Opened 6 years ago

Closed 17 months ago

#9413 closed defect (wontfix)

The proxy server is refusing connections

Reported by: Cruzax Owned by: chiiph
Priority: Immediate Milestone: TorBrowserBundle 2.3.x-stable
Component: Archived/Vidalia Version: Tor: 0.2.3.25
Severity: Normal Keywords: TorBrowserBundle, Vidalia, Tor Launcher, SocksPort, ControlPort
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Vidalia Control Panel is showing the status as green and connected to the Tor network. Everything in the message log looks fine, but the browser is saying that Firefox is configured to use a proxy server that is refusing connections. I have looked online for a solution and I cannot find one. I have tried using the proxy settings that came with it and using proxy settings for my version of Firefox. I have also tried using only ports 80/443. I have disabled Norton 360. I cannot figure out how to get past this screen. Please let me know what additional information you need.

Child Tickets

TicketStatusOwnerSummaryComponent
#8893closedchiiphVidalia stores wrong SocksPort in the torrc fileArchived/Vidalia
#9137closederinnChanging the value for SocksPort requires 2 edit cycles.Applications/Tor bundles/installation

Change History (11)

comment:1 Changed 6 years ago by askalthea

Component: Tor CheckTor

I'm having the same problem. Everything worked right after installation, but after re-boot no go. I tried all proxy configurations for Tor, including a relay bridge (Verzion FIOS) and still no go. Also disabled my security (Kaspersky), added Tor to trusted app list, etc. and still this configuration problem. Using Firefox ver 23.x (latest version). Thnx for any/all help.

comment:2 Changed 6 years ago by cypherpunks

Recommended solution:

TL;DR: Install Tor Browser Bundle (TBB) in a fresh directory, do not install over a previous installed TBB.


Note: IF you have made any changes to bookmarks and NoScript, THEN you will have to export your bookmarks and NoScript settings.

How-to export bookmarks
Click on "Bookmarks" -> "Show All Bookmarks Ctrl+Shift+B".
Click on "Import and Backup" -> "Export Bookmarks to HTML".
Choose a directory and a filename and press "Save".

How-to import bookmarks
Click on "Bookmarks" -> "Show All Bookmarks Ctrl+Shift+B".
Click on "Import and Backup" -> "Import Bookmarks from HTML".
Choose the directory where you saved your "bookmark.html" file, select it and press "Open".

How-to export NoScript settings
Right-click on the NoScript icon (a big "S") -> Options
Click on the button labelled "Export" in the bottom row of buttons .
Choose a directory and a filename and press "Save".

Example filename: "noscript-export.json".

How-to import NoScript settings
Right-click on the NoScript icon (a big "S") -> Options
Click on the button labelled "Import" in the bottom row of buttons .
Choose the directory where you saved your "noscript-export.json" file, select it and press "Open".

How-to export/import other settings
If you have changed other settings, you probably already know what to do.
If you forgot which settings you changed, make a list of all changes the next time (now?) you start with a fresh TBB install.
But remember: any changes you do to the default settings will make you stand out more from the crowd of Tor users in the eyes of a global adversary Big Brother (NSA).



Alternate solution:

IF you installed the new Tor Browser Bundle (TBB) in the same directory as the previous TBB AND you get the "The proxy server is refusing connections" error THEN do this:

  • In the Vidalia Control Panel: click "Stop Tor".
  • Wait until the status shows: "Tor is not running".
  • Open the torrc file in an editor you are familiar with, (notepad.exe if you prefer.)
  • Search the file until you find a line that starts with: SocksPort.
  • If it (most likely) says SocksPort 9050 then you have to change it to SocksPort 9150.
  • If it already says SocksPort 9150 then value is correct.
  • Also check the value for ControlPort, it should say ControlPort 9151 - if not: change it.
  • If you made any changes, then save the torrc file.
  • Close the editor.
  • In the Vidalia Control Panel: click "Start Tor".

IF this fails, repeat this procedure AGAIN.
IF you have repeated the procedure AND it fails THEN report it to this page because you might have found a different bug.

Remember
If you switch torrc files, you have to repeat this procedure twice.
You might just as well exit TBB including Vidalia completely, then edit vidalia.conf to point to the other torrc file, then "Start Tor Browser.exe" again.

comment:3 Changed 6 years ago by askalthea

Thnx for solution and really appreciate your help.

I downloaded newest ver. and re-installed Tor after upgrading Firefox. Tor is working properly for now. I did notice, however, that the changes I made to network settings in Vidalia's control panel were not correctly recorded in the torrc config file. So, I'll wait to see if Tor works on re-boott.

comment:4 in reply to:  3 Changed 6 years ago by cypherpunks

Replying to askalthea:

Thnx for solution and really appreciate your help.

It's nice to be able to help someone.

You said that you made changes to the network settings in Vidalia's control panel: If I assume you meant that you clicked "Settings" -> "Network" and made some changes there - then these changes should be saved in vidalia.conf and not in the torrc file.

comment:5 Changed 6 years ago by cypherpunks

Component: TorVidalia
Keywords: TorBrowserBundle Vidalia Tor Launcher SocksPort ControlPort added
Owner: set to chiiph
Priority: normalblocker

I have found the root cause of the bug "The proxy server is refusing connections".

I am changing component to Vidalia because this is where the bug originates from, but this affects all (?) releases of Tor Browser Bundle (prior to TBB 3.0).
Could someone cc: this ticket to erinn ?

I am also changing the priority to Blocker, to gain attention to this issue fast. The owner of this issue (ciiph) can lower the priority after reading.

I believe that this is the bug that lies behind tickets: #9137, #9312, #9240, #8893, #8304, #4031.
Ticket #8228 could possibly be affected.
Maybe ticket #8336 is related, but proper reported that "All other pages are working" which would indicate otherwise.

(Disclaimer: I wrote #9137 and the solution mentioned above: https://trac.torproject.org/projects/tor/ticket/9413#recommended-solution)


Bug analysis:

I have found two bugs in TorSettings.cpp
https://gitweb.torproject.org/vidalia.git/blob/HEAD:/src/vidalia/config/TorSettings.cpp

Bug 1
If you look at lines 110 to 113 in TorSettings.cpp you will find the bug on line 113.

This is the code from line 110 to 113:

  if(localValue(SETTING_AUTOCONTROL).toBool())
    conf.insert(TOR_ARG_SOCKSPORT, "auto");
  else
    conf.insert(TOR_ARG_SOCKSPORT, "9050");

The value 9050 is WRONG. The correct value changed to 9150 in less than a month after the last time this file was edited.
Hard coding values inside code is ALWAYS WRONG.
If a default value is needed it should be #define'd at the top of the file, and preferably ALL "magic numbers" should be #define'd in one file for the whole application.

A quick fix to the first (and the second bug mentioned below) would be to add these lines at the appropriate place (line 55?):

#define DEFAULT_CONTROLPORT 9151
#define DEFAULT_SOCKSPORT 9150

and the fix to the first bug would look like this:

  if(localValue(SETTING_AUTOCONTROL).toBool()) {
    conf.insert(TOR_ARG_SOCKSPORT, "auto");
  } else {
    conf.insert(TOR_ARG_SOCKSPORT, DEFAULT_SOCKSPORT);
  }

but I am a bit suspicious of this whole code fragment as I fail to see the need to check if autocontrol is true when line 97 seems to always set autocontrol to false.
Code review please?


Also worth noting: C++ isn't Python. Curly braces should always be used to avoid future errors when someone else edits the code.

Example, if someone else (or yourself 2 months later) adds statement c(); as such:

    if (a)
        b();
        c(); // Newly added statement c();

it is interpreted by the compiler as:

    if (a) {
        b();
    }
    c();

so statement c(); is always run, instead of the intended:

    if (a) {
        b();
        c();
    }

Or a better example is in the same file (TorSettings.cpp) on lines 126 to 130:

  if (hashedPassword.isEmpty()) {
    if (errmsg)
      *errmsg =  tr("Failed to hash the control password.");
    return false;
  }

What is supposed to happen? It is not clear from just glancing at the code. One needs to look at the context and search up and down to find out if the code behaves as someone intended. Hours of fun could follow...


Bug 2
In line 85 (also in TorSettings.cpp) this code is found:

  setDefault(SETTING_CONTROL_PORT,  9051);

Here, again, a hard-coded "magic number" is hidden. Any inline value other than zero (0) and one (1) should have a name of its own and be defined Once and Only Once [2],[3],[4]. The correct value (in TBB) for ControlPort is at present 9151. This value changed at the same time as SocksPort changed.

Replace line 85 with:

  setDefault(SETTING_CONTROL_PORT, DEFAULT_CONTROLPORT);


Conclusions:

  • Change happens! So plan for it. Make it easy to change your code by using the "orthogonality principle" [1].
  • Do a code review.
  • Setup a coding standard, or review the existing coding standard, and enforce it.
  • Use one or more static code analysers to verify that all committed code adheres to the coding standard [9].
  • Add unit testing (which someone is working on already?)
  • Add automatic PEN testing (in a VM?) to test builds for security vulnerabilities before release. (New project?)



References:
[1] http://www.artima.com/intv/dryP.html
[2] https://en.wikipedia.org/wiki/Don%27t_repeat_yourself
[3] http://c2.com/cgi/wiki?DontRepeatYourself
[4] http://c2.com/cgi/wiki?OnceAndOnlyOnce
[5] http://www.objectmentor.com/resources/publishedArticles.html
[6] http://ootips.org/ood-principles.html
[7] https://en.wikipedia.org/wiki/SOLID_(object-oriented_design)
[8] https://en.wikipedia.org/wiki/GRASP_(object-oriented_design)
[9] https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis

comment:6 Changed 6 years ago by askalthea

Thnx, again! Will look at both torrc and vidalia.config next time.

Appreciated all of your help and documentation.

Cheers....Askalthea

comment:7 Changed 6 years ago by cypherpunks

After reading what the FAQ said on this subject, I found that a design decision was made to allow a Tor Browser to be running alongside a system Vidalia+Tor instance.
Under these circumstances a user would have two Vidalia instances running in parallel, requiring the use of separate ControlPorts and SocksPorts for each instance.

The amended solution would define what to build in the makefile, or use environment variables in the build script, and look something like this:

#ifdef BUILD_TBB
#define DEFAULT_CONTROLPORT 9151
#define DEFAULT_SOCKSPORT 9150
#endif

#ifdef BUILD_VIDALIA
#define DEFAULT_CONTROLPORT 9051
#define DEFAULT_SOCKSPORT 9050
#endif

NOTE: this is a suggested solution that would solve several bugs, but it needs review (and edits) by someone from the regular tor-dev staff.

comment:8 Changed 5 years ago by hyak

I have been using tor for some months and never had any problem connecting tor.but last week tor said that browser needs updating and it stopped working.I updated tor and everything was fine.There was a mild delay in connection but was fine.This week I could not connect even once,it starts but in the middle the green line stops moving.I appreciate any help.Thanks.

comment:9 Changed 4 years ago by johnakabean

Look this sounds exactly like what I figured out how to fix in my ticket:

https://trac.torproject.org/projects/tor/ticket/14947

Please try adding the settings in my ticket to tor browser, restart it, vidalia, and everything and comment on the results.

comment:10 Changed 20 months ago by teor

Severity: Normal

Set all tickets without a severity to "Normal"

comment:11 Changed 17 months ago by gk

Resolution: wontfix
Status: newclosed

Vidalia is long gone.

Note: See TracTickets for help on using tickets.