Opened 9 years ago

Closed 3 years ago

#4347 closed defect (fixed)

Geoip parsing fails on user accounts under windows

Reported by: bastik Owned by: erinn
Priority: High Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: geoip, windows, tor-client, tor-bundles
Cc: Shondoit, alay27@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Tor can't parse the geoip file on limited accounts under windows, because the geoip file is not placed in the private folder of limited users during installation.

This affects relays.

The current workaround is to copy the file from "C:\Users\[administrator]\AppData\Roaming\tor" to "C:\Users\[limited user]\AppData\Roaming\tor"

Child Tickets

TicketStatusOwnerSummaryComponent
#5359closederinnExit Nodes not workingApplications/Tor bundles/installation
#5476closederinnWrong Geoip DB Installation PathApplications/Tor bundles/installation
#5653closedubuntixgeoip and " "ExitNodes"Core Tor/Tor
#5927closederinnGeoIP file doesn't get placed correctlyApplications/Tor bundles/installation

Change History (38)

comment:1 Changed 9 years ago by erinn

I wonder what a better location for this file would be. Does somebody who knows Windows better have an idea about why it would be a bad idea to put the geoip with the rest of the Tor installation in C:\Program Files [(x86) on some machines]? Is it a bad idea?

I can imagine a user wanting to use their own geoip, so there is an argument for %APPDATA% at least taking precedence over C:\Program Files, but if no geoip is found there, it should fall back to the default location. (I will have to dig around a bit to find out if and how this is possible with the packaging tools.)

comment:2 Changed 9 years ago by Sebastian

One problem will very likely be that it needs to be in a path that Vidalia can know about and pass to Tor. Tor doesn't support "try these dirs, use the geoip file in the first dir you find" - instead it wants the real path including filename.

comment:3 Changed 9 years ago by bastik

Keywords: limited user removed
Summary: Geoip parsing fails on limited user accounts under windowsGeoip parsing fails on user accounts under windows

This affects all users (admins as well as limited users)

Add an option to all relay bundles: "Install for:" "- current installing admin" "-all users"
then write the Geoip file to "C:\Users\Public", when the second option is used
problably in a subdir \Tor\

C:\Users\Public is a folder (On Windows 7) where any user can read and write.

(When the option is not an option, the installer could place the Geoip file there always)

Since Tor can access this folder it could update it. (Whenever this other ticket should get implement it.

Quote: "why it would be a bad idea to put the geoip with the rest of the Tor installation in C:\Program Files [(x86) on some machines]? Is it a bad idea?"

My first guess was that Tor creates the file in %APPDATA%, but the installer place the file there. I thought about that, too. That was my first solution and I wanted to announce this to you. But Sebastian told me about a ticket which suggests to update the geoip file through Tor. It's a good idea to place it there, when only the installer should place the file there and when only the installer should update the file.

"C:\Users\Public" allows the installer to place it there and Tor(.exe) could update it as well. The only disadvantage I currently see is that any user could modify or delete the geoip file.

It appears that the windows installer of Tor is able to detect whenever as user runs a 32bit or 64bit windows. Since it selects "Program Files (x86)) automatically.

While "C:\Users\Public" is present on Vista and Windows 7 (Don't know about Windows8) it's not under Windows XP there it is "C:\Documents and settings\All Users

comment:4 Changed 9 years ago by rransom

Priority: normalmajor

This bug means that bridges run on Windows don't report per-country statistics.

comment:5 Changed 8 years ago by arma

See #5359 for (likely) another case of this bug.

comment:6 Changed 8 years ago by arma

And #5653 for another. We really need to fix this bug.

comment:7 Changed 8 years ago by runa

Use of Geoip (e.g. when using ExitNodes) should be added to our list of TBB QA tests.

comment:8 Changed 8 years ago by Shondoit

Cc: Shondoit added

comment:9 Changed 8 years ago by Shondoit

The default install location on Linux is /usr/share/tor/, which is used as shared non-writable data, if I'm not mistaken.
The equivalent for Windows would be "C:\ProgramData\tor" (Vista/Win7) or "C:\Documents and Settings\All Users\Application Data\tor" (XP)

For the NSIS installer, this seems to be done like:

SetShellVarContext all
SetOutPath $APPDATA
File "geoip"

This requires a change in tor to read the file using CSIDL_COMMON_APPDATA.

comment:10 Changed 8 years ago by Shondoit

Status: newneeds_review

Created a branch that moves geoip to Common AppData.
When I figured out how to officially create packages I will test this on Windows 7, but it's paramount that it be tested on XP as well.
The geoip file should be installed to "C:\Documents and Settings\All Users\Application Data\tor\geoip"

Putting it up for review so that someone can test it on XP (and Win7)

Branch bug4347 in my personal repo.
It's based on maint-0.2.2, I hope that's correct. If not, do let me know.

comment:11 Changed 8 years ago by nickm

Milestone: Tor: 0.2.2.x-final

Looks at least superficially good to me, but I don't know Windows as well as others. You're right that it needs testing on XP too.

I'd also like to make sure this won't break TBB at all; I don't know how TBB goes about making sure that this file is found correctly.

Also, in the long term, perhaps we should have the default be to search the likeliest locations rather than looking in just one. But maybe that's not necessary. Either way, we shouldn't do *that* for 0.2.2.x.

Putting this in the Tor 0.2.2.x milestone for now. I think maybe it belongs here, since not being able to get geoip data can be a security issue for some people, and since this is windows-only code.

comment:12 in reply to:  11 Changed 8 years ago by arma

Replying to nickm:

I'd also like to make sure this won't break TBB at all; I don't know how TBB goes about making sure that this file is found correctly.

Hopefully by explicitly having a 'geoipfile' line in its torrc.

I've got one in my Linux TBB at least.

Putting this in the Tor 0.2.2.x milestone for now.

Makes sense.

comment:13 Changed 8 years ago by erinn

I made a test package with Shondoit's patch (as well as his patch for #3757) and put it here:

https://archive.torproject.org/tor-package-archive/technology-preview/tor-0.2.2.36-win32-test.exe

09b8adb621c5ebb6df8e04bf2371b005cd9787893df6e193763d67f73bac3821 tor-0.2.2.36-win32-test.exe

I don't have a limited user account or access to WinXP so if people who have either/both of those could test and report back I'd appreciate it.

comment:14 Changed 8 years ago by ubjective

Status: needs_reviewnew

To resolve the issue for Server 2008, just copy the Tor folder which has geoip in it from c:\users\administrator\appdata\local to c:\users\administrator\appdata\roaming.

Modify the torcc file and add ExitNodes {US}

(or your preferred country)

comment:15 Changed 8 years ago by ubjective

Owner: changed from erinn to ubjective
Status: newaccepted

comment:16 in reply to:  14 Changed 8 years ago by Shondoit

Status: acceptedneeds_review

Replying to ubjective:

To resolve the issue for Server 2008, just copy the Tor folder which has geoip in it from c:\users\administrator\appdata\local to c:\users\administrator\appdata\roaming.

Manually copying is not the solution. Especially not for the end-user.

Also, we have a possible fix which is still under review.

comment:17 Changed 8 years ago by Shondoit

Owner: changed from ubjective to erinn
Status: needs_reviewassigned

... by Erinn

comment:18 Changed 8 years ago by Shondoit

Status: assignedneeds_review

... darn trac.

comment:19 Changed 8 years ago by nickm

Milestone: Tor: 0.2.2.x-finalTor: 0.2.4.x-final

0.2.2 is long-closed to big fixes. Moving this to 0.2.4.x tenatively

comment:20 Changed 8 years ago by alay

Cc: alay27@… added

I just edit torrc on

%userprofile%\Local Settings\Application Data\Vidalia

add

GeoIPFile ..\Tor\geoip

I'm using XP. Just a normal user though, don't really understand programming.
Hope that helps. :)

comment:21 Changed 8 years ago by nickm

Component: Tor bundles/installationTor
Keywords: tor-client tor-bundles added

I forward-ported this to 0.2.4 in bug4347_nm_024. Any testing possible?

comment:22 Changed 8 years ago by bastik

Here it *might* be also sane to wait for #7956 to be closed.

I can't compile code due to the lack of a compiler and much more concerning the knowledge. The installer for "vidalia-bridge-bundle-0.2.4.10-alpha-0.2.21.exe" doesn't seem to place files for limited users.

I don't know how the installer could do that. You have to install as administrator so it places the files for that account. Naturally it can't know for which users they have to be available, so placing it in every single users account doesn't make much sense.

I don't know how this works under Linux and I don't know how to do it *properly* under windows.

comment:23 Changed 8 years ago by andrea

This looks fine to me, except for the contrib/tor-mingw.nsi.in change which I am not competent to evaluate and thus must presume correctness. I have no capability to test it, though.

comment:24 Changed 7 years ago by andrea

Milestone: Tor: 0.2.4.x-finalTor: 0.2.5.x-final

comment:25 Changed 6 years ago by nickm

Milestone: Tor: 0.2.5.x-finalTor: 0.2.6.x-final

tentatively moving these out of 0.2.5.

comment:26 Changed 6 years ago by nickm

Milestone: Tor: 0.2.6.x-finalTor: 0.2.7.x-final

comment:27 Changed 6 years ago by nickm

Keywords: 027-triaged-1-out added

Marking triaged-out items from first round of 0.2.7 triage.

comment:28 Changed 5 years ago by nickm

Milestone: Tor: 0.2.7.x-finalTor: 0.2.8.x-final

comment:29 Changed 5 years ago by nickm

Milestone: Tor: 0.2.8.x-finalTor: 0.2.???

These

comment:30 Changed 4 years ago by bastik

Severity: Normal

This seems irrelevant. Can this ticket be closed?

You don't provide any bundles for Windows to be a relay or bridge. Only the expert bundle is left, which I suspect is targeted at experts.

comment:31 Changed 4 years ago by arma

Well, geoip files are used by clients for e.g. the country codes in ExitNodes lines (as Runa points out from way long ago). So it isn't just about being a relay or a bridge.

That said, I think we have only one Windows thing, and that's Tor Browser, and that sets geoipfile itself.

So I am totally fine with having the Windows behavior for geoipfile be undefined if you don't set it.

That said, I am also totally fine by having it default to a smarter place than it does currently, if that might help some people. Heck, maybe that place is something really simple, like "the current working directory" or "the same directory as the tor binary"?

comment:32 Changed 4 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:33 Changed 4 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:34 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:35 Changed 3 years ago by nickm

Keywords: 027-triaged-in added

comment:36 Changed 3 years ago by nickm

Keywords: 027-triaged-in removed

comment:37 Changed 3 years ago by nickm

Keywords: 027-triaged-1-out removed

comment:38 Changed 3 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

What's fixed here is fixed; calling the ticket done per discussion above with bastik and arma.

Note: See TracTickets for help on using tickets.