milestone: | |
Component: | Core Tor/Tor | Version: | Tor: 0.3.2.10 |
Severity: | Normal | Keywords: | torrc torrc-defaults defaults meek tor-browser-bundle configuration bridge pluggable-transports connection |
Cc: | Actual Points: | ||
Parent ID: | Points: | ||
Reviewer: | Sponsor: |
Description
I'm using this command in order to start Tor from command line (Windows 10):
cd "C:\Tor Browser\Browser\" "C:\Tor Browser\Browser\TorBrowser\Tor\tor.exe" -f "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc" | more
Some times Tor is able to connect successfully, but many times problems occur. On the other side when starting Tor from Browser, the problems never happen and every thing go smoothly.
Comparison between my experience of starting Tor from command line and starting it from Tor Browser:
When starting Tor from command line:
Connection hangs a lot. And when I have some request like:
curl --socks5-hostname localhost:9050 http://checkip.amazonaws.com/
I get:
curl: (7) Can't complete SOCKS5 connection to 0.0.0.0:0. (6)
When starting Tor from Tor Browser:
Everything goes very smooth and no hanging happens. Even the same meek address is being used and hasn't changed.
So, I guess the problem isn't with the meek address, I think I'm missing something with the configuration when starting Tor from command line.
A log snippet of starting Tor from command line:
Mar 11 05:04:03.000 [notice] Tor 0.3.2.10 opening new log file. Mar 11 05:04:03.000 [notice] Tor 0.3.2.10 running on Windows 8 with Libevent 2.0.22-stable, OpenSSL 1.0.2n, Zlib 1.2.8, Liblzma N/A, and Libzstd N/A. Mar 11 05:04:03.000 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Mar 11 05:04:03.000 [notice] Read configuration file "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc". Mar 11 05:04:03.000 [notice] Scheduler type KISTLite has been enabled. Mar 11 05:04:03.000 [notice] Opening Socks listener on 127.0.0.1:9050 Mar 11 05:04:03.000 [notice] Opening Control listener on 127.0.0.1:9051 Mar 11 05:04:03.000 [notice] Parsing GEOIP IPv4 file C:\Tor Browser\Browser\TorBrowser\Data\Tor\geoip. Mar 11 05:04:04.000 [notice] Parsing GEOIP IPv6 file C:\Tor Browser\Browser\TorBrowser\Data\Tor\geoip6. Mar 11 05:04:06.000 [notice] Bootstrapped 0%: Starting Mar 11 05:04:10.000 [notice] Starting with guard context "bridges" Mar 11 05:04:10.000 [notice] new bridge descriptor 'TorLandMeek' (cached): $A1A1234A123AB12345A1234A1A1234A123456789~TorLandMeek at 0.0.2.0 Mar 11 05:04:10.000 [notice] Bootstrapped 80%: Connecting to the Tor network Mar 11 05:04:12.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Mar 11 05:04:13.000 [notice] Delaying directory fetches: No running bridges Mar 11 05:07:12.000 [notice] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) Mar 11 05:07:39.000 [notice] Application request when we haven't received a consensus with exits. Optimistically trying known bridges again. Mar 11 05:07:41.000 [notice] Delaying directory fetches: No running bridges Mar 11 05:09:39.000 [notice] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit) Mar 11 05:09:49.000 [notice] Application request when we haven't received a consensus with exits. Optimistically trying known bridges again. Mar 11 05:09:51.000 [notice] Delaying directory fetches: No running bridges Mar 11 05:11:50.000 [notice] Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for circuit)
A log snippet of starting Tor from Tor Browser:
Mar 11 05:12:10.000 [notice] Tor 0.3.2.10 opening log file. Mar 11 05:12:10.000 [notice] Tor 0.3.2.10 running on Windows 8 with Libevent 2.0.22-stable, OpenSSL 1.0.2n, Zlib 1.2.8, Liblzma N/A, and Libzstd N/A. Mar 11 05:12:10.000 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Mar 11 05:12:10.000 [notice] Read configuration file "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc-defaults". Mar 11 05:12:10.000 [notice] Read configuration file "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc". Mar 11 05:12:10.000 [notice] Scheduler type KISTLite has been enabled. Mar 11 05:12:10.000 [notice] Opening Control listener on 127.0.0.1:9051 Mar 11 05:12:10.000 [notice] Opening Control listener on 127.0.0.1:9151 Mar 11 05:12:10.000 [notice] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. Mar 11 05:12:10.000 [notice] Parsing GEOIP IPv4 file C:\Tor Browser\Browser\TorBrowser\Data\Tor\geoip. Mar 11 05:12:10.000 [notice] Parsing GEOIP IPv6 file C:\Tor Browser\Browser\TorBrowser\Data\Tor\geoip6. Mar 11 05:12:11.000 [notice] Bootstrapped 0%: Starting Mar 11 05:12:12.000 [notice] Starting with guard context "bridges" Mar 11 05:12:12.000 [notice] new bridge descriptor 'TorLandMeek' (cached): $A1A1234A123AB12345A1234A1A1234A123456789~TorLandMeek at 0.0.2.0 Mar 11 05:12:12.000 [notice] Delaying directory fetches: DisableNetwork is set. Mar 11 05:12:12.000 [notice] New control connection opened from 127.0.0.1. Mar 11 05:12:13.000 [notice] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. Mar 11 05:12:13.000 [notice] Tor 0.3.2.10 opening log file. Mar 11 05:12:13.000 [notice] New control connection opened from 127.0.0.1. Mar 11 05:12:13.000 [notice] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. Mar 11 05:12:13.000 [notice] Tor 0.3.2.10 opening log file. Mar 11 05:12:13.000 [notice] Opening Socks listener on 127.0.0.1:9150 Mar 11 05:12:13.000 [notice] Tor 0.3.2.10 opening log file. Mar 11 05:12:14.000 [notice] Bootstrapped 80%: Connecting to the Tor network Mar 11 05:12:14.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Mar 11 05:12:17.000 [notice] Bootstrapped 90%: Establishing a Tor circuit Mar 11 05:12:20.000 [notice] new bridge descriptor 'TorLandMeek' (fresh): $A1A1234A123AB12345A1234A1A1234A123456789~TorLandMeek at 0.0.2.0 Mar 11 05:12:25.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Mar 11 05:12:25.000 [notice] Bootstrapped 100%: Done Mar 11 05:12:37.000 [notice] New control connection opened from 127.0.0.1.
I'm looking for making Tor (when started from command line) work as smooth as it is when started from Tor Browser.
Child Tickets
Change History (14)
comment:1 Changed 11 months ago by
Component: | Applications/Tor Browser → Core Tor/Tor |
---|
comment:2 follow-up: 3 Changed 11 months ago by
comment:3 Changed 11 months ago by
Replying to cypherpunks:
Can you take a look at the processes that are spawned with each case?
In case of starting Tor from command line:
▪ cmd.exe ┗━━━━▪ conhost.exe ▪ tor.exe
In case of starting Tor from Tor Browser:
▪ firefox.exe ┗━━━━▪ tor.exe ┣━━━▪ terminateprocess-buffer.exe ┃ ┗━━▪ conhost.exe ┃ ▪ meek-client-torbrowser.exe ┃ ┗━━━▪ firefox.exe ┃ ▪ meek-client.exe ┗━━━▪ firefox.exe
It seems that Tor (started from command line) is missing a lot of processes. But why?! I am using the working directory cd "C:\Tor Browser\Browser\".
Also I have noticed that in the log snippet of starting Tor from command line: There is No "Read configuration file ..\torrc-defaults" as in that of starting Tor from Tor Browser.
comment:4 follow-up: 5 Changed 11 months ago by
You're missing something from the torrc-defaults I guess
comment:5 Changed 11 months ago by
Replying to cypherpunks:
You're missing something from the torrc-defaults I guess
It's exactly the same as a freshly installed one:
# torrc-defaults for Tor Browser # # DO NOT EDIT THIS FILE # # This file is distributed with Tor Browser and SHOULD NOT be modified (it # may be overwritten during the next Tor Browser update). To customize your # Tor configuration, shut down Tor Browser and edit the torrc file. # # If non-zero, try to write to disk less frequently than we would otherwise. AvoidDiskWrites 1 # Where to send logging messages. Format is minSeverity[-maxSeverity] # (stderr|stdout|syslog|file FILENAME). Log notice stdout CookieAuthentication 1 ## fteproxy configuration ClientTransportPlugin fte exec TorBrowser\Tor\PluggableTransports\fteproxy --managed ## obfs4proxy configuration ClientTransportPlugin obfs2,obfs3,obfs4,scramblesuit exec TorBrowser\Tor\PluggableTransports\obfs4proxy ## meek configuration ClientTransportPlugin meek exec TorBrowser\Tor\PluggableTransports\terminateprocess-buffer TorBrowser\Tor\PluggableTransports\meek-client-torbrowser -- TorBrowser\Tor\PluggableTransports\meek-client
It worked well when I copied the options from torrc-defaults to torrc. Also I've tried to install a fresh installation on a separate folder, the same issue is happening (not reading torrc-defaults file).
It's weird why it can't access the torrc-defaults. I'm looking to figure out.
comment:6 Changed 11 months ago by
Keywords: | torrc torrc-defaults defaults added |
---|---|
Summary: | Tor meeks works smoothly when starting from Tor Browser, while hangs a lot when starting from command line → Tor isn't reading torrc-defaults when started from command line, while it reads it successfully when started from Tor Browser |
comment:7 Changed 11 months ago by
Summary: | Tor isn't reading torrc-defaults when started from command line, while it reads it successfully when started from Tor Browser → Tor not reading torrc-defaults when started from command line, while it reads it successfully when started from Tor Browser |
---|
comment:8 Changed 11 months ago by
Severity: | Normal → Major |
---|
comment:9 Changed 11 months ago by
"C:\Tor Browser\Browser\TorBrowser\Tor\tor.exe" --defaults-torrc "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc-defaults" -f "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc" | more
/thread
comment:10 follow-up: 12 Changed 11 months ago by
By the way as far as I know the meek
that you're seeing there has become more and more coupled to the Tor Browser, and for those who want to use meek
the way to go would be to use meek_lite
which is an implementation provided in obfs4proxy
of meek
(I think OnionShare uses that?). You can make your own torrc file and put it somewhere and follow the instructions given here for setting it up: https://lists.torproject.org/pipermail/tor-talk/2017-December/043850.html
Note that it's a different implementation so the network fingerprint will surely not match that of the standard meek
if I'm not mistaken.
comment:11 Changed 11 months ago by
Severity: | Major → Normal |
---|
Correct, I think the mistake here is that the hand-crafted command line didn't tell Tor to use that torrc-defaults file, so it doesn't use it.
So I suggest closing as not-a-bug.
The statements about meek above are true too.
comment:12 follow-up: 13 Changed 11 months ago by
Replying to arma:
Correct, I think the mistake here is that the hand-crafted command line didn't tell Tor to use that torrc-defaults file, so it doesn't use it.
Replying to cypherpunks:
"C:\Tor Browser\Browser\TorBrowser\Tor\tor.exe" --defaults-torrc "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc-defaults" -f "C:\Tor Browser\Browser\TorBrowser\Data\Tor\torrc" | more
I thought Tor by default should have included the torrc-defaults without the command line option. So I thought it was a bug not being included.
I think it's mentioned in the manual that it loads by default (without adding the --defaults-torrc option):
--defaults-torrc FILE
... (Default: @CONFDIR@/torrc-defaults.)
Please correct me if I'm wrong because I'm not sure what Default: @CONFDIR@/torrc-defaults
here really means.
Replying to cypherpunks:
By the way as far as I know the
meek
that you're seeing there has become more and more coupled to the Tor Browser, and for those who want to usemeek
the way to go would be to usemeek_lite
...
Yes the original meek used in my included log is exactly the same one (I thought it was something not widely used so I manipulated it in the included log to protect my privacy).
● I don't get this, why something widely used like this can't be blocked by ISP?
● Also is it a security vulnerability to give many users the SAME MEEK?
● Also what's the difference between meek
& meek_lite
and why to use it?
The only idea I have about meeks is that it's an implementation of Domain Fronting (source). It will really help if you could suggest something to read explaining this in order to figure out what's really a meek and why to use meek_lite not meek.
Note that it's a different implementation so the network fingerprint will surely not match that of the standard
meek
if I'm not mistaken.
● Also, I don't understand the importance of this and what's the problem of the standard meek
.
comment:13 Changed 11 months ago by
Replying to omareg94:
Replying to cypherpunks:
By the way as far as I know the
meek
that you're seeing there has become more and more coupled to the Tor Browser, and for those who want to usemeek
the way to go would be to usemeek_lite
...
Yes the original meek used in my included log is exactly the same one (I thought it was something not widely used so I manipulated it in the included log to protect my privacy).
They use the same front, same url. It's only the implementation that is different.
● I don't get this, why something widely used like this can't be blocked by ISP?
If they want to block it then they have to block all of cloudfront, making a lot of collateral damage that isn't a choice for some censors.
● Also is it a security vulnerability to give many users the SAME MEEK?
It isn't by design.
● Also what's the difference between
meek
&meek_lite
and why to use it?
meek_lite
is a different implementation of the meek
client. You should use it if you don't want to run the whole Tor Browser just to get the standard meek
implementation going.
The only idea I have about meeks is that it's an implementation of Domain Fronting (source). It will really help if you could suggest something to read explaining this in order to figure out what's really a meek and why to use meek_lite not meek.
I thought this had all the necessary info https://lists.torproject.org/pipermail/tor-talk/2017-December/043850.html :)
comment:14 Changed 6 months ago by
Resolution: | → not a bug |
---|---|
Status: | new → closed |
Can you take a look at the processes that are spawned with each case?