Connecting to tor over a socks 5 connection no longer works in 3.5.7
Hi
I upgraded tor today on my machine and found that I can no longer connect over a socks 5 connection. I'm using this node library https://github.com/JoshGlazebrook/socks and it has been working with no problems before (0.3.4 and earlier). But after upgrading I'm seeing: Socks5 proxy rejected connection - Failure when connecting and it syslog I see:
Jan 10 21:58:22 chrx Tor[11218]: socks5: parsing failed - invalid user/pass authentication message. Jan 10 21:58:22 chrx Tor[11218]: Fetching socks handshake failed. Closing.
Changing the config to use socks 4 seems to work.
The project I'm working that uses this is scuttlebutt. And the code doing the onion connection locally is here:
https://github.com/ssbc/multiserver/blob/master/plugins/onion.js
Trac:
Username: arj
Activity
Trac:
Child Ticket(s): #29126 (moved)-
Oh, thanks for your reply. It appears that the debian repo https://www.torproject.org/docs/debian.html.en does not include torsocks but only tor. And the new 0.3.5.7 is not compatible with torsocks 2.2. I can see that debian unstable includes a new version of torsocks.
Trac:
Username: arj $ torsocks --port 9051 -u fox -p trustno1 wget https://www.google.comdoes work for me with torsocks 2.2 (from Debian) and tor 0.3.5.7.The above error message is logged when tor SOCKS5 implementation fails to parse SOCKS5 username/password auth message.
- Can you use Wireshark to see what goes on the wire? Perhaps we can see a pcap with SOCKS5 exchange that fails?
- Can you try explicitly setting username and password on your side of connection (doesn't matter what username/password exactly - tor doesn't check, just requires them to be nonempty when username/password path is taken). Does that help?
- Can you run torsocks with
-dand show us what it prints?
Trac:
Component: Core Tor/Torsocks to Community/Tor Support-
Setting a username and password in the socks js end works.
I think I filed this under the wrong category. I'm sorry about that. Tor by default opens a socks proxy on port 9050 and that is what I'm connecting to. I uninstalled torsocks to make sure that it is not used and I can confirm that this is a problem in tor core.
Thanks for your help anyway, should help debugging on the tor side.
Trac:
Username: arj -
This is default tor config on a debian machine.
torsocks seems to work both with -u & -p and without, here is log without:
547843375 DEBUG torsocks[16768]: Logging subsystem initialized. Level 5, file (null), time 1 (in init_logging() at torsocks.c:304) 1547843375 DEBUG torsocks[16768]: Config file not provided by TORSOCKS_CONF_FILE. Using default /etc/tor/torsocks.conf (in config_file_read() at config-file.c:543) 1547843375 DEBUG torsocks[16768]: Config file setting tor address to 127.0.0.1 (in conf_file_set_tor_address() at config-file.c:298) 1547843375 DEBUG torsocks[16768]: Config file setting tor port to 9050 (in conf_file_set_tor_port() at config-file.c:254) 1547843375 DEBUG torsocks[16768]: [config] Onion address range set to 127.42.42.0/24 (in set_onion_info() at config-file.c:108) 1547843375 DEBUG torsocks[16768]: Config file /etc/tor/torsocks.conf opened and parsed. (in config_file_read() at config-file.c:572) 1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45) 1547843375 DEBUG torsocks[16768]: Config file setting tor port to 9050 (in conf_file_set_tor_port() at config-file.c:254) 1547843375 DEBUG torsocks[16768]: [onion] Pool init with subnet 127.42.42.0 and mask 24 (in onion_pool_init() at onion.c:104) 1547843375 DEBUG torsocks[16768]: [onion] Pool initialized with base 0, max_pos 255 and size 8 (in onion_pool_init() at onion.c:132) 1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45) --2019-01-18 21:29:35-- https://www.google.com./ 1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45) 1547843375 DEBUG torsocks[16768]: [close] Close caught for fd 3 (in tsocks_close() at close.c:33) 1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45) Resolving www.google.com. (www.google.com.)... 1547843375 DEBUG torsocks[16768]: [getaddrinfo] Requesting www.google.com. hostname (in tsocks_getaddrinfo() at getaddrinfo.c:44) 1547843375 DEBUG torsocks[16768]: Resolving www.google.com. on the Tor network (in tsocks_tor_resolve() at torsocks.c:545) 1547843375 DEBUG torsocks[16768]: Setting up a connection to the Tor network on fd 3 (in setup_tor_connection() at torsocks.c:368) 1547843375 DEBUG torsocks[16768]: Socks5 sending method ver: 5, nmethods 0x01, methods 0x00 (in socks5_send_method() at socks5.c:229) 1547843375 DEBUG torsocks[16768]: Socks5 received method ver: 5, method 0x00 (in socks5_recv_method() at socks5.c:262) 1547843375 DEBUG torsocks[16768]: [socks5] Resolve for www.google.com. sent successfully (in socks5_send_resolve_request() at socks5.c:633) 1547843375 DEBUG torsocks[16768]: [socks5] Resolve reply received successfully (in socks5_recv_resolve_reply() at socks5.c:710) 1547843375 DEBUG torsocks[16768]: [getaddrinfo] Node www.google.com. resolved to 172.217.21.132 (in tsocks_getaddrinfo() at getaddrinfo.c:107) 172.217.21.132 Connecting to www.google.com. (www.google.com.)|172.217.21.132|:443... 1547843375 DEBUG torsocks[16768]: [socket] Creating socket with domain 2, type 1 and protocol 0 (in tsocks_socket() at socket.c:33) 1547843375 DEBUG torsocks[16768]: Connect caught on fd 3 (in tsocks_connect() at connect.c:118) 1547843375 DEBUG torsocks[16768]: [connect] Socket family AF_INET and type 1 (in tsocks_validate_socket() at connect.c:77) 1547843375 DEBUG torsocks[16768]: [onion] Finding onion entry for IP 172.217.21.132 (in onion_entry_find_by_addr() at onion.c:268) 1547843375 DEBUG torsocks[16768]: Connecting to the Tor network on fd 3 (in tsocks_connect_to_tor() at torsocks.c:473) 1547843375 DEBUG torsocks[16768]: Setting up a connection to the Tor network on fd 3 (in setup_tor_connection() at torsocks.c:368) 1547843375 DEBUG torsocks[16768]: Socks5 sending method ver: 5, nmethods 0x01, methods 0x00 (in socks5_send_method() at socks5.c:229) 1547843375 DEBUG torsocks[16768]: Socks5 received method ver: 5, method 0x00 (in socks5_recv_method() at socks5.c:262) 1547843375 DEBUG torsocks[16768]: Socks5 sending connect request to fd 3 (in socks5_send_connect_request() at socks5.c:459) 1547843375 DEBUG torsocks[16768]: Socks5 received connect reply - ver: 5, rep: 0x00, atype: 0x01 (in socks5_recv_connect_reply() at socks5.c:519) 1547843375 DEBUG torsocks[16768]: Socks5 connection is successful. (in socks5_recv_connect_reply() at socks5.c:523) connected. 1547843375 DEBUG torsocks[16768]: [fclose] Close caught for fd 4 (in tsocks_fclose() at fclose.c:45) ERROR: no certificate subject alternative name matches requested host name 'www.google.com.'. To connect to www.google.com. insecurely, use `--no-check-certificate'. 1547843376 DEBUG torsocks[16768]: [close] Close caught for fd 3 (in tsocks_close() at close.c:33) 1547843376 DEBUG torsocks[16768]: [close] Close connection putting back ref (in tsocks_close() at close.c:51) 1547843376 DEBUG torsocks[16768]: [onion] Destroying onion pool containing 0 entry (in onion_pool_destroy() at onion.c:148)
So it seems like the socks js library connects differently than torsocks. The thing is, this used to work fine.
Trac:
Username: arj 
Ok, I think this was actually a Tor bug. I've filed #29175 (moved) for it. Thanks!
mentioned in issue #29175 (moved)
mentioned in issue #29126 (moved)
mentioned in issue tpo/core/tor#29175 (closed)
moved to tpo/community/support#29050 (closed)
