Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-12T23:51:34Zhttps://gitlab.torproject.org/legacy/trac/-/issues/1939Trac Homepage should be a dev landing page2020-06-12T23:51:34ZMike PerryTrac Homepage should be a dev landing pageWe need to destroy our old wiki homepage. Or at least hide it somewhere. It is inappropriate for the landing page we are trying to use to organize development information.
I have no idea how to find the list of projects or any other ven...We need to destroy our old wiki homepage. Or at least hide it somewhere. It is inappropriate for the landing page we are trying to use to organize development information.
I have no idea how to find the list of projects or any other vendibles/buddies/projects material we hashed out from our developer meeting. Which means if I can't find it, none of our volunteers can.
It should be just a click from the trac.torproject.org page to all of our company, developer and project overview material.
Trac should no longer be about informing regular users. It sucks for that. The page tiles mean you can't even find pages with google.https://gitlab.torproject.org/legacy/trac/-/issues/2069Orbot fails to start if configured as a relay2020-06-12T23:54:18ZTracOrbot fails to start if configured as a relayOrbot version: 1.0.4
Phone: Nexus One, 2.2.1 FRG83
Repo steps:
In Settings, select "Relaying", set "Relay Port" to 9001 set "Relay nickname". Press back. Press to start. Orbot turns yellow:
"set_options(): Bug: Acting on config option...Orbot version: 1.0.4
Phone: Nexus One, 2.2.1 FRG83
Repo steps:
In Settings, select "Relaying", set "Relay Port" to 9001 set "Relay nickname". Press back. Press to start. Orbot turns yellow:
"set_options(): Bug: Acting on config options left us in a broken state. Dying."
Selected lines from the log:
Orbit is starting....
got tor proc id: 18938
Tor process id=18938
Starting Tor...
Setting up control...
SUCCESS connected to control port
SUCCESS authenticated to control port
Setting up control...complete.
adding control port event handle
SUCCESS added control port event handle
You ContactInfo config option is not set .Please ...
Opening OR listener on 0.0.0.0:9001
You Tor server's identify key fingerprint is 'Skevek 73DD7A435...'
Unable to stat resolver configuration in '/etc/resolv.conf': No such file or directory
set_options(): Bug: Acting on config options left us in a broken state. Dying.
**Trac**:
**Username**: aglNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/2671Better communication for authority operators, core developers in emergency si...2020-06-13T00:06:37ZNick MathewsonBetter communication for authority operators, core developers in emergency situations When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice. That was bad, and #2666 is about trying to notice such si... When in danger or in doubt,
run in circles, scream and shout!
- traditional motto, possibly naval.
When the bug behind #2664 happened, it took us a few hours to notice. That was bad, and #2666 is about trying to notice such situations faster. But another problem is that even after we noticed, it still took a while to sort out who knew how best to contact which operators. Probably developers should get contacted too, so they can be available to deal with bad/urgent bugs.
We should figure out, for each authority operator and core developer[*], the best two or three ways to contact them in the case of an emergency. If these ways are not something we want to publish (e.g., phone numbers), a few people should know them, and all Tor people should know who those people are and how to contact them in a hurry.
We should have some emergency-response mechanisms in place. If communications are security-sensitive, we should have a way to deal with it in place, rather than the current approach of "send gpg-encrypted email to those people whose keys you happen to have" or "immediately go dark, use OTR to talk pairwise to people you know". Those approaches scale badly; we can probably do better.
We should also have planned responses for emergency events like "A key server looks like it might have been compromised"; "somebody has reported a vulnerability"; "somebody has disclosed a vulnerability"; "one or more authorities have gone down strangely;" "looks like the network is crashing;" and so on.
[*] "core developer" is here defined as "a developer who is likely to needed urgently when something breaks."https://gitlab.torproject.org/legacy/trac/-/issues/2761Orbot Service not shutting down2020-06-13T00:08:40ZTracOrbot Service not shutting downBehaviour:
When closing tor network with big Button and exiting Orbot after tor is "deactivated", privoxy is still running and the Orbot service is not stopped.
Actions:
- Killing Privoxy from shell stops the privoxy process (OK)
- Kill...Behaviour:
When closing tor network with big Button and exiting Orbot after tor is "deactivated", privoxy is still running and the Orbot service is not stopped.
Actions:
- Killing Privoxy from shell stops the privoxy process (OK)
- Killing Orbot process simply restarts the process (BAD)
Env:
- Running Orbot v1.0.4.1
- Android Froyo 2.2.1 speedmod kernel
- Samsung Galaxy
**Trac**:
**Username**: AlBotNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/2981Progress bar in an infinite loop while loading2020-06-13T00:12:50ZSathyanarayanan GunasekaranProgress bar in an infinite loop while loadingOrbot Version - 1.0.5
Device - HTC Legend
1. Start Orbot
2. While the progress bar loads, press Back/home
3. Return to Orbot
The progress bar is in an infinite loop, with no text.
The only way to exit, is to force quit or reboot.Orbot Version - 1.0.5
Device - HTC Legend
1. Start Orbot
2. While the progress bar loads, press Back/home
3. Return to Orbot
The progress bar is in an infinite loop, with no text.
The only way to exit, is to force quit or reboot.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/3081Orbot start up problem/looping dialog2020-06-13T00:14:36ZNathan FreitasOrbot start up problem/looping dialog#1. Almost always it takes two (sometimes three) starts for Orbot to connect properly. One symptom is in #2 below. Another is that all looks good (connection sequence looks correct, drop down alert looks correct) but testing via check....#1. Almost always it takes two (sometimes three) starts for Orbot to connect properly. One symptom is in #2 below. Another is that all looks good (connection sequence looks correct, drop down alert looks correct) but testing via check.torproject.org shows no connection. Exiting and restarting usually yields a working connection.
#2. Frequently on the first try, the app shows the spinning white circular pattern in the black rectangle in front of the Orbot logo, "Orbot is starting" message under the logo, and then stays in that mode indefinitely.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/3082Orbot problems on rooted x10 with jit installed.2020-06-13T00:14:36ZNathan FreitasOrbot problems on rooted x10 with jit installed.JIT is the just in time compiler developed by someone on XDA for the X10. Apparently SE pulled it from the 2.1 build due to a risk of processor overheating. When you put it back you get a performance increase of 50% based on benchmarks...JIT is the just in time compiler developed by someone on XDA for the X10. Apparently SE pulled it from the 2.1 build due to a risk of processor overheating. When you put it back you get a performance increase of 50% based on benchmarks, with the slight cost that when the processor is maxed out it sometimes casues a reboot, although i dont think that was the issue here. Not had a problem with overheating yet, but got safeguards in place.
Went into settings (note given previous problems I had disabled start on boot, might be worth making this default initially?) and enabled logs, attatched to this email.
Note display was helpful on one attempt but blank apart from waiting animation on 2 others. No easy way to stop process apart from task killer.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/3572Disable Orbot transparent redirect for rfc1918 & localhost2020-06-13T00:23:02ZTracDisable Orbot transparent redirect for rfc1918 & localhostThe iptables rules setup on orbot to redirect all traffic through tor cause problems for when I'm on my wireless on my RFC1918 network or trying to access stuff bound onto localhost (vnc, ...).
Could the transparent redirect scripts be ...The iptables rules setup on orbot to redirect all traffic through tor cause problems for when I'm on my wireless on my RFC1918 network or trying to access stuff bound onto localhost (vnc, ...).
Could the transparent redirect scripts be updated to ignore RFC1918 & 127.0.0.X addresses?
**Trac**:
**Username**: dmz@zzservers.comNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/3775Permission error on Orbot2020-06-13T00:27:16ZTracPermission error on OrbotThere's some kind of problem with permissions in Orbot. I'm not sure if this happens only to me, but when I try to start Tor, it cannot access cache/control_auth_cookie. I can chmod it every time, but it is a bit annoying.
**Trac**:
...There's some kind of problem with permissions in Orbot. I'm not sure if this happens only to me, but when I try to start Tor, it cannot access cache/control_auth_cookie. I can chmod it every time, but it is a bit annoying.
**Trac**:
**Username**: etnmichNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/4385Wizard comes up when you try to exit orbot2020-06-13T00:39:30ZSathyanarayanan GunasekaranWizard comes up when you try to exit orbotThe wizard doesn't kill itself due to android's weird handling of activities, so we manually have to kill it once the user clicks on "Options -> Exit".The wizard doesn't kill itself due to android's weird handling of activities, so we manually have to kill it once the user clicks on "Options -> Exit".Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/4423Orbot flushes all foreign iptables rules2020-06-13T00:40:06ZTracOrbot flushes all foreign iptables rulesRegardless of whether transparency proxy is enabled or not, all foreign iptables rules get flushed when connecting or disconnecting to/from Tor.
Iptables chains stay untouched.
This is a big problem when using iptables based firewalls ...Regardless of whether transparency proxy is enabled or not, all foreign iptables rules get flushed when connecting or disconnecting to/from Tor.
Iptables chains stay untouched.
This is a big problem when using iptables based firewalls like "DroidWall" or "LBE Privacy Guard".
Example 1:
A internet access blocked application (a game, google location service, etc.) gets unblocked as soon as Orbot connects/disconnects to Tor.
Example 2:
A application should just be able to communicate through Tor. iptables related firewall blocks it. But Orbot's transparency proxy should allow it.
This still occures on the latest RC build:
"Orbot-1.0.6-Tor-0.2.3.7-alpha-RC3"
**Trac**:
**Username**: aribnsNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/4678Orbot fails to start on Asus Transformer with Prime 2.1.1 FW2020-06-13T00:45:41ZTracOrbot fails to start on Asus Transformer with Prime 2.1.1 FWFor some reason Orbot fails to start on Asus Transformer with Prime v2.1.1 firmware.
----
**Trac**:
**Username**: alllexxFor some reason Orbot fails to start on Asus Transformer with Prime v2.1.1 firmware.
----
**Trac**:
**Username**: alllexxNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/5096Support transferring bridge addresses in QR codes2020-06-13T03:02:59ZRobert RansomSupport transferring bridge addresses in QR codesAt some point (maybe in days, maybe in weeks), we will start distributing bridge addresses which contain multiple 80-bit-or-longer base32-encoded ‘cryptovariables’ (I don't know any other appropriate general term for them). Orbot users ...At some point (maybe in days, maybe in weeks), we will start distributing bridge addresses which contain multiple 80-bit-or-longer base32-encoded ‘cryptovariables’ (I don't know any other appropriate general term for them). Orbot users will want to not retype them into their puny phone keyboards.
See the ‘`libzbar`’ package for a QR-code decoder under the LGPL. See ‘`libqrencode`’ for a QR-code encoder under the LGPL. Neither of these can currently handle binary strings containing NULs (you don't want to be parsing/repacking bridge lines anyway, but you need to know about that bug before you use the QR-code hammer to pound e.g. OTR/GPG fingerprints, BitTorrent info hashes, or Curve25519/Ed25519 public keys).
Also, if you interact with a QR-code decoder through e.g. XML, don't get [bobbytabled](https://xkcd.com/327/). (P.S. ‘`zbarimg --xml`’ sucks.)Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/5305Orbot ( 0.2.3.10-alpha-1.0.7-FINAL) connection error2020-06-13T00:59:12ZTracOrbot ( 0.2.3.10-alpha-1.0.7-FINAL) connection errorOrbot was working fine . now it refuses to connect and displays a working status and the following errors .
D/Orbot ( 3435): Attempt: Error connecting to control port: /data/data/org.torproject.android/cache/control_auth_cookie (Per...Orbot was working fine . now it refuses to connect and displays a working status and the following errors .
D/Orbot ( 3435): Attempt: Error connecting to control port: /data/data/org.torproject.android/cache/control_auth_cookie (Permission denied)
D/Orbot ( 3435): java.io.FileNotFoundException: /data/data/org.torproject.android/cache/control_auth_cookie (Permission denied)
I am using a samsung i9100 on a stock rom and Orbot version 0.2.3.10-alpha-1.0.7-FINAL
**Trac**:
**Username**: TBA001Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/5469Orbot: can't specify node restrictions2020-06-13T01:02:26ZTracOrbot: can't specify node restrictionsI'm using Orbot (v0.2.3.10-alpha-1.0.7-FINAL, on Android ICS v4.0.1) and I can't seem to get the exit node I request.
In the Exit and Entrance Node fields I have "{us}" entered, yet sometimes I get IP's outside the US. Yesterday I got a ...I'm using Orbot (v0.2.3.10-alpha-1.0.7-FINAL, on Android ICS v4.0.1) and I can't seem to get the exit node I request.
In the Exit and Entrance Node fields I have "{us}" entered, yet sometimes I get IP's outside the US. Yesterday I got a UK ip.
Also, at random (usually after 30 minutes or so) I seem to lose connection to the Tor network without Orbot notifying me. I'm using Pandora from Canada.
**Trac**:
**Username**: dvdwsnNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/5751Standardize SOCKS extensions to support proxied DNS queries2020-06-13T01:08:39ZRobert RansomStandardize SOCKS extensions to support proxied DNS queriesTor supports anonymous DNS resolution through its SocksPort, but no application (except the `tor-resolve` utility shipped with Tor) uses that feature, probably because it's not an IETF standard. Perhaps that should be changed.
This wil...Tor supports anonymous DNS resolution through its SocksPort, but no application (except the `tor-resolve` utility shipped with Tor) uses that feature, probably because it's not an IETF standard. Perhaps that should be changed.
This will probably involve designing a new DNS-resolution SOCKS command and implementing it in Tor; Tor's current SOCKS commands are not likely to be accepted as a standard (even if they're renumbered) because they do not support most of DNS's new and interesting features.https://gitlab.torproject.org/legacy/trac/-/issues/5886Orbot needs wifi only option for Relay.2020-06-13T01:11:13ZNathan FreitasOrbot needs wifi only option for Relay.Orbot for Android has a Relay setting. And I would love to use it to help. However, you might want to enable as a default ACTIVE if on WiFi. That way everybody who downloads it can help when on WiFi and not while on a limited mobile p...Orbot for Android has a Relay setting. And I would love to use it to help. However, you might want to enable as a default ACTIVE if on WiFi. That way everybody who downloads it can help when on WiFi and not while on a limited mobile phone plan.
Or for those who have limited data plans, they can set the Relay to be on when WiFi is detected.
And if On when WiFi is detected, the phones can also serve as your Exit points. Furthering the cause.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/6137Icon not in toolbar after killing2020-06-13T01:16:35ZTracIcon not in toolbar after killingOrbot icon is not in toolbar even though connected to the Tor network and Always-On Notifications is selected in the settings. I killed the Orbot application in the Android GUI and started it again by clicking on its icon but did not cli...Orbot icon is not in toolbar even though connected to the Tor network and Always-On Notifications is selected in the settings. I killed the Orbot application in the Android GUI and started it again by clicking on its icon but did not click the start button. The version is 0.2.3.15-ALPHA-1.0.8-RC3.
**Trac**:
**Username**: mattiNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/6264obfsproxy: Add support for dropping privileges and chrooting2020-06-13T01:19:12ZTracobfsproxy: Add support for dropping privileges and chrooting```
[PATCH 1/2] Make obfsproxy drop privileges if requested
Added --user and --group arguments which will make obfsproxy drop privileges
and switch to the given user/group.
The code for droping privileges is shamelessly taken from the ...```
[PATCH 1/2] Make obfsproxy drop privileges if requested
Added --user and --group arguments which will make obfsproxy drop privileges
and switch to the given user/group.
The code for droping privileges is shamelessly taken from the Tor project and
adopted to obfsproxy. The switch_id() function in src/common/compat.c was used.
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
---
configure.ac | 3 +
src/external.c | 16 +++++++-
src/main.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
src/managed.c | 10 +++++
4 files changed, 147 insertions(+), 2 deletions(-)
[PATCH 2/2] Added support for chrooting obfsproxy
This patch adds --chroot=<dir> which will chroot the process as soon
as possible.
For more info about chrooting, see this URL:
<http://www.unixwiz.net/techtips/chroot-practices.html>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
---
src/main.c | 27 +++++++++++++++++++++++++--
1 files changed, 25 insertions(+), 2 deletions(-)
```
**Trac**:
**Username**: dazohttps://gitlab.torproject.org/legacy/trac/-/issues/6359make use of stream isolation2020-06-13T01:21:19Zpropermake use of stream isolationTorBirdy should not use the same circuit that any other torified applications may use. Streams should get isolated.
A different circuit should also be used for each account, similar to what Tor Browser does when isolating different doma...TorBirdy should not use the same circuit that any other torified applications may use. Streams should get isolated.
A different circuit should also be used for each account, similar to what Tor Browser does when isolating different domains.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/6988[orbot] Orbot relies on "which" to find the "su" binary.2020-06-13T01:35:15ZTrac[orbot] Orbot relies on "which" to find the "su" binary.On a stock system without busybox, requesting root access fails because "which"(a part of busybox) is not available.
D/Orbot (12049): executing shell cmds: which su; runAsRoot=false;waitFor=true
D/Orbot (12049): Could not acquire ro...On a stock system without busybox, requesting root access fails because "which"(a part of busybox) is not available.
D/Orbot (12049): executing shell cmds: which su; runAsRoot=false;waitFor=true
D/Orbot (12049): Could not acquire root permissions
############
% adb shell
shell@android:/ $ which which
/system/bin/sh: which: not found
127|shell@android:/ $su
shell@android:/ # echo -e '#!/system/bin/sh\necho /system/xbin/su' > /system/xbin/which
shell@android:/ # chmod 755 /system/xbin/which
shell@android:/ # which
/system/xbin/su
############
After that. It works.
**Trac**:
**Username**: MSalNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/7254Orbot WARNs DNSPort and TransPort public address specified2020-06-13T01:40:54ZcypherpunksOrbot WARNs DNSPort and TransPort public address specified"WARN You specified and public address for DNSPort (and TransPort). Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason."
I don't have a good reason an..."WARN You specified and public address for DNSPort (and TransPort). Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason."
I don't have a good reason and want to fix this. There are 4 WARN messages, 1 DNSPort, another TransPort, another DNSPort and another Transport. They repeat as the Orbot log updates itself.
Orbot version 0.2.3.23-rc-1.0.11-RC6 on Samsung EXhibit II running CyanogenMod version 9-20120826_UNOFFICIAL-aancora-tmo
Hopefully I'm posting correctly in the correct place.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/7532Count unique IPs in an anonymous way2020-06-13T04:05:38ZGeorge KadianakisCount unique IPs in an anonymous wayCurrently, pyobfsproxy (and obfsproxy) keep a list of IPs (or IP hashes) in memory to count connected unique IPs.
Velope suggested that we should find a more privacy-preserving way of counting unique IPs, and he is right.
Aaron suggest...Currently, pyobfsproxy (and obfsproxy) keep a list of IPs (or IP hashes) in memory to count connected unique IPs.
Velope suggested that we should find a more privacy-preserving way of counting unique IPs, and he is right.
Aaron suggested to look into https://git.eff.org/?p=cryptolog.git
and nick suggested to "use a bloom filter; count bits; get a probabilistic answer".Tor: unspecifiedhttps://gitlab.torproject.org/legacy/trac/-/issues/7918HTML5 videos on Dailymotion are not working with TBB2020-06-13T01:52:44ZcypherpunksHTML5 videos on Dailymotion are not working with TBBHTML5 videos on Dailymotion are generating the following error with TBB:
"Media Not Supported
This video could not be loaded, either because the server or network failed or because the format is not supported."HTML5 videos on Dailymotion are generating the following error with TBB:
"Media Not Supported
This video could not be loaded, either because the server or network failed or because the format is not supported."https://gitlab.torproject.org/legacy/trac/-/issues/8079WARNING: error starting transparent proxying!2020-06-13T01:55:43ZTracWARNING: error starting transparent proxying!Hi,
I'm getting "WARNING: error starting transparent proxying!". Looks similar to https://trac.torproject.org/projects/tor/ticket/3891 but thing is:
- it was working just after Orbot installation (no warn message + I verified this for ...Hi,
I'm getting "WARNING: error starting transparent proxying!". Looks similar to https://trac.torproject.org/projects/tor/ticket/3891 but thing is:
- it was working just after Orbot installation (no warn message + I verified this for some apps and tethering on https://check.torproject.org/).
- I have CyanogenMod-7.2.0-vision installed (root access is granted for Orbot).
I was trying to use Orbot-bundled iptables but with no change.
I'll try to attach debug log ASAP. If you'll need additional information please let me know.
regards
milo
**Trac**:
**Username**: miloNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/9725'About' section has outdated information2020-06-13T02:30:59ZMatt Pagan'About' section has outdated informationAccording to a user, the 'About' section in Orbot still says it uses Tor 0.2.3.According to a user, the 'About' section in Orbot still says it uses Tor 0.2.3.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/9861Orbot: enter multiple bridges, but it only uses one2020-06-13T02:34:00ZTracOrbot: enter multiple bridges, but it only uses oneThis is Orbot 12.0.5 on Android 2.3.x.
* use bridges is checked
* obfuscated bridges is checked
* bridge addresses are 1 per line, IP:port
* I know >1 of these work as I operate some of them for testing
I see a LAUNCHED for every bridg...This is Orbot 12.0.5 on Android 2.3.x.
* use bridges is checked
* obfuscated bridges is checked
* bridge addresses are 1 per line, IP:port
* I know >1 of these work as I operate some of them for testing
I see a LAUNCHED for every bridge when I start up Orbot connecting, but, circuits are only ever built through the second bridge on the list, for whatever reason. I never see log messages about the others other than LAUNCHED at startup.
Please let me know if there is a better place to submit this bug - I can't find it with The Guardian Project.
**Trac**:
**Username**: gmorehouseNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/9902need separate Obfsproxy Windows binary2020-06-13T02:34:55ZTracneed separate Obfsproxy Windows binaryI am using Tor Expert Bundle in Windows. Adding obfs2/obfs3 bridges to torrc always get warnings like this:
```
[warn] We were supposed to connect to bridge 'xxx.xxx.xxx.xxx:xxxxx' using pluggable transport 'obfs2', but we can't find a ...I am using Tor Expert Bundle in Windows. Adding obfs2/obfs3 bridges to torrc always get warnings like this:
```
[warn] We were supposed to connect to bridge 'xxx.xxx.xxx.xxx:xxxxx' using pluggable transport 'obfs2', but we can't find a pluggable transport proxy supporting 'obfs2'. This can happen if you haven't provided a ClientTransportPlugin line, or if your pluggable transport proxy stopped running.
```
Tor Expert Bundle does not include any pluggable, and as far as I know, obfsproxy does not provide separate binary neither, except the the whole big Tor Browser bundle. I would like keeping use "lightweight" Tor Expert Bundle with obfs support. Could you please provide separate Obfsproxy for Windows?
Thanks.
**Trac**:
**Username**: mosesofmasonhttps://gitlab.torproject.org/legacy/trac/-/issues/9961Orbot contact information cannot be configured2020-06-13T02:36:07ZTracOrbot contact information cannot be configuredOrbot contact information cannot be configured in the settings menu and that leads to an INFO complaint about not set contact information in the log if Orbot is set up as a relay.
**Trac**:
**Username**: mattiOrbot contact information cannot be configured in the settings menu and that leads to an INFO complaint about not set contact information in the log if Orbot is set up as a relay.
**Trac**:
**Username**: mattiNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/10134Create bananaphone transport for obfsproxy2020-06-13T02:39:45ZGeorge KadianakisCreate bananaphone transport for obfsproxydavid415 has started writing an obfsproxy module for bananaphone.
Code can be found here:
https://github.com/david415/obfsproxy
Discussion thread:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005737.htmldavid415 has started writing an obfsproxy module for bananaphone.
Code can be found here:
https://github.com/david415/obfsproxy
Discussion thread:
https://lists.torproject.org/pipermail/tor-dev/2013-November/005737.htmlhttps://gitlab.torproject.org/legacy/trac/-/issues/10337I'm not sure what the error is here2020-06-13T02:43:32ZTracI'm not sure what the error is here```
Orbot is starting?
Orbot is starting?
(re)Setting permission on Tor binary
(re)Setting permission on Privoxy binary
(re)Setting permission on Obfsproxy binary
Orbot is starting?
got tor proc id: 18511
Tor process id=18511
Con...```
Orbot is starting?
Orbot is starting?
(re)Setting permission on Tor binary
(re)Setting permission on Privoxy binary
(re)Setting permission on Obfsproxy binary
Orbot is starting?
got tor proc id: 18511
Tor process id=18511
Connecting to control port: 9051
SUCCESS connected to control port
SUCCESS authenticated to control port
Starting Tor client? complete.
adding control port event handler
SUCCESS added control port event handler
Starting privoxy process
/data/data/org.torproject.android/app_bin/privoxy /data/data/org.torproject.android/app_bin/privoxy.config &
orConnStatus (CaptainPicard2): LAUNCHED
NOTICE: Bootstrapped 85%: Finishing handshake with first hop.
NOTICE: We weren't able to find support for all of the TLS ciphersuites that we wanted to advertise. This won't hurt security, but it might make your Tor (if run as a client) more easy for censors to block.
NOTICE: To correct this, use a more recent OpenSSL, built without disabling any secure ciphers or features.
Privoxy is running on port:8118
Privoxy process id=18521
Transparent Proxying: enabling...
enabling transproxy for app: com.forshared(10142)
enabling transproxy for app: mgeek.dolphin.[10114(10114)](10114(10114))
enabling transproxy for app: com.humblebundle.library(10107)
enabling transproxy for app: com.opera.browser(10138)
enabling transproxy for app: com.silvermoon.client(10099)
enabling transproxy for app: com.cloudmosa.puffin(10116)
enabling transproxy for app: com.valvesoftware.android.steam.community(10102)
enabling transproxy for app: com.google.android.youtube(10091)
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10142 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10142 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10142 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10067 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10067 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10067 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10114 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10114 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10114 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10107 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10107 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10107 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10138 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10138 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10138 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10099 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10099 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10099 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10116 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10116 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10116 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10102 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10102 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10102 -p udp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p tcp ! -d 127.0.0.1 -m owner --uid-owner 10091 -m tcp --syn -j REDIRECT --to-ports 9040 || exit
/data/data/org.torproject.android/app_bin/iptables -t nat -A OUTPUT -p udp -m owner --uid-owner 10091 -m udp --dport 53 -j REDIRECT --to-ports 5400 || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 5400 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 9040 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -d 127.0.0.1 --dport 8118 -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp -o lo -j ACCEPT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p tcp ! -d 127.0.0.1 -j REJECT || exit
/data/data/org.torproject.android/app_bin/iptables -t filter -A OUTPUT -m owner --uid-owner 10091 -p udp ! -d 127.0.0.1 -j REJECT || exit
;errCode=0;resp=FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:478
TorTransProxy resp code: 0
```
It stops at 85% and it doesnt go on to a green onion.
**Trac**:
**Username**: BubblesNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/10371Obfsproxy memory leak2020-06-13T02:44:12ZTracObfsproxy memory leakHi everyone,
I have installed Obfsproxy from Tor project Debian and Python repositories (one v0.2.3 and the other v0.2.4) on my Ubuntu 12.04 LTS. Unfortunately both of them has memory leak problem and if too many users start using the s...Hi everyone,
I have installed Obfsproxy from Tor project Debian and Python repositories (one v0.2.3 and the other v0.2.4) on my Ubuntu 12.04 LTS. Unfortunately both of them has memory leak problem and if too many users start using the server, it makes the RAM full and crashes by itself. How can I generate a full report from this memory leak and place it here to help developers fix the issue?
Thanks.
**Trac**:
**Username**: taher12112https://gitlab.torproject.org/legacy/trac/-/issues/10647Orbot completely broken Android 4.1.22020-06-13T02:50:06ZTracOrbot completely broken Android 4.1.2I’ve used Orbot in the past on Android with success with different browsers, but the latest version seems to be completely broken as far as I could tell.
1. No matter what you do no application can see Tor running, so checking the Tor s...I’ve used Orbot in the past on Android with success with different browsers, but the latest version seems to be completely broken as far as I could tell.
1. No matter what you do no application can see Tor running, so checking the Tor status page shows that Tor is inactive even when it’s running.
The phone is rooted and I set “Transparent proxying to ON”
But not “Tor everything”
I then manually added different browsers in the add app section.
I tried in several different browsers including Orweb (marked as ‘latest’).
One browser seemed to realize it was connected to something but returned the message “There is a problem with the proxy server” and could not connect to anything.
All other browsers I tried simply ignore that Tor is running and connect directly (as seen on inspection of an IP checking site (or in Orweb that Check Tor page))
Currently this implementation of Tor on Android is completely unusable, which is a shame as it used to work great.
**Trac**:
**Username**: margoliaNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/10684Torbirdy does not remember customized settings after enabling it again2020-06-13T06:03:14ZGeorg KoppenTorbirdy does not remember customized settings after enabling it againI usually have my Torbirdy pointed to the ports used by my TBB and it is a bit annoying that I always need to adapt its settings manually after enabling the extension again.I usually have my Torbirdy pointed to the ports used by my TBB and it is a bit annoying that I always need to adapt its settings manually after enabling the extension again.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/10762TorBridy should try both SOCKS port 9050 and 91502020-06-13T05:14:03ZMike PerryTorBridy should try both SOCKS port 9050 and 9150TorBridy's SOCKS configuration should try both 9050 and 9150 and use the one that works.
You can crib Torbutton's local tor check here (which requires access to the control port):
https://gitweb.torproject.org/torbutton.git/blob/master:...TorBridy's SOCKS configuration should try both 9050 and 9150 and use the one that works.
You can crib Torbutton's local tor check here (which requires access to the control port):
https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l1701
We wrap that with the option to fall back to the remote check if transproxy is set here:
https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l1675
The remote check is here:
https://gitweb.torproject.org/torbutton.git/blob/master:/src/chrome/content/torbutton.js#l1770
Unfortunately if you perform any network activity (including a remote tor check) with a socks port set, you may run into #8511, causing any hosts you contact to become unreachable after you change SOCKS settings. I am not sure if that caching behavior is present in Thunderbird too. The local tor check won't be affected by this bug, though.Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/10782Improve the spec of UniformDH2020-06-13T02:52:23ZGeorge KadianakisImprove the spec of UniformDHUniformDH is used by obfs3 and scramblesuit currently, and it might get used by more projects in the future. Yawning suggested to improve its spec to make its adoption easier.
Yawning suggested adding test vectors. We can look at test v...UniformDH is used by obfs3 and scramblesuit currently, and it might get used by more projects in the future. Yawning suggested to improve its spec to make its adoption easier.
Yawning suggested adding test vectors. We can look at test vectors of other key exchange protocols to see how they should look like. Example:
https://tools.ietf.org/html/rfc6932#appendix-A.1
Some more suggestions:
```
14:54 < Yawning> *looks at the list of gotchas*
14:54 < Yawning> spec should clarify that 0s are inserted if the public key is shorter than 1536 bits (probably obvious)
14:55 < Yawning> Should clarify that abs(p - X) is sent (99% sure that's what happens)
14:55 < Yawning> spec says to simply raise the public key, when it's another mod exp operation
14:56 < Yawning> apart from "wtb test vectors" those where the things i found
15:00 < Yawning> I also was sort of sad that MAX_PADDING isn't a power of 2, but probably too late to change that and that might have been deliberate
```https://gitlab.torproject.org/legacy/trac/-/issues/10836Enable mail account autoconfig dialog in TorBirdy2020-06-13T02:53:26ZTracEnable mail account autoconfig dialog in TorBirdyCurrently, TorBirdy entirely blocks the mail account autoconfig dialog in Thunderbird. It requires the user to manually configure the mail account servers.
-----
This is suboptimal, because the declared goal of TorBirdy is to reach com...Currently, TorBirdy entirely blocks the mail account autoconfig dialog in Thunderbird. It requires the user to manually configure the mail account servers.
-----
This is suboptimal, because the declared goal of TorBirdy is to reach common users (not geeks), and common users have massive problems with this configuration. This is why they use webmail, and why we write this dialog to help them with Thunderbird - they simply *can't* do it alone.
Furthermore, if they try to find the settings themselves on the web, they
* expose themselves to similar or worse phishing attempts (if you can serve a bad config XML file, you can serve a bad HTML documentation page)
* more importantly, the mail configs published by the ISPs are often without encryption.
With the ISPDB, I took great care to find and use the best config that an ISP offers, esp. SSL and encrypted passwords, even if that config is undocumented and not officially supported. In a way, you could compare the ISPDB with HTTPS Everywhere, because it performs a similar function (use SSL where possible, even if not advertized by site) and even similar means (HTTPS Everywhere communicates with some central servers, just like the Mozilla ISPDB).
Thus, I think disabling the autoconfig dialog does users a dis-service not only in convenience and usability (in the literal sense of the word), but more importantly in security, because we know about SSL configs that users might not know or find.
-----
The reason why the autoconfig dialog was disabled were some HTTP (without SSL) calls and direct socket calls.
Thus, in Mozilla bug 669282 [1], I attached a patch to disable them. I wrote this patch specifically for TorBirdy.
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=669282
**Trac**:
**Username**: benhttps://gitlab.torproject.org/legacy/trac/-/issues/10874TorButton won't "blink" for update if using local Tor2020-06-13T02:54:08ZcypherpunksTorButton won't "blink" for update if using local TorWhen using a local Tor and setting TorLauncher not to spawn Tor (about:config, extensions.torlauncher.start_tor is false, as is extensions.torlauncher.prompt_at_startup), the TorButton turns into a big 'X' and doesn't tell me about updat...When using a local Tor and setting TorLauncher not to spawn Tor (about:config, extensions.torlauncher.start_tor is false, as is extensions.torlauncher.prompt_at_startup), the TorButton turns into a big 'X' and doesn't tell me about updates. Even if I had no Tor at all, I still need security updates!
In any case, I still am using Tor. I am using a local system Tor, I do not want to connect twice and I like to manage my bridges and everything else in one place. Thanks!https://gitlab.torproject.org/legacy/trac/-/issues/11050pycrypto's AES implementation is not constant time2020-06-13T02:57:18ZYawning Angelpycrypto's AES implementation is not constant timeThis is a non-issue when AES-NI is supported by the host CPU since a separate code path is taken.
https://github.com/dlitz/pycrypto/blob/master/src/AES.c
It's not too bad in the pluggable transport case since traffic is super-enciphere...This is a non-issue when AES-NI is supported by the host CPU since a separate code path is taken.
https://github.com/dlitz/pycrypto/blob/master/src/AES.c
It's not too bad in the pluggable transport case since traffic is super-enciphered, the session keys are ephemeral, and actually extracting sufficiently accurate timing information is probably non-trivial, but it probably should be addressed somehow.https://gitlab.torproject.org/legacy/trac/-/issues/11093obfsproxy should use C implementation of UniformDH2020-06-13T02:57:56ZGeorge Kadianakisobfsproxy should use C implementation of UniformDHWe are currently using a C implementation of UniformDH that is quite slow (even with gmpy2 for mod exp).
Yawning implemented UniformDH in C using OpenSSL and we should use his library.
He posted an obfsproxy patch in #11015 :
https://t...We are currently using a C implementation of UniformDH that is quite slow (even with gmpy2 for mod exp).
Yawning implemented UniformDH in C using OpenSSL and we should use his library.
He posted an obfsproxy patch in #11015 :
https://trac.torproject.org/projects/tor/attachment/ticket/11015/0001-Add-support-for-using-py-uniformdh.patch
And the implementation can be found in:
https://github.com/Yawning/py-uniformdhhttps://gitlab.torproject.org/legacy/trac/-/issues/11134obfsproxy's SOCKS server should send success response post handshake2020-06-13T14:34:35ZYawning Angelobfsproxy's SOCKS server should send success response post handshakeCurrently the obfsproxy SOCKS server sends the response back to tor immediately after the TCP/IP connection has been established, instead of after the underlying transport has been fully initialized.
This behavior is incorrect, and shou...Currently the obfsproxy SOCKS server sends the response back to tor immediately after the TCP/IP connection has been established, instead of after the underlying transport has been fully initialized.
This behavior is incorrect, and should be changed to each of the underlying transports signalling that they are ready to relay data after they manage to handshake.
With the current SOCKSv4Protocol based listener this would require further monkey patching which may be a good argument for defering this till after #9221 or similar gets merged.https://gitlab.torproject.org/legacy/trac/-/issues/11190obfsproxy shebang should point to "python2", not "python"2020-06-13T02:59:48ZYawning Angelobfsproxy shebang should point to "python2", not "python"It currently points at "python" which is not version specific and will break horribly on systems where the default system python is python3.
This isn't a issue when it is installed with setup.py, but was when I tried a TBB nightly a few...It currently points at "python" which is not version specific and will break horribly on systems where the default system python is python3.
This isn't a issue when it is installed with setup.py, but was when I tried a TBB nightly a few days ago. As far as I can tell every system that has python2.x installed with have a "python2" symlink so changing the shebang won't break places where this works now, but will allow it to work on more systems without breaking in horrible unintuitive ways for the user.https://gitlab.torproject.org/legacy/trac/-/issues/11197obfsproxy should provide congestion feedback2020-06-13T02:59:59ZYawning Angelobfsproxy should provide congestion feedbackI went over this in IRC tonight to a poor GSOC student who was thinking about doing a CBR plugin, so I'll file a bug while it's fresh on my mind.
Currently there is nothing in place to prevent unbound buffer growth in obfsproxy. This p...I went over this in IRC tonight to a poor GSOC student who was thinking about doing a CBR plugin, so I'll file a bug while it's fresh on my mind.
Currently there is nothing in place to prevent unbound buffer growth in obfsproxy. This problem arises when the bottleneck link is extremely narrow.
For example, examine the following network topology:
Client <-> obfsproxy <-> 14.4 kbit modem <-> ISP <-> 100 Mbit <-> obfsproxy <-> Server
The Client opens a connection, and initiates a bulk download from the Server. Since there is no mechanism to indicate congestion, the outgoing buffer in the Server side obfsproxy process will grow because feedback from the Client in the form of the shrinking TCP/IP receive window will not get propagated.
The same thing will happen on the Client side with a bulk upload, because the loopback interface has a gigantic amount of bandwidth compared to the bottleneck link.
Twisted connections have a producer/consumer interface (and can handle stopping reading once the send buffer reaches a certain threshold 'self.bufferSize'), so refactoring the base transport to use this interface to glue the upstream/downstream together would be the "correct" approach to solving this problem.
See https://twistedmatrix.com/documents/current/core/howto/producers.html for more details.https://gitlab.torproject.org/legacy/trac/-/issues/11203ScrambleSuit CSPRNG for Probability Distributions2020-06-13T03:00:09ZYawning AngelScrambleSuit CSPRNG for Probability DistributionsAs discussed in #10893, ScrambleSuit should use a CSPRNG when generating/sampling the probability distributions for the packet length and inter packet arrival times.
I have went ahead and implemented this in a branch at https://github.c...As discussed in #10893, ScrambleSuit should use a CSPRNG when generating/sampling the probability distributions for the packet length and inter packet arrival times.
I have went ahead and implemented this in a branch at https://github.com/yawning/obfsproxy/tree/ctr_drbg
It appears to work though packet distributions for existing bridges will change when they update to use the new PRNG (for obvious reasons). There also are some unit tests that use the NIST AES CTR test vectors to make sure that the bytes that are expected to come out with a given key/initial counter do.
phw said I should be doing development vs the scramblesuit repo, but since the plan is to fold the repo with history into obfsproxy, I did it the other way. If needed, I will move the ctr_drbg module into scramblesuit/transports and make a scramblesuit branch for this, but since it's not a critical thing, merging this can wait till after the repo madness is done.https://gitlab.torproject.org/legacy/trac/-/issues/11245Orbot bootstraped problem2020-06-13T03:00:57ZTracOrbot bootstraped problemOn my un rooted samsung galaxy note 10.1 Orbot only gets to bootstrapped 25%.
My system information:
Android version: 4.1.2
Model Number: GT - N8010
Log:
Orbot is starting…
Orbot is starting…
Tor binary exists: /data/data/org.torproje...On my un rooted samsung galaxy note 10.1 Orbot only gets to bootstrapped 25%.
My system information:
Android version: 4.1.2
Model Number: GT - N8010
Log:
Orbot is starting…
Orbot is starting…
Tor binary exists: /data/data/org.torproject.android/lib/libtor.so
Privoxy binary exists: /data/data/org.torproject.android/lib/libprivoxy.so
Obfsproxy binary exists: /data/data/org.torproject.android/lib/libobfsproxy.so
Xtables binary exists: /data/data/org.torproject.android/lib/libxtables.so
link RM err=0 out:
link LN err=0 out:
libtor.so: PRE: Is binary exec? true
(re)Setting permission on binary: /data/data/org.torproject.android/lib/libtor.so
libtor.so: POST: Is binary exec? true
tor: PRE: Is binary exec? true
(re)Setting permission on binary: /data/data/org.torproject.android/app_bin/tor
tor: POST: Is binary exec? true
libprivoxy.so: PRE: Is binary exec? true
(re)Setting permission on binary: /data/data/org.torproject.android/lib/libprivoxy.so
libprivoxy.so: POST: Is binary exec? true
libobfsproxy.so: PRE: Is binary exec? true
(re)Setting permission on binary: /data/data/org.torproject.android/lib/libobfsproxy.so
libobfsproxy.so: POST: Is binary exec? true
libxtables.so: PRE: Is binary exec? true
(re)Setting permission on binary: /data/data/org.torproject.android/lib/libxtables.so
libxtables.so: POST: Is binary exec? true
Orbot is starting…
got tor proc id: 21351
Tor process id=21351
Connecting to control port: 9051
SUCCESS connected to control port
SUCCESS authenticated to control port
Starting Tor client… complete.
adding control port event handler
SUCCESS added control port event handler
updating settings in Tor service
Starting privoxy process
/data/data/org.torproject.android/lib/libprivoxy.so /data/data/org.torproject.android/app_bin/privoxy.config &
orConnStatus (madiba): LAUNCHED
NOTICE: Bootstrapped 10%: Finishing handshake with directory server.
Privoxy is running on port:8118
Privoxy process id=21371
NOTICE: Bootstrapped 15%: Establishing an encrypted directory connection.
orConnStatus (itpol2): CONNECTED
orConnStatus (madiba): CONNECTED
NOTICE: Bootstrapped 20%: Asking for networkstatus consensus.
Circuit (1) BUILT: itpol2
NOTICE: I learned some more directory information, but not enough to build a circuit: We have no recent usable consensus.
Circuit (2) BUILT: madiba
NOTICE: Bootstrapped 25%: Loading networkstatus consensus.
Circuit (2) CLOSED: madiba
NOTICE: I learned some more directory information, but not enough to build a circuit: We have no recent usable consensus.
**Trac**:
**Username**: isaac868Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11354Make obfsproxy more fork-friendly2020-06-13T03:07:31ZGeorge KadianakisMake obfsproxy more fork-friendlyPTs need to support a few PT interfaces. For example:
a) The managed-mode PT configuration protocol
b) SOCKS support (also support for proposal229)
c) Extended ORPort (and eventually TransportControlPort)
d) Proxy support to connect to p...PTs need to support a few PT interfaces. For example:
a) The managed-mode PT configuration protocol
b) SOCKS support (also support for proposal229)
c) Extended ORPort (and eventually TransportControlPort)
d) Proxy support to connect to proxies
pyptlib can help with (a), but does nothing about the other points (e.g. check #7903).
It has been suggested that instead of trying to fit those features in pyptlib, we instead implement them in obfsproxy, and suggest to people to use obfsproxy to developer their PTs.
However, it is the case that obfsproxy is optimized for the "app that supports multiple PTs" use case, and not for the "app that can be forked to support your PT".
If we get more people interested in writing PTs, it might make sense to start designing/fork obfsproxy with that use case in mind.https://gitlab.torproject.org/legacy/trac/-/issues/11355Provide obfsproxy nightlies in our debian repositories2020-06-13T03:03:10ZGeorge KadianakisProvide obfsproxy nightlies in our debian repositoriesPeople are asking for obfsproxy nightlies (#10954). It would be brilliant if people could add our debian repo, and get the latest obfsproxy master through it.
How can I help you do this?
No hurry on this one. I mainly made this ticket ...People are asking for obfsproxy nightlies (#10954). It would be brilliant if people could add our debian repo, and get the latest obfsproxy master through it.
How can I help you do this?
No hurry on this one. I mainly made this ticket because #10954 was not very specific.
Thanks!LunarLunarhttps://gitlab.torproject.org/legacy/trac/-/issues/11559Orbot-v13.0.7-BETA-1: "Tor Tethering" not working2020-06-13T03:06:29ZcypherpunksOrbot-v13.0.7-BETA-1: "Tor Tethering" not workingHi,
I'm running the latest Orbot version [1] on a rooted Android 4.0.4 and enabled
"Tor Tethering" while enabling Internet via 3G, but the devices connecting to the hotspot are not routed over Tor (tested via checkip.dyndns.org).
Sho...Hi,
I'm running the latest Orbot version [1] on a rooted Android 4.0.4 and enabled
"Tor Tethering" while enabling Internet via 3G, but the devices connecting to the hotspot are not routed over Tor (tested via checkip.dyndns.org).
Should this work or is this a experimental feature anyway?
How can I help to debug this?
https://guardianproject.info/releases/Orbot-v13.0.7-BETA-1.apkNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/11560Orbot-v13.0.7-BETA-1: "Tor Tethering" > Warnings about Listeners on 0.0.0.02020-06-13T14:30:21ZcypherpunksOrbot-v13.0.7-BETA-1: "Tor Tethering" > Warnings about Listeners on 0.0.0.0
"
WARN: You specified a public address '0.0.0.0:9050' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
WARN: You specified a public ...
"
WARN: You specified a public address '0.0.0.0:9050' for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
WARN: You specified a public address '0.0.0.0:5400' for DNSPort. Other people...
WARN: You specified a public address '0.0.0.0:9040' for TransPort. Other people...
WARN: You have a ControlPort set to accept connections from a non-local address. This means that programs not running on you computer can reconfigure you Tor. That's pretty bad, since the controller protocol isn't encrypted! Maybe you should ...
"
I assume these listeners are there due to the enabled "Tor Tethering", but wouldn't it be possible to bind these listeners to the WIFI interface only (I assume they are only needed there)?Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12411Orbot broke using DNSPort2020-06-13T03:16:31ZIsis LovecruftOrbot broke using DNSPortOrbot 14.0.3.1 completely breaks networking, if you have firewall scripts which don't allow leaks.
**THIS MEANS THAT ORBOT IS LEAKING LIKE THE FUCKING PENTAGON PAPERS, EXCEPT NOT IN A GOOD WAY.**
This is because Orbot (as of 14.0.3.1 ...Orbot 14.0.3.1 completely breaks networking, if you have firewall scripts which don't allow leaks.
**THIS MEANS THAT ORBOT IS LEAKING LIKE THE FUCKING PENTAGON PAPERS, EXCEPT NOT IN A GOOD WAY.**
This is because Orbot (as of 14.0.3.1 and later) [sets `DNSPort 0`](https://gitweb.torproject.org/orbot.git/commitdiff/2ce9ea92f14f7b5c04798809f0c262475766977e), which disables tor's `DNSPort` entirely. This means that people who use iptables scripts outside of Orbot (as described in [Mike Perry's recent blog post](https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy)) to redirect UDP DNS traffic to the `DNSPort` cannot do so. It also means that _every other application will leak traffic all over the place_.
Currently, the only way to fix this mess is to force stop and uninstall Orbot, download an older (14.0.1) .apk onto another device, and copy it over manually to the broken one to reinstall it. This is ridiculous. You're practically bricking people's devices, and you're forcing them to jump through extreme hoops to preserve their anonymity.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12413Orbot doesn't use separate torrcs, and overrides & overwrites user-set torrcs2020-06-13T03:16:33ZIsis LovecruftOrbot doesn't use separate torrcs, and overrides & overwrites user-set torrcsYou _can_ use multiple `torrc` files simultaneously. [RTFM](https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/tor.1.txt#l52)You _can_ use multiple `torrc` files simultaneously. [RTFM](https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/tor.1.txt#l52)Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12677fteproxy server's response to malformed messages2020-06-13T03:21:42Zkpdyerfteproxy server's response to malformed messagesRaised here: https://trac.torproject.org/projects/tor/ticket/12673
cypherpunks suggests that fteproxy, when using an HTTP regex, should tolerate a range of HTTP headers. Specifically, an fteproxy server when using HTTP will terminate th...Raised here: https://trac.torproject.org/projects/tor/ticket/12673
cypherpunks suggests that fteproxy, when using an HTTP regex, should tolerate a range of HTTP headers. Specifically, an fteproxy server when using HTTP will terminate the connection, if the following is submitted:
```
GET /<encoded_data> HTTP/1.1\r\n
Host: tpo.org\r\n
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
Accept-Language: en-us,en;q=0.5\r\n
Accept-Encoding: gzip, deflate\r\n
Connection: keep-alive\r\n
\r\n
```
It turns out that this is a complex issue to solve in general, as one solution we could allow custom error handlers in fteproxy that are activated under certain cases.
As a step towards this, we should probably distinguish between the following two cases:
* The server receives a message that is in the language specified by the regex, but is malformed.
* The server receives a message that is NOT in the language specified by the regex, and is, by definition, malformed.
Thoughts?kpdyerkpdyerhttps://gitlab.torproject.org/legacy/trac/-/issues/12762Orbot 14.0.5 causes LED to flash while it is running2020-06-13T03:23:11ZTracOrbot 14.0.5 causes LED to flash while it is runningSamsung Galaxy S4 / Cyanogenmod 11 M8
Orbot 14.0.5.
Problem:
After upgrading to the latest version of Orbot (14.0.5) any time the screen goes to sleep and Orbot is running, the LED on the phone will flash. This draws attention to the p...Samsung Galaxy S4 / Cyanogenmod 11 M8
Orbot 14.0.5.
Problem:
After upgrading to the latest version of Orbot (14.0.5) any time the screen goes to sleep and Orbot is running, the LED on the phone will flash. This draws attention to the phone due to the brightness of LED. Previous versions of Orbot did not display this behavior
Reproduce:
- Install Orbot
- Run Orbot
- Let screen go to sleep or manually put it to sleep
- LED starts to flash
- Wake screen and unlock, LED stops flashing
Expected outocme:
- With orbot running if screen goes to sleep, LED should not flash
**Trac**:
**Username**: torieNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12765Tor fails on rooted GS4 running 4.4.22020-06-13T03:23:13ZTracTor fails on rooted GS4 running 4.4.2Orbot is starting…
tor: PRE: Is binary exec? true
polipo: PRE: Is binary exec? true
obfsclient: PRE: Is binary exec? true
xtables: PRE: Is binary exec? true
updating torrc custom configuration...
success.
Orbot is starting…
Control Port ...Orbot is starting…
tor: PRE: Is binary exec? true
polipo: PRE: Is binary exec? true
obfsclient: PRE: Is binary exec? true
xtables: PRE: Is binary exec? true
updating torrc custom configuration...
success.
Orbot is starting…
Control Port config file does not yet exist (waiting for tor): /data/data/org.torproject.android/app_bin/control.txt
waiting...
Control Port config file does not yet exist (waiting for tor): /data/data/org.torproject.android/app_bin/control.txt
waiting...
Control Port config file does not yet exist (waiting for tor): /data/data/org.torproject.android/app_bin/control.txt
Connecting to control port: 9051
Error connecting to Tor local control port: failed to connect to /127.0.0.1 (port 9051): connect failed: ECONNREFUSED (Connection refused)
waiting...
Couldn't start Tor process:; exit=0:
Tor exit code: 0
Couldn't start Tor process:
**Trac**:
**Username**: Wally44Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/12836scramblesuit: 'State' object has no attribute 'closingThreshold'2020-06-13T03:24:20ZGeorge Kadianakisscramblesuit: 'State' object has no attribute 'closingThreshold'Got this with on a bridge with `obfsproxy-0.2.11`:
```
[ERROR] Unhandled Error
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/python/log.py", line 88, in ca...Got this with on a bridge with `obfsproxy-0.2.11`:
```
[ERROR] Unhandled Error
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/python/log.py", line 88, in callWithLogger
return callWithContext({"system": lp}, func, *args, **kw)
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/python/log.py", line 73, in callWithContext
return context.call({ILogContext: newCtx}, func, *args, **kw)
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/python/context.py", line 118, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/python/context.py", line 81, in callWithContext
return func(*args,**kw)
--- <exception caught here> ---
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/internet/posixbase.py", line 614, in _doReadOrWrite
why = selectable.doRead()
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py", line 215, in doRead
return self._dataReceived(data)
File "/usr/local/lib/python2.7/dist-packages/Twisted-13.2.0-py2.7-linux-x86_64.egg/twisted/internet/tcp.py", line 221, in _dataReceived
rval = self.protocol.dataReceived(data)
File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.11-py2.7.egg/obfsproxy/network/network.py", line 320, in dataReceived
self.circuit.dataReceived(self.buffer, self)
File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.11-py2.7.egg/obfsproxy/network/network.py", line 161, in dataReceived
self.transport.receivedDownstream(data)
File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.11-py2.7.egg/obfsproxy/transports/scramblesuit/scramblesuit.py", line 495, in receivedDownstream
if self.drainedHandshake > self.srvState.closingThreshold:
exceptions.AttributeError: 'State' object has no attribute 'closingThreshold'
```https://gitlab.torproject.org/legacy/trac/-/issues/12879Obfsproxy has incorrect Error type2020-06-13T03:25:08ZTracObfsproxy has incorrect Error typeIn the socks.py file of obfsproxy there is a small bug with the csv reader.
in line 133: `except csvError, err:` should be `except csv.Error, err:`. csvError does not exist and I think its just missing the period.
**Trac**:
**Usernam...In the socks.py file of obfsproxy there is a small bug with the csv reader.
in line 133: `except csvError, err:` should be `except csv.Error, err:`. csvError does not exist and I think its just missing the period.
**Trac**:
**Username**: RushingWookiehttps://gitlab.torproject.org/legacy/trac/-/issues/12976Orbot's new identity feature is not mentioned anywhere in app or documentation2020-06-13T03:27:14ZcypherpunksOrbot's new identity feature is not mentioned anywhere in app or documentationNowhere in the app UI, wizard or websites can I find any mention of the Orbot's new identity feature. I only discovered it by accident and I'm sure other users will be in a similar position. I thought I'd seen a bug of someone actually r...Nowhere in the app UI, wizard or websites can I find any mention of the Orbot's new identity feature. I only discovered it by accident and I'm sure other users will be in a similar position. I thought I'd seen a bug of someone actually requesting for a new identity feature to be added because they didn't know it already existed, but I can't seem to find it now.
I think a simple mention in the UI would be enough. Just like we already have _Orbot is deactivated - long press to start -_, we could simply change the string _Connected to the Tor network_ to something like _Connected to the Tor network - Swipe for new circuit -_. A mention in the in-app wizard and/or in the interactive how-to on the Guardian Project website also wouldn't go a miss.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13040Get bananaphone merged in obfsproxy2020-06-13T03:28:36ZGeorge KadianakisGet bananaphone merged in obfsproxyLet's get this PT merged upstream!
David has already done most of the job:
https://bananaphone.readthedocs.org/en/latest/Let's get this PT merged upstream!
David has already done most of the job:
https://bananaphone.readthedocs.org/en/latest/https://gitlab.torproject.org/legacy/trac/-/issues/13333Android users visiting sites using Tor leave all kinds of incriminating evide...2020-06-13T03:34:46ZcypherpunksAndroid users visiting sites using Tor leave all kinds of incriminating evidence in the logsPeople using Tor on Android use User-Agents with all kinds of incriminating evidence such as:
"Mozilla/5.0 (Linux; Android 4.1; Nexus 7 Build/JRN84D)
AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166
Safari/535.19"
"Mozill...People using Tor on Android use User-Agents with all kinds of incriminating evidence such as:
"Mozilla/5.0 (Linux; Android 4.1; Nexus 7 Build/JRN84D)
AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.166
Safari/535.19"
"Mozilla/5.0 (Linux; U; Android 4.2.2; es-us; HUAWEI Y320-U151
Build/HUAWEIY320-U151) AppleWebKit/534.30 (KHTML, like Gecko)
Version/4.0 Mobile Safari/534.30"
"Mozilla/5.0 (Linux; U; Android 2.3; en-us; GT-I9100 Build/GRH78)
AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
These are examples with the least personal information in them and they may or may not be from a popular hidden service.
I am not sure who's software or project is responsible for this but it does not exactly make these people "blend in"Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13607TorBirdy should have an option to distrust all certificate authorities2020-06-13T03:40:13ZsajolidaTorBirdy should have an option to distrust all certificate authoritiesThe certificate authorities (CA) mechanism for validating TLS has proven to be rotten to the core in several occasions. While browsing the web, not relying on it is quite hard as you might be presented a different certificate on each web...The certificate authorities (CA) mechanism for validating TLS has proven to be rotten to the core in several occasions. While browsing the web, not relying on it is quite hard as you might be presented a different certificate on each webpage that you are visiting. But in the case of email, you basically always use the same and only one: the certificate from your email provider. So trusting all those CAs by default and allowing so many possible man-in-the-middle attacks is not really needed for usability.
TorBirdy could have an option to distrust all CA authorities by default and only rely on custom certificates (exceptions).
Users could, in the worse case, do TOFU authentication (trust on first use) and be guided on how to do so. At best their provider can give them better ways of authenticating their certificates. Riseup is proposing this on their website for example: https://help.riseup.net/en/certificates.Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/13768clean orbot build from git clone https://git.torproject.org/orbot.git2020-06-13T03:43:24ZTracclean orbot build from git clone https://git.torproject.org/orbot.gitTrying to make clean build from
git clone https://git.torproject.org/orbot.git
It seems that makefile is not sync with latest external folders. iptables, libevent missing.
How are official builds made? It looks that not from clean sta...Trying to make clean build from
git clone https://git.torproject.org/orbot.git
It seems that makefile is not sync with latest external folders. iptables, libevent missing.
How are official builds made? It looks that not from clean start. Messy stuff.
As security app as is should be more proper maintained.
-----
make[3]: Leaving directory `/media/verbatim/git/orbot_main/orbot/external/openssl/engines/ccgost'
make[2]: Leaving directory `/media/verbatim/git/orbot_main/orbot/external/openssl/engines'
make[1]: Leaving directory `/media/verbatim/git/orbot_main/orbot/external/openssl'
touch openssl-build-stamp
test -d lib || mkdir lib
test -d include || mkdir include
test -d include/openssl || mkdir include/openssl
cp openssl/libcrypto.a lib/libcrypto.a
cp openssl/libssl.a lib/libssl.a
cp openssl/include/openssl/* include/openssl
sed -i 's@\(SUBDIRS = . include\) sample test@\1@' libevent/Makefile.am
sed: can't read libevent/Makefile.am: No such file or directory
make: [libevent/Makefile] Error 2
make: Leaving directory `/media/verbatim/git/orbot_main/orbot/external'
**Trac**:
**Username**: throwaway1Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/13954Android fonepad2020-06-13T03:47:16ZTracAndroid fonepadDownloaded both apps from Google play store and did the regular install to internal hard drive
Orbo keeps giving me a startup error so I deleted both apps and reinstalled them with same results
How can I manually repair install
Phone= A...Downloaded both apps from Google play store and did the regular install to internal hard drive
Orbo keeps giving me a startup error so I deleted both apps and reinstalled them with same results
How can I manually repair install
Phone= Asus FonePad 7 K012 rooted running 4.3 jellybean
Running android Orbit 14.1.4 (Tor 0.2.5.10)
Orbot is starting…
Orbot is starting…
Waiting for control port...
tor: PRE: Is binary exec? true
polipo: PRE: Is binary exec? true
obfsclient: PRE: Is binary exec? true
xtables: PRE: Is binary exec? true
Orbot is starting…
Orbot is starting…
updating torrc custom configuration...
success.
Orbot is starting…
Tor (1): sh: <stdin>[2]: /data/data/org.torproject.android/app_bin/tor: No such file or directory
Unable to start Tor: java.lang.Exception: Torrc config did not verify
**Trac**:
**Username**: stockmanNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/14425Orbot not working after upgrade to Lollipop2020-06-13T03:53:29ZTracOrbot not working after upgrade to LollipopI was using Orbot on my HTC One (M7) running a custom ROM,Android KitKat,fully rooted and had no issues. I've recently upgraded the same ROM to its newest version which is Lollipop. Orbot now will not start. I have the latest Play Store ...I was using Orbot on my HTC One (M7) running a custom ROM,Android KitKat,fully rooted and had no issues. I've recently upgraded the same ROM to its newest version which is Lollipop. Orbot now will not start. I have the latest Play Store version of the App. I copied the log details:
Orbot is starting…
Orbot is starting…
Waiting for control port...
tor: PRE: Is binary exec? true
polipo: PRE: Is binary exec? true
obfsclient: PRE: Is binary exec? true
xtables: PRE: Is binary exec? true
Orbot is starting…
Orbot is starting…
updating torrc custom configuration...
success.
Orbot is starting…
Tor (1): error: only position independent executables (PIE) are supported.
Unable to start Tor: java.lang.Exception: Torrc config did not verify
**Trac**:
**Username**: rantekinazNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/14801"EXCLUDE Nodes" is not respected in Orbot2020-06-13T03:56:24ZTrac"EXCLUDE Nodes" is not respected in OrbotI've entered FiveEyes in Exlude Nodes and yet it still connects me to them. At first I thought it's just relay nodes. But just now, I was connected to a path with an Exit Node in one of them!
I input countries as:
US, UK, NZ, CA, AU,
A...I've entered FiveEyes in Exlude Nodes and yet it still connects me to them. At first I thought it's just relay nodes. But just now, I was connected to a path with an Exit Node in one of them!
I input countries as:
US, UK, NZ, CA, AU,
And I also tried with and without "Strict Nodes" option.
Orbot: 14.1.4-noPIE (Tor: 0.2.5.10)
Android: 4.4.4
Nexus 5, stock rooted
Downloaded Orbot from F-Droid
**Trac**:
**Username**: BugerNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/14883Orbot handshake fails on networks with Blue Coat Systems' technology2020-06-13T03:58:08ZTracOrbot handshake fails on networks with Blue Coat Systems' technologyBootstrapping fails at 85%.
**Trac**:
**Username**: ProGamerGovBootstrapping fails at 85%.
**Trac**:
**Username**: ProGamerGovNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/14946NullPointerException when Requesting Hidden Service2020-06-13T03:58:49ZTracNullPointerException when Requesting Hidden ServiceCurrently, a NullpointerException is raised when requesting a hidden service form another app through an intent.
The attached patch should fix this.
**Trac**:
**Username**: JesusMcCloudCurrently, a NullpointerException is raised when requesting a hidden service form another app through an intent.
The attached patch should fix this.
**Trac**:
**Username**: JesusMcCloudNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/15035URI format for bridges2022-03-15T17:14:23ZeighthaveURI format for bridgesRight now, according to @n8fr8, this is the URI format for the bridge URIs:
bridge://obfs3+99.999.99.999%3A10223+c6fa110ebcd8979b0a57617bf2d6e82bbecd287d+%0A
There is a problem with this format because it doesn't follow the URI RFC so ...Right now, according to @n8fr8, this is the URI format for the bridge URIs:
bridge://obfs3+99.999.99.999%3A10223+c6fa110ebcd8979b0a57617bf2d6e82bbecd287d+%0A
There is a problem with this format because it doesn't follow the URI RFC so that standard URI parsers won't parse it very well. Adding the `//` after `bridge:` makes it a "hierarchical" URI, which means that it has the standard sections of authority, user info, host, port, path, query, and fragment. But the above URI will just stick all of the text in the "authority" part, but that section can't be broken down into the standard parts of the "authority", i.e. user info, host, and port.
To keep the same data format, then this URI should be an "opaque" URI. That just means removing the `//`. So that makes it like a `mailto:` URI.
Otherwise, the data could be refactored to fit into the standard parts for a hierarchical URI, then standard URI parsing classes will be able to parse it. For example, android.net.Uri, java.net.URL, etc. That would make the URI look something like this:
`obfs4://xx.xx.xxx.xxx:18965/asdasdasldkasjlasjkdd4?cert=3wYasdasdasdasBmsIat+RMmMDV5BV4jDvXuzasdasdasdas8Dz8J1MUvLKHKaQ&iat-mode=0`
* `getScheme()` would be bridge type
* `getAuthority()` would be IP and port number
* `getHost()` would be IP
* `getPort()` would be port number
* `getPath()` would be this thing: `95151988dc29fccb4f610a1c700a1ddf7d5ffbd4`
* then `cert=`, `iat-mode=`, etc. would be in the query string
The downside of this approach is that there could only be a single bridge per URI, but maybe that's not so bad.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/15099Hidden/onion service port forwarding2020-06-13T04:01:23ZFederico Cerattofederico.ceratto@gmail.comHidden/onion service port forwardingOrbot should be able to forward local ports to an onion service.
Once the user configures <onion-address>:<port|portrange> on Orbot, any non-tor-capable application can connect to localhost:<port> and the connection will be forwarded to...Orbot should be able to forward local ports to an onion service.
Once the user configures <onion-address>:<port|portrange> on Orbot, any non-tor-capable application can connect to localhost:<port> and the connection will be forwarded to the (remote) onion service.
Rationale:
- an onion service is used to provide a set of services on different ports (e.g. from a FreedomBox, an ownCloud instance)
- the phone is not rooted
- many applications do not support Tor, or socks proxies, or the configuration is more cumbersome for the average user than just connecting to localhost:<port>
Service authentication could be supported.
Maybe this feature could be instead implemented externally from Orbot with a small, dedicated add.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/15444Cannot install on Android 5.12020-06-13T04:05:15ZTracCannot install on Android 5.1Android 5.1 has started rolling out on many devices. Current version of Orbot on Google Play store doesn't support Android 5.1 yet.
I don't think there are many changes in 5.1 from 5.0, so only change required might be to just bump the ...Android 5.1 has started rolling out on many devices. Current version of Orbot on Google Play store doesn't support Android 5.1 yet.
I don't think there are many changes in 5.1 from 5.0, so only change required might be to just bump the maxSdkVersion to 22.
Keep up the good work & Thanks
**Trac**:
**Username**: abdulmoeedNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/15589bug in app selection for transproxy2020-06-13T04:07:53ZTracbug in app selection for transproxyHello,
Everytime when I want to select apps for transproxy. It won't work. If I press select apps nothing will happen. If I press route all apps through transproxy, a app selection will pop up.
Have the galaxy s4 i9505
Android 5.0.1 l...Hello,
Everytime when I want to select apps for transproxy. It won't work. If I press select apps nothing will happen. If I press route all apps through transproxy, a app selection will pop up.
Have the galaxy s4 i9505
Android 5.0.1 lollipop
orbot v15.0.0.0 beta 2
**Trac**:
**Username**: SelfDestructNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/15930Orbot fails to connect using VPN Mode (using Outbound Proxy)2020-06-13T04:12:07ZTracOrbot fails to connect using VPN Mode (using Outbound Proxy)Using an outbound proxy I'm 100% sure is working (since I use it to connect to the internet in general)
However, using Orbot on VPN Mode does not (it is stuck in 85% or 10%). It works when not using VPN Mode (using the usual method).
U...Using an outbound proxy I'm 100% sure is working (since I use it to connect to the internet in general)
However, using Orbot on VPN Mode does not (it is stuck in 85% or 10%). It works when not using VPN Mode (using the usual method).
Using Orbot on VPN Mode without Outbound Proxies work (as expected I guess).
Tested on Android One (specifically Cherry Mobile One) and LG Optimus L3 II E425.
Disabling VPN Mode, the connection to Tor is a success, but as you expect, you cannot connect to Tor without the root-hook or the VPN mode. Enabling VPN Mode after making the connection to Tor also does not work. (for obvious reasons).
I assume this has something do to with the VPN function in Android screwing around with how Tor connects to outbound proxies...?
**Trac**:
**Username**: ronelm2000Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/16158tor mail update2020-06-13T04:15:47Zcypherpunkstor mail updatemy tor-mail-0.0.1 installation has update twice since its release. The latest version shows as thunderbird version 31.7.0.
I also upgraded the included tor by copying the TorBrowser/Tor folder over from torbrowser 4.0.8.
It's been worki...my tor-mail-0.0.1 installation has update twice since its release. The latest version shows as thunderbird version 31.7.0.
I also upgraded the included tor by copying the TorBrowser/Tor folder over from torbrowser 4.0.8.
It's been working great for me so far, i'm just wondering is anyone working on this project? Will an update be released anytime soon?
Also, do these thunderbird automatic updates overwrite any of the patches?Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/16392If Orbot has just been installed it cannot be started by org.torproject.andro...2020-06-13T04:19:30ZTracIf Orbot has just been installed it cannot be started by org.torproject.android.START_TORAt OpenKeychain we will allow key updates to be routed over Orbot in a future version. This requires Orbot to be installed and then we use org.torproject.android.START_TOR to start Orbot.
This does not work when Orbot hasn't been properl...At OpenKeychain we will allow key updates to be routed over Orbot in a future version. This requires Orbot to be installed and then we use org.torproject.android.START_TOR to start Orbot.
This does not work when Orbot hasn't been properly started before without using this Intent, i.e., it hasn't really been set up.
This should be handled somehow. At least there needs to be a message that the User first needs to start Orbot on its own.
**Trac**:
**Username**: dschuermannNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/16394orbot bug for HTC One M92020-06-13T04:19:32ZTracorbot bug for HTC One M9There are times when I turn off orbot and I can't use google chrome normally on my android device. It happens about half of the time and is rather puzzling.
**Trac**:
**Username**: guardianofroinThere are times when I turn off orbot and I can't use google chrome normally on my android device. It happens about half of the time and is rather puzzling.
**Trac**:
**Username**: guardianofroinNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/16857Transparent per/app proxying, extra option to deny any access2020-06-13T04:29:18ZTracTransparent per/app proxying, extra option to deny any accessIn the Transparent Proxy settings where you can specify whether or not to Torify a particular app on a rooted phone, please consider adding an extra option whereby you can specify that the App gets no Internet access at all. Preferably w...In the Transparent Proxy settings where you can specify whether or not to Torify a particular app on a rooted phone, please consider adding an extra option whereby you can specify that the App gets no Internet access at all. Preferably with the ability to set this as the default for any newly installed Apps. I want to be able to say that some Apps should be forced through Tor, others direct, and others get no access at all.
**Trac**:
**Username**: mickeycNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/16939Samsung Galaxy S4: can't select settings button2020-06-13T04:30:52ZTracSamsung Galaxy S4: can't select settings buttonOrbot for Android will not allow a selection of Settings or anything else in the menu on Samsung Galaxy S4. This feature has worked in prior deployments of Orbot.
Orbot App Version: 15.0.01-RC-3
Android Version: 4.4.2
Kernel Version: 3....Orbot for Android will not allow a selection of Settings or anything else in the menu on Samsung Galaxy S4. This feature has worked in prior deployments of Orbot.
Orbot App Version: 15.0.01-RC-3
Android Version: 4.4.2
Kernel Version: 3.4.0
**Trac**:
**Username**: QuaereNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/17117Orbot writes outbound network proxy settings wrong2020-06-13T04:34:18ZTracOrbot writes outbound network proxy settings wrongAs i can see in torrc.custom it writes port instead of password in HTTPProxyAuthenticator section
so it looks like this:
HTTPProxy proxyhost:proxyport
HTTPProxyAuthenticator proxyuser:proxyport
**Trac**:
**Username**: forceuserAs i can see in torrc.custom it writes port instead of password in HTTPProxyAuthenticator section
so it looks like this:
HTTPProxy proxyhost:proxyport
HTTPProxyAuthenticator proxyuser:proxyport
**Trac**:
**Username**: forceuserNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/17427Allow preseeding Enigmail options2020-06-13T04:40:27ZTracAllow preseeding Enigmail optionsTails uses its own keyserver, SOCKS port (for stream isolation), and no longer includes Polipo or Privoxy. It doesn't appear to be possible, currently, to override these configuration variables via preference files. Indeed, things like `...Tails uses its own keyserver, SOCKS port (for stream isolation), and no longer includes Polipo or Privoxy. It doesn't appear to be possible, currently, to override these configuration variables via preference files. Indeed, things like `network.proxy.socks_port` for example get overridden by Torbirdy.
**Trac**:
**Username**: kytvSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/17491Orbot crashes when App-mode is enabled2020-06-13T04:41:31ZTracOrbot crashes when App-mode is enabledWhen I enable App-mode after Orbot is connected, Orbot will crash when I open a network connection.
When I look into the processes in Settings - Apps, Orbot is still running with 1 process and 1 service but the app itself shows that it i...When I enable App-mode after Orbot is connected, Orbot will crash when I open a network connection.
When I look into the processes in Settings - Apps, Orbot is still running with 1 process and 1 service but the app itself shows that it is not connected anymore and is not able to connect anymore
"Failed to parse validate config: Failed to bind one of the listener ports."
I see this behavior on a Moto X 2013 with CyanogenMod 12.1 and on a LG G4 with Android 5.1
**Trac**:
**Username**: nielskNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/17533do not use keyserver-options in Whonix2020-06-13T04:42:11Zproperdo not use keyserver-options in WhonixIf Whonix is detected, could you prevent adding `--keyserver-options http-proxy=http://127.0.0.1:8118` please?
Since enigmail just calls `gpg`. And since everything is torified in Whonix anyway, and since `gpg` is stream isolated (by uw...If Whonix is detected, could you prevent adding `--keyserver-options http-proxy=http://127.0.0.1:8118` please?
Since enigmail just calls `gpg`. And since everything is torified in Whonix anyway, and since `gpg` is stream isolated (by uwt wrapper) anyhow, there is no need for this setting in Whonix.
As a result, using enigmail's keyserver features would work out of the box in Whonix.Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/18061Can not check I2P mail with Torbirdy activated (sending I2P mail works fine)2020-06-13T04:53:18ZTracCan not check I2P mail with Torbirdy activated (sending I2P mail works fine)I am trying to configure Torbirdy to check an email account at a Tor hidden service, as well as a second account on i2p (127.0.0.1 port 7660).
When torbirdy is not activated, I can both send and receive mail via i2p (on 127.0.0.1, ports...I am trying to configure Torbirdy to check an email account at a Tor hidden service, as well as a second account on i2p (127.0.0.1 port 7660).
When torbirdy is not activated, I can both send and receive mail via i2p (on 127.0.0.1, ports 7559 and 7660). However when torbirdy is activated, I can only send i2p mail, but not check it. I have verified 100 times that the ports are correct, and that 127.0.0.1 is in the "no proxy" list when torbirdy is activated.
I can only imagine that this is bud with torbirdy.
**Trac**:
**Username**: lunokhodSukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/18109Orbot with Transparent Proxying breaks Hotspot DHCP2020-06-13T04:54:31ZTracOrbot with Transparent Proxying breaks Hotspot DHCPI'm using the current version of Orbot (15.1.0-RC-2) and CyanogenMod 12.1.
If you enable transparent proxying of all apps ("tor everything"), along with enabling a WiFi hotspot from your phone, any clients attempting to connect to your...I'm using the current version of Orbot (15.1.0-RC-2) and CyanogenMod 12.1.
If you enable transparent proxying of all apps ("tor everything"), along with enabling a WiFi hotspot from your phone, any clients attempting to connect to your phone's hotspot will be unable to get a DHCP lease. It seems it might be involved with the iptables rules that Orbot sets up.
Enabling the option "Tor tethering" doesn't appear to make a difference either. Connecting to the network and then enabling Orbot will cause DNS to stop working.
This means that I cannot effectively both have all of my apps Tor-ified on my phone and also have a wifi-hotspot open for my laptop (even if I'm not trying to tor-ify my laptop's internet).
**Trac**:
**Username**: cypharNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18366Orbot 15.10-RC4, Orbot 15.1.0-RC7 crash on CM-122020-06-13T05:00:43ZcypherpunksOrbot 15.10-RC4, Orbot 15.1.0-RC7 crash on CM-12Previously was using Orbot 15.0.1-RC3-PIE on the same system, after updating Orbot will crash randomly and need to be manually restarted.Previously was using Orbot 15.0.1-RC3-PIE on the same system, after updating Orbot will crash randomly and need to be manually restarted.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18541Orbot does not stop Tor when requested in Android N developer preview2020-06-13T05:03:06ZTracOrbot does not stop Tor when requested in Android N developer previewOrbot 15.1.2 worked fine on my Nexus 6P with Android 6.0.1. When I upgraded to the Android N developer preview, I discovered that Orbot fails to stop Tor when requested, although the indicator button claims it is stopped. If you try to "...Orbot 15.1.2 worked fine on my Nexus 6P with Android 6.0.1. When I upgraded to the Android N developer preview, I discovered that Orbot fails to stop Tor when requested, although the indicator button claims it is stopped. If you try to "start" Tor again, Orbot gets stuck in a loop, constantly trying to start a new Tor instance when one is already running. Stopping Orbot in the device application temporally resolves the issue.
**Trac**:
**Username**: whalenster@gmail.comNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18585Cannot specify custom meek bridges2020-06-13T05:03:43ZcypherpunksCannot specify custom meek bridgesOrbot should allow custom meek bridges to be defined in the bridges settings menu. The default bridges are expensive and rate-limited. Orbot needs to start the `ClientTransportPlugin meek_lite` transport when there is a meek bridge line....Orbot should allow custom meek bridges to be defined in the bridges settings menu. The default bridges are expensive and rate-limited. Orbot needs to start the `ClientTransportPlugin meek_lite` transport when there is a meek bridge line.
A patch is attached.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18687Feature REQ: Tor Cache- A feature to cache websites to avoid captcha/identifi...2020-06-13T05:05:57ZTracFeature REQ: Tor Cache- A feature to cache websites to avoid captcha/identificationIt's time for tor to start caching websites because real websites are putting up all sorts of nonsense and interfering with Tor, Tor can counter attack by merely downloading entire sites and running them cached. So we draw from a tor ca...It's time for tor to start caching websites because real websites are putting up all sorts of nonsense and interfering with Tor, Tor can counter attack by merely downloading entire sites and running them cached. So we draw from a tor cache instead of hitting the website and captcha's.
**Trac**:
**Username**: blah88https://gitlab.torproject.org/legacy/trac/-/issues/18713Please include app control on VPN mode.2020-06-13T05:06:22ZTracPlease include app control on VPN mode.https://github.com/n8fr8/orbot/issues/35
Orbot's VPN mode is great.
However, I am using NoRoot Data Firewall, which use VPN API to filter which apps to connect.
Try out https://apkpure.com/noroot-data-firewall/com.jianjia.firewall , ...https://github.com/n8fr8/orbot/issues/35
Orbot's VPN mode is great.
However, I am using NoRoot Data Firewall, which use VPN API to filter which apps to connect.
Try out https://apkpure.com/noroot-data-firewall/com.jianjia.firewall , and please include their
filtering to Orbot itself, so I could delete it and use Orbot natively.
I don't want other apps to connect to the Internet, even they routed by Tor.
My phone can't be rooted because there's no guide to do this.
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18714Add an option to connect to network Tor relay.2020-06-13T05:06:22ZTracAdd an option to connect to network Tor relay.https://github.com/n8fr8/orbot/issues/36
192.168.100.1:9150/tcp Tor Network server
Other clients use it for browsing.
Now here's the thing - I don't want Orbot to make a connection to :9150/tcp;
Android's Orbot ---socks--> 192.168.1...https://github.com/n8fr8/orbot/issues/36
192.168.100.1:9150/tcp Tor Network server
Other clients use it for browsing.
Now here's the thing - I don't want Orbot to make a connection to :9150/tcp;
Android's Orbot ---socks--> 192.168.100.1:9150 ---> Tor request (double tor won't work because of official core limit)
So,
Android's Orbot ---socks TEST--> 192.168.100.1:9150
Android's Orbot "Looks like your proxy is Tor itself; using that"
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18717Orbot build fails due to missing check in tor deamon2020-06-13T05:06:24ZTracOrbot build fails due to missing check in tor deamonWhen building the tor component of orbot, the compilation terminates due to the missing file "systemd/sd-daemon.h" on my Gentoo system. It seems as if a configure check is missing.
**Trac**:
**Username**: scentoWhen building the tor component of orbot, the compilation terminates due to the missing file "systemd/sd-daemon.h" on my Gentoo system. It seems as if a configure check is missing.
**Trac**:
**Username**: scentoNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18751Serious mistake in Settings - Outbound Network Proxy Type2020-06-13T05:07:03ZTracSerious mistake in Settings - Outbound Network Proxy TypeProxy Type;
If I input "HTTP" (no ") for HTTP Proxy, Orbot fails to connect it.
If I input "HTTPS", Orbot connect to (tor node IP):443 via proxy, as expected.
Conclusion:
Just remove "HTTP". Or, make a radio selection menu, like
(_) No...Proxy Type;
If I input "HTTP" (no ") for HTTP Proxy, Orbot fails to connect it.
If I input "HTTPS", Orbot connect to (tor node IP):443 via proxy, as expected.
Conclusion:
Just remove "HTTP". Or, make a radio selection menu, like
(_) None
(O) HTTPS
(_) SOCKS4
(_) SOCKS5
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18763Split config menu to category2020-06-13T05:07:23ZTracSplit config menu to categoryBecause current config is very long.
tap gear icon
->
"General"
"Nodes"
"Bridge" ,etc.
**Trac**:
**Username**: ikurua22Because current config is very long.
tap gear icon
->
"General"
"Nodes"
"Bridge" ,etc.
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18764Add "Import from file" button for torrc edit(advanced user button)2020-06-13T05:07:23ZTracAdd "Import from file" button for torrc edit(advanced user button)Currently, Orbot force user to use small edit menu to add/remove torrc config.
Adding "import text from..." button will make things easily.
**Trac**:
**Username**: ikurua22Currently, Orbot force user to use small edit menu to add/remove torrc config.
Adding "import text from..." button will make things easily.
**Trac**:
**Username**: ikurua22Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18774Orbot starts then immediately shuts down due to timeout on armeabi emulator2020-06-13T05:07:33ZTracOrbot starts then immediately shuts down due to timeout on armeabi emulatorWhen starting Orbot the status is "starting..." then goes straight to "shutting down..". The log file shows a timeout error.
There is no problem running Orbot on an x86 AVD (on an x86 host), presumably because the emulator is much fast...When starting Orbot the status is "starting..." then goes straight to "shutting down..". The log file shows a timeout error.
There is no problem running Orbot on an x86 AVD (on an x86 host), presumably because the emulator is much faster. When emulating an ARM platform with GPU enabled, Android 6.0 is slow on a x86 host.
package: name='org.torproject.android' versionCode='15100027' versionName='15.1.0-RC-7' platformBuildVersionName='6.0-2438415'
**Trac**:
**Username**: libBletchleyNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/18990Orbot status is not clearly communicated2020-06-13T05:12:32ZTracOrbot status is not clearly communicatedWhen I start Orbot on my tablet, it says:
* Orbot is starting
This message is ok, but the onion above is already colored, which makes me think that Orbot is ready.
* Now checking whether … (this may take up to 20 minutes)
As a newbie...When I start Orbot on my tablet, it says:
* Orbot is starting
This message is ok, but the onion above is already colored, which makes me think that Orbot is ready.
* Now checking whether … (this may take up to 20 minutes)
As a newbie, I have no idea what this means and if I really have to wait 20 minutes until I can use Orbot. Therefore I’m confused.
* The log messages (in the burger menu at the left) are not helpful at all.
Some of these messages say “Succeeded to connect to port xyz”, which I think is just an intermediate success message.
Does the message “Circuit (7) CLOSED” mean something good or bad?
All in all, I would prefer a more detailed and simpler status display, e.g. an onion that starts as a grayscale pie and turns one slice colored for every successful step. Clicking on each of the slices might(!) provide additional information for troubleshooting, but the simple case when everything works should be as easily understandable as possible.
**Trac**:
**Username**: rilligNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/19031Audit Thunderbird's RSS support2020-06-13T05:13:32ZSukhbir SinghAudit Thunderbird's RSS supportAudit Thunderbird's RSS feed reader. Some tasks to start with:
- Is automatic fetching disabled?
- Is HTML disabled?
- Is JavaScript disabled?
- Are proxy settings respected?
Are there other anonymity implications?Audit Thunderbird's RSS feed reader. Some tasks to start with:
- Is automatic fetching disabled?
- Is HTML disabled?
- Is JavaScript disabled?
- Are proxy settings respected?
Are there other anonymity implications?Sukhbir SinghSukhbir Singhhttps://gitlab.torproject.org/legacy/trac/-/issues/19436Feature Request: Add option to switch to new identity to orbits notification2020-06-13T05:20:45ZTracFeature Request: Add option to switch to new identity to orbits notificationHi!
I sometimes have the problem that Orbot is running but I can't connect to the internet. I can fix this by switching to a new tor identity by opening Orbot and swiping over the onion.
It would be nice to be able to do this without le...Hi!
I sometimes have the problem that Orbot is running but I can't connect to the internet. I can fix this by switching to a new tor identity by opening Orbot and swiping over the onion.
It would be nice to be able to do this without leaving the currently used app. This can be accomplished by adding a button with the same functionality as the onion to Orbots always shown notification.
**Trac**:
**Username**: vanitasvitaeNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/19707DNS queries don't work after disabling transparent proxying2020-06-13T05:26:00ZTracDNS queries don't work after disabling transparent proxyingI started orbot with transparent proxying. When I disabled transparent proxying (and even shut the program down), one cannot access the Internet. After testing, I found that the connection is okay but DNS lookups don't work.
Temporary w...I started orbot with transparent proxying. When I disabled transparent proxying (and even shut the program down), one cannot access the Internet. After testing, I found that the connection is okay but DNS lookups don't work.
Temporary workaround: click "Transproxy FORCE REMOVE" in the configuration.
**Trac**:
**Username**: FrankEularNathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/19716Using Bridge with HTTP proxy = can't connect2020-06-13T05:26:08ZcypherpunksUsing Bridge with HTTP proxy = can't connectOutbound PROXY TYPE: HTTPS
set http proxy.
[X] Use Bridges
Add 1 bridge to Bridges.
result:
WARN: Not using bridge at [scrbd]: it is in ExludeNodes
---
My ExludeNodes is empty, and "Strict Nodes" is unchecked!!Outbound PROXY TYPE: HTTPS
set http proxy.
[X] Use Bridges
Add 1 bridge to Bridges.
result:
WARN: Not using bridge at [scrbd]: it is in ExludeNodes
---
My ExludeNodes is empty, and "Strict Nodes" is unchecked!!Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/19717Orbot logs are too looooong2020-06-13T05:26:08ZcypherpunksOrbot logs are too looooongSliding left-side will show logs, but scrolling down to see latest lines is very hard. I have to swipe many times.
So,
1. Clear the log when I deactivate/activate OrBot.
2. Limit lines to 100.Sliding left-side will show logs, but scrolling down to see latest lines is very hard. I have to swipe many times.
So,
1. Clear the log when I deactivate/activate OrBot.
2. Limit lines to 100.Nathan FreitasNathan Freitashttps://gitlab.torproject.org/legacy/trac/-/issues/19796Samsung Galaxy Ace 3 - Tor not starting2020-06-13T05:27:42ZTracSamsung Galaxy Ace 3 - Tor not startingHi:
Loading Tor on my Samsung Galaxy Ace 3 (A3LGTS7275T) for the 1st time and Tor for Android does not start. Have error message -
Unable to start Tor: java.lang.exception:
Can not kill: /dat/data/org.torproject.android/app_bin/polipo
...Hi:
Loading Tor on my Samsung Galaxy Ace 3 (A3LGTS7275T) for the 1st time and Tor for Android does not start. Have error message -
Unable to start Tor: java.lang.exception:
Can not kill: /dat/data/org.torproject.android/app_bin/polipo
Any suggestion as to what I might be doing incorrectly?
TY in advance..
**Trac**:
**Username**: DkeeperNathan FreitasNathan Freitas