Opened 8 months ago

Closed 8 months ago

Last modified 8 months ago

#29050 closed defect (fixed)

Connecting to tor over a socks 5 connection no longer works in 3.5.7

Reported by: arj Owned by: dgoulet
Priority: Medium Milestone:
Component: Community/Tor Support Version: Tor: 0.3.5.7
Severity: Normal Keywords: regression?
Cc: dgoulet, rl1987 Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hi

I upgraded tor today on my machine and found that I can no longer connect over a socks 5 connection. I'm using this node library https://github.com/JoshGlazebrook/socks and it has been working with no problems before (0.3.4 and earlier). But after upgrading I'm seeing: Socks5 proxy rejected connection - Failure when connecting and it syslog I see:

Jan 10 21:58:22 chrx Tor[11218]: socks5: parsing failed - invalid user/pass authentication message.
Jan 10 21:58:22 chrx Tor[11218]: Fetching socks handshake failed. Closing.

Changing the config to use socks 4 seems to work.

The project I'm working that uses this is scuttlebutt. And the code doing the onion connection locally is here:

https://github.com/ssbc/multiserver/blob/master/plugins/onion.js

Child Tickets

TicketStatusOwnerSummaryComponent
#29126closedphoulConnection error with Debian Tor 0.3.5.7-1 and Tor Socks5 proxyCommunity/Tor Support

Change History (14)

comment:1 Changed 8 months ago by dgoulet

Status: newneeds_information

What version of torsocks are you using? Torsocks 2.x doesn't have SOCKS4 support so I'm guessing you have a very old torsocks?

comment:2 Changed 8 months ago by arj

Oh, thanks for your reply. It appears that the debian repo https://www.torproject.org/docs/debian.html.en does not include torsocks but only tor. And the new 0.3.5.7 is not compatible with torsocks 2.2. I can see that debian unstable includes a new version of torsocks.

comment:3 Changed 8 months ago by arj

Upgrading to torsocks 2.3 does not seem to resolve the problem with socks 5. I was testing with 2.1 before. I just retested torsocks 2.3 with v4 in the node socks library at that still works.

comment:4 Changed 8 months ago by nickm

Cc: dgoulet added
Keywords: regression? added

comment:5 Changed 8 months ago by rl1987

Cc: rl1987 added

Will look into this in few days.

comment:6 Changed 8 months ago by rl1987

Component: Core Tor/TorsocksCommunity/Tor Support

$ torsocks --port 9051 -u fox -p trustno1 wget https://www.google.com does work for me with torsocks 2.2 (from Debian) and tor 0.3.5.7.

The above error message is logged when tor SOCKS5 implementation fails to parse SOCKS5 username/password auth message.

  • Can you use Wireshark to see what goes on the wire? Perhaps we can see a pcap with SOCKS5 exchange that fails?
  • Can you try explicitly setting username and password on your side of connection (doesn't matter what username/password exactly - tor doesn't check, just requires them to be nonempty when username/password path is taken). Does that help?
  • Can you run torsocks with -d and show us what it prints?

comment:7 Changed 8 months ago by arj

Setting a username and password in the socks js end works.

I think I filed this under the wrong category. I'm sorry about that. Tor by default opens a socks proxy on port 9050 and that is what I'm connecting to. I uninstalled torsocks to make sure that it is not used and I can confirm that this is a problem in tor core.

Thanks for your help anyway, should help debugging on the tor side.

comment:8 Changed 8 months ago by rl1987

Lets investigate this a bit further. How is your SOCKSPort configured? Do you use any flags for process isolation? Can you still try torsocks with -d and show us what it prints? For example, you could run torsocks --port 9050 -u fox -p trustno1 wget https://www.google.com.

comment:9 Changed 8 months ago by arj

This is default tor config on a debian machine.

torsocks seems to work both with -u & -p and without, here is log without:

547843375 DEBUG torsocks[16768]: Logging subsystem initialized. Level 5, file (null), time 1 (in init_logging() at torsocks.c:304)
1547843375 DEBUG torsocks[16768]: Config file not provided by TORSOCKS_CONF_FILE. Using default /etc/tor/torsocks.conf (in config_file_read() at config-file.c:543)
1547843375 DEBUG torsocks[16768]: Config file setting tor address to 127.0.0.1 (in conf_file_set_tor_address() at config-file.c:298)
1547843375 DEBUG torsocks[16768]: Config file setting tor port to 9050 (in conf_file_set_tor_port() at config-file.c:254)
1547843375 DEBUG torsocks[16768]: [config] Onion address range set to 127.42.42.0/24 (in set_onion_info() at config-file.c:108)
1547843375 DEBUG torsocks[16768]: Config file /etc/tor/torsocks.conf opened and parsed. (in config_file_read() at config-file.c:572)
1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45)
1547843375 DEBUG torsocks[16768]: Config file setting tor port to 9050 (in conf_file_set_tor_port() at config-file.c:254)
1547843375 DEBUG torsocks[16768]: [onion] Pool init with subnet 127.42.42.0 and mask 24 (in onion_pool_init() at onion.c:104)
1547843375 DEBUG torsocks[16768]: [onion] Pool initialized with base 0, max_pos 255 and size 8 (in onion_pool_init() at onion.c:132)
1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45)
--2019-01-18 21:29:35-- https://www.google.com./
1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45)
1547843375 DEBUG torsocks[16768]: [close] Close caught for fd 3 (in tsocks_close() at close.c:33)
1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45)
Resolving www.google.com. (www.google.com.)... 1547843375 DEBUG torsocks[16768]: [getaddrinfo] Requesting www.google.com. hostname (in tsocks_getaddrinfo() at getaddrinfo.c:44)
1547843375 DEBUG torsocks[16768]: Resolving www.google.com. on the Tor network (in tsocks_tor_resolve() at torsocks.c:545)
1547843375 DEBUG torsocks[16768]: Setting up a connection to the Tor network on fd 3 (in setup_tor_connection() at torsocks.c:368)
1547843375 DEBUG torsocks[16768]: Socks5 sending method ver: 5, nmethods 0x01, methods 0x00 (in socks5_send_method() at socks5.c:229)
1547843375 DEBUG torsocks[16768]: Socks5 received method ver: 5, method 0x00 (in socks5_recv_method() at socks5.c:262)
1547843375 DEBUG torsocks[16768]: [socks5] Resolve for www.google.com. sent successfully (in socks5_send_resolve_request() at socks5.c:633)
1547843375 DEBUG torsocks[16768]: [socks5] Resolve reply received successfully (in socks5_recv_resolve_reply() at socks5.c:710)
1547843375 DEBUG torsocks[16768]: [getaddrinfo] Node www.google.com. resolved to 172.217.21.132 (in tsocks_getaddrinfo() at getaddrinfo.c:107)
172.217.21.132
Connecting to www.google.com. (www.google.com.)|172.217.21.132|:443... 1547843375 DEBUG torsocks[16768]: [socket] Creating socket with domain 2, type 1 and protocol 0 (in tsocks_socket() at socket.c:33)
1547843375 DEBUG torsocks[16768]: Connect caught on fd 3 (in tsocks_connect() at connect.c:118)
1547843375 DEBUG torsocks[16768]: [connect] Socket family AF_INET and type 1 (in tsocks_validate_socket() at connect.c:77)
1547843375 DEBUG torsocks[16768]: [onion] Finding onion entry for IP 172.217.21.132 (in onion_entry_find_by_addr() at onion.c:268)
1547843375 DEBUG torsocks[16768]: Connecting to the Tor network on fd 3 (in tsocks_connect_to_tor() at torsocks.c:473)
1547843375 DEBUG torsocks[16768]: Setting up a connection to the Tor network on fd 3 (in setup_tor_connection() at torsocks.c:368)
1547843375 DEBUG torsocks[16768]: Socks5 sending method ver: 5, nmethods 0x01, methods 0x00 (in socks5_send_method() at socks5.c:229)
1547843375 DEBUG torsocks[16768]: Socks5 received method ver: 5, method 0x00 (in socks5_recv_method() at socks5.c:262)
1547843375 DEBUG torsocks[16768]: Socks5 sending connect request to fd 3 (in socks5_send_connect_request() at socks5.c:459)
1547843375 DEBUG torsocks[16768]: Socks5 received connect reply - ver: 5, rep: 0x00, atype: 0x01 (in socks5_recv_connect_reply() at socks5.c:519)
1547843375 DEBUG torsocks[16768]: Socks5 connection is successful. (in socks5_recv_connect_reply() at socks5.c:523)
connected.
1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 4 (in tsocks_fclose() at fclose.c:45)
ERROR: no certificate subject alternative name matches

requested host name 'www.google.com.'.

To connect to www.google.com. insecurely, use `--no-check-certificate'.
1547843376 DEBUG torsocks[16768]: [close] Close caught for fd 3 (in tsocks_close() at close.c:33)
1547843376 DEBUG torsocks[16768]: [close] Close connection putting back ref (in tsocks_close() at close.c:51)
1547843376 DEBUG torsocks[16768]: [onion] Destroying onion pool containing 0 entry (in onion_pool_destroy() at onion.c:148)

So it seems like the socks js library connects differently than torsocks. The thing is, this used to work fine.

comment:10 Changed 8 months ago by arma

Try the "PreferSOCKSNoAuth" option to socksport. If that makes things work better, then my guess is that your socks client library (on the application side) is buggy.

(you can read about PreferSOCKSNoAuth in 'man tor')

Last edited 8 months ago by arma (previous) (diff)

comment:11 Changed 8 months ago by pipex

Hi I had the some problem with debian testing.

with the "PreferSOCKSNoAuth" option tor works fine. thanks a lot.

Last edited 8 months ago by pipex (previous) (diff)

comment:12 Changed 8 months ago by arj

Thanks for the clarification, that really helped get a fix in. The issue with the node library is now fixed upstream.

comment:13 Changed 8 months ago by rl1987

Resolution: fixed
Status: needs_informationclosed

comment:14 Changed 8 months ago by arma

Ok, I think this was actually a Tor bug. I've filed #29175 for it. Thanks!

Note: See TracTickets for help on using tickets.