Opened 8 months ago

Closed 8 months ago

Last modified 8 months ago

#25875 closed defect (fixed)

Azure meek bridge bootstrap fails without meek-client-torbrowser proxy

Reported by: habib Owned by: dcf
Priority: Medium Milestone:
Component: Obfuscation/meek Version: Tor: 0.3.2.10
Severity: Normal Keywords:
Cc: mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I want to use tor(.exe) + meek bridge as a standalone application, without the Tor browser, but after changing the torrc to use the meek-client instead of meek-client-torbrowser the bootstrapping stucks at 85% when azure meek bridge selected. The meek-client-torbrowser executable fails to start without the Tor browser.

The amazon meek bridge bootstraps and works fine using the meek-client executable.

Operating system: Windows10 1703
Tor: 0.3.2.10
Tor Browser (and other binaries): 7.5.3 (latest) 32-bit

Added line to Browser\TorBrowser\Data\Tor\torrc:

ClientTransportPlugin meek exec TorBrowser\Tor\PluggableTransports\meek-client

Attaching the log file

Child Tickets

Attachments (1)

notice.log (6.9 KB) - added by habib 8 months ago.

Download all attachments as: .zip

Change History (10)

Changed 8 months ago by habib

Attachment: notice.log added

comment:1 Changed 8 months ago by cypherpunks

The meek client is more and more coupled to the Tor Browser. For a standalone app you may try to use meek_lite with obfs4proxy.

comment:2 in reply to:  1 Changed 8 months ago by dcf

Could you attach your torrc file? It is indeed weird that, according to your log,

amazon azure
meek-client works doesn't work
meek-client-torbrowser (not tested) works

You can try adding -log meek-client.log to the ClientTransportPlugin line, to get some lower-level logs.

Replying to cypherpunks:

The meek client is more and more coupled to the Tor Browser. For a standalone app you may try to use meek_lite with obfs4proxy.

Only meek-client-torbrowser is coupled to Tor Browser. meek-client by itself is independent. I think the bug reporter is doing it right. meek-client by itself is basically the same as meek_lite.

comment:3 Changed 8 months ago by habib

Thanks for the quick reply, my meek-client.log:

meek-client + azure:
2018/04/21 00:23:57 listening on 127.0.0.1:61991
2018/04/21 00:24:00 status code was 411, not 200; trying again after 30 seconds (9)
2018/04/21 00:25:00 error in handling request: stream error: stream ID 5; PROTOCOL_ERROR
2018/04/21 00:25:32 error in handling request: stream error: stream ID 9; PROTOCOL_ERROR

meek-client + amazon:
2018/04/21 00:26:28 listening on 127.0.0.1:62056

meek-client-torbrowser + azure:
2018/04/21 00:33:24 using helper on 127.0.0.1:62306
2018/04/21 00:33:28 listening on 127.0.0.1:62310
 
meek-client-torbrowser + amazon
2018/04/21 00:36:05 using helper on 127.0.0.1:62570
2018/04/21 00:36:08 listening on 127.0.0.1:62573

my torrc:

ClientTransportPlugin meek exec TorBrowser\Tor\PluggableTransports\meek-client -log meek-client.log

Bridge meek 0.0.2.0:3 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com
# Bridge meek 0.0.2.0:2 B9E7141C594AF25699E0079C1F0146F409495296 url=https://d2cly7j4zqgua7.cloudfront.net/ front=a0.awsstatic.com

DataDirectory D:\Tor Browser\Browser\TorBrowser\Data\Tor
GeoIPFile D:\Tor Browser\Browser\TorBrowser\Data\Tor\geoip
GeoIPv6File D:\Tor Browser\Browser\TorBrowser\Data\Tor\geoip6
HiddenServiceStatistics 0
Log notice file D:\Tor Browser\Browser\TorBrowser\Data\Tor\notice.log
UseBridges 1

Started using TorBrowser\Tor\tor.exe -f TorBrowser\Data\Tor\torrc

comment:4 in reply to:  3 Changed 8 months ago by dcf

Replying to habib:

Thanks for the quick reply, my meek-client.log:

meek-client + azure:
2018/04/21 00:23:57 listening on 127.0.0.1:61991
2018/04/21 00:24:00 status code was 411, not 200; trying again after 30 seconds (9)
2018/04/21 00:25:00 error in handling request: stream error: stream ID 5; PROTOCOL_ERROR
2018/04/21 00:25:32 error in handling request: stream error: stream ID 9; PROTOCOL_ERROR

Aha, this is #22865. Status code 411 is "length required". This problem was already fixed in meek 0.28, but it looks like Tor Browser is still using meek 0.25.

Unfortunately you won't be able to use the meek-client you have, until I ask to have meek upgraded in Tor Browser. If you cannot wait for another Tor Browser release, you can compile meek-client yourself. It is not very difficult, but you will need to download the Go compiler: https://golang.org/dl/.

comment:5 Changed 8 months ago by mcs

Cc: mcs added

Tor Browser 8.0a2 and newer (our alpha releases) include meek 0.29. Grabbing that may be easier than building from source.

comment:6 Changed 8 months ago by habib

Thanks, I can confirm that both amazon and azure works with the latest build of meek-client. (I built from source)

comment:7 Changed 8 months ago by habib

Resolution: fixed
Status: newclosed

comment:8 in reply to:  5 Changed 8 months ago by dcf

Replying to mcs:

Tor Browser 8.0a2 and newer (our alpha releases) include meek 0.29. Grabbing that may be easier than building from source.

Oh, you're right. When I made comment:4 I was in a tor-browser-build directory that I didn't realize was out of date.

comment:9 Changed 8 months ago by yawning

For the record meek_lite never got the change that fixes this, so it was busted as well. It should be fixed in master though.

Note: See TracTickets for help on using tickets.