Tor issueshttps://gitlab.torproject.org/tpo/core/tor/-/issues2020-06-27T14:10:29Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/570possible tor exploit2020-06-27T14:10:29ZTracpossible tor exploitfrom http://www.oreillynet.com/onlamp/blog/2007/03/circumventing_yet_strengthenin.html
While the idea of circumventing the privacy offered by Tor via DNS, Flash, and Java (applets) is nothing new, HD Moore’s “Torment” Tor server hack has...from http://www.oreillynet.com/onlamp/blog/2007/03/circumventing_yet_strengthenin.html
While the idea of circumventing the privacy offered by Tor via DNS, Flash, and Java (applets) is nothing new, HD Moore’s “Torment” Tor server hack has made news at Securityfocus and ZDNet. Although I’m not quite sure why this big news now all of a sudden, it does have positive side effects for the Tor project (see my opinions below).
Moore’s methodology is based on the following strategy (also see Decloak):
1) A modified version of the Tor server is used.
2) When the Tor server is an exit node for a particular connection, it parses HTTP traffic for keywords that indicate criminal activity.
3) When an active keyword is found, the modified Tor server will embed HTML code in the response that will cause the Tor client’s browser to:
- Resolve a host name containing a unique identifier. Applications that use SOCKS 4 resolve hostnames using the ISP’s DNS (without going through the proxy server). In this scenario, the entity running the modified Tor server will also have to run a modified version of a DNS server that will match DNS queries to the unique identifier. This technique allows for the identity of the ISP of the client to be revealed (unless the user is using DNS that does not belong to his or her ISP).
- Load and run a Java applet hosted by the entity running the modified Tor server. The applet will determine the local IP address and pass it to the Tor server owner. If the end user is behind a NAT router, his internal (non-routable) IP address will be revealed.
- The Java applet will send a UDP packet to the server that served the applet. This UDP packet will be sent directly to the destination without going through TOR and will reveal the actual IP address of the client.
Here are my opinions on this:
1) Attempting to identify criminal activity based on keywords may help identify some criminals, but it will most likely result in too many false positives. This will compromise the anonymity of many legitimate Tor users, thus defeating the entire idea behind the Tor project.
2) The proposed methodology uses techniques that are circumvent-able by using Socks4a aware browsers and disabling plugins such as Flash and Java. I am sure Moore is aware of this, and to his credit, most users as of today are most likely to install and use Tor out-of-the-box. Also, disabling plugins such as Flash and Java may not be an option for many users because many web applications require these.
3) The fact that this topic has gained attention will have the following positive side effects on the Tor project:
- Some legitimate Tor users will pay attention to post-installation steps (use Socks4a, disable plugins) they need to perform in order lower the chances of their anonymity being circumvented.
- The Tor project, or a new project that utilizes the Tor system, may make an effort of offering a one stop solution or enhancement to the download package that may aid in automating some of the post-installation steps.
- The Tor download page provides warnings against the limitations of Tor, and even suggests that users investigate plugins such as NoScript and QuickJava. Unfortunately, a regular Tor user is not likely to spend time researching these proposed suggestions and will end up being suscsceptible to the techniques described by Moore. In addition, Tor users who use plugins such as QuickJava may still be susceptible because of the dynamic tag generation proposed by Moore, and there are already ongoing efforts by Tor volunteers to fix this.
In summary, I don’t believe Moore’s proposed idea is the most efficient solution to catching criminals who use Tor as the ZDNet seems to suggest, but I do believe that he has done a great job of demonstrating how most Tor users are susceptible to information leakage, and I believe this will in turn strengthen the Tor project
[Automatically added by flyspray2trac: Operating System: All]
**Trac**:
**Username**: jay2007techhttps://gitlab.torproject.org/tpo/core/tor/-/issues/569"We're missing a certificate from authority moria1 with signing key" log mess...2020-06-27T14:10:29ZTrac"We're missing a certificate from authority moria1 with signing key" log messages!Latest SVN version. Running as exit node.
grep 'missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request' /var/log/tor/tor.log
Dec 15 19:12:12.907 [notice] We're missing a...Latest SVN version. Running as exit node.
grep 'missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request' /var/log/tor/tor.log
Dec 15 19:12:12.907 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:12:36.838 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:13:36.509 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:14:37.233 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:15:38.925 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:16:39.644 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:17:40.357 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:18:41.158 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:19:42.868 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:20:43.605 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:21:44.380 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:22:45.223 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:23:46.951 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:24:47.683 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:25:48.381 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:26:50.148 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:27:50.888 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:28:51.745 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:29:52.513 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:30:53.229 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:31:54.965 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:32:55.692 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:33:56.448 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:34:57.208 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:35:58.917 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:36:59.753 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:38:00.562 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:39:01.516 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:40:02.308 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:41:03.188 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:42:04.946 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:43:05.678 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:44:06.393 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:45:08.143 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:46:09.965 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:47:10.685 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:48:11.423 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:49:12.154 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:50:13.914 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:51:14.836 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:52:15.575 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:53:16.379 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:54:17.151 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:55:18.872 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:56:19.605 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:57:20.647 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:58:21.472 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 19:59:22.198 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:00:23.884 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:01:24.619 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:02:25.396 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:03:26.246 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:04:27.946 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:05:28.882 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:06:29.602 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:07:30.345 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:08:32.147 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:09:33.902 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:10:34.698 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:11:35.462 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:12:36.196 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:13:37.917 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:14:38.672 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:15:39.335 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
Dec 15 20:16:41.147 [notice] We're missing a certificate from authority moria1 with signing key 0000000000000000000000000000000000000000: launching request.
[Automatically added by flyspray2trac: Operating System: Other Linux]
**Trac**:
**Username**: xiandohttps://gitlab.torproject.org/tpo/core/tor/-/issues/568panther dislikes tor r128012020-06-27T14:10:29ZAndrew Lewmanpanther dislikes tor r12801panther can't even configure tor anymore:
/autogen.sh
configure.in:23: error: possibly undefined macro: AS_HELP_STRING
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
CO...panther can't even configure tor anymore:
/autogen.sh
configure.in:23: error: possibly undefined macro: AS_HELP_STRING
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
CONFDIR=/Library/Tor ./configure --prefix=/Library/Tor --bindir=/Library/Tor --sysconfdir=/Library
configure: error: cannot find install-sh or install.sh in . ./.. ./../..
[Automatically added by flyspray2trac: Operating System: OSX 10.3 Panther]https://gitlab.torproject.org/tpo/core/tor/-/issues/567Firefox2020-06-27T14:10:29ZTracFirefoxWhen I use Firefox browser with Torbuton, I am offen lost my connection, sometime for few minutes sometimes for longer time.
I get " connection refused, Firefox is configured to be used with proxy but this one do not accepte connection....When I use Firefox browser with Torbuton, I am offen lost my connection, sometime for few minutes sometimes for longer time.
I get " connection refused, Firefox is configured to be used with proxy but this one do not accepte connection....."
But when I have this problem I switch to Opera browser and I dont have any problem.
[Automatically added by flyspray2trac: Operating System: Windows 2k/XP]
**Trac**:
**Username**: nounhttps://gitlab.torproject.org/tpo/core/tor/-/issues/566Warning2020-06-27T14:10:29ZTracWarningI have the following warning : your server (xxxxxxxx) has not managed to confirm that its ORPort is reachable, please check your firewalls, ports, address, host file, etc...
I use Comodo firewall with Videlia, Tor, and Privoxy are all au...I have the following warning : your server (xxxxxxxx) has not managed to confirm that its ORPort is reachable, please check your firewalls, ports, address, host file, etc...
I use Comodo firewall with Videlia, Tor, and Privoxy are all autorised.
I use a Host file up to date (MVPs Host)
I installed the relay traffic for Tor (setting as recommanded with security).
What can do to settle this problem.
Thanks
[Automatically added by flyspray2trac: Operating System: Windows 2k/XP]
**Trac**:
**Username**: nounhttps://gitlab.torproject.org/tpo/core/tor/-/issues/563we are 43197 minutes ahead, or the directory is 43197 minutes behind.2020-06-27T14:10:29ZTracwe are 43197 minutes ahead, or the directory is 43197 minutes behind.Hi,
I'm from Germany so English isn't my native language. Please excuse if there are any difficulties understanding me.
Well, I've been using the vidalia bundle for quite a time, both on my laptop and pc.
A week ago some troubles with m...Hi,
I'm from Germany so English isn't my native language. Please excuse if there are any difficulties understanding me.
Well, I've been using the vidalia bundle for quite a time, both on my laptop and pc.
A week ago some troubles with my pc-vidalia have started.
Vidalia (and Tor) started, but I couldn't use, all I got were the no connection error-message when I tried to load a homepage.
I updated to the 0.1.2.18 version today but the error stayed the same.
Here are the lines from the log I believe to be important.
Jan 05 19:22:46.456 [Hinweis] Tor v0.1.2.18. This is experimental software. Do not rely on it for strong anonymity.
Jan 05 19:22:46.476 [Hinweis] Initialized libevent version 1.3e using method win32. Good.
Jan 05 19:22:46.476 [Hinweis] Opening Socks listener on 127.0.0.1:9050
Jan 05 19:22:46.476 [Hinweis] Opening Control listener on 127.0.0.1:9051
Jan 05 19:22:51.143 [Warnung] Received directory with skewed time (server '128.31.0.34:9031'): we are 43197 minutes ahead, or the directory is 43197 minutes behind.
Jan 05 19:22:51.143 [Hinweis] I learned some more directory information, but not enough to build a circuit.
Jan 05 19:23:00.887 [Hinweis] Application request when we're believed to be offline. Optimistically trying directory fetches again.
I use Windows XP, Firefox 2.0.0.11, the Vidalia-Bundle 0.1.2.18 with Tor-Button.
Please help me, I tried to find some information my self, but couldn't help it.
Thanks a lot,
Tobi
[Automatically added by flyspray2trac: Operating System: Windows 2k/XP]
**Trac**:
**Username**: tobi84https://gitlab.torproject.org/tpo/core/tor/-/issues/561tor segfaults in libevent2020-06-27T14:10:29ZTractor segfaults in libeventtor-0.2.0.11-alpha as well as tor-0.2.0.12-alpha did core dump after about one week of operation on my Debian “lenny” exit gw.
1.) backtrace for 0.2.0.11
Core was generated by `/usr/sbin/tor'.
Program terminated with signal 11, Segment...tor-0.2.0.11-alpha as well as tor-0.2.0.12-alpha did core dump after about one week of operation on my Debian “lenny” exit gw.
1.) backtrace for 0.2.0.11
Core was generated by `/usr/sbin/tor'.
Program terminated with signal 11, Segmentation fault.
#0 0xb7f3d4c2 in event_tree_RB_REMOVE_COLOR () from /usr/lib/libevent-1.3d.so.1
(gdb) bt
#0 0xb7f3d4c2 in event_tree_RB_REMOVE_COLOR () from /usr/lib/libevent-1.3d.so.1
#1 0xb7f3d7b7 in event_tree_RB_REMOVE () from /usr/lib/libevent-1.3d.so.1
legacy/trac#2 0xb7f3dc0b in ?? () from /usr/lib/libevent-1.3d.so.1
legacy/trac#3 0x0812b614 in ?? ()
legacy/trac#4 0xa3f22300 in ?? ()
legacy/trac#5 0x0810cd0d in ?? ()
legacy/trac#6 0x08125ea0 in evdns_log_fn ()
legacy/trac#7 0xb7e14977 in AES_encrypt () from /usr/lib/i686/cmov/libcrypto.so.0.9.8
legacy/trac#8 0xa3f22300 in ?? ()
legacy/trac#9 0xbfccc848 in ?? ()
legacy/trac#10 0xb7f3ded1 in event_del () from /usr/lib/libevent-1.3d.so.1
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
2.) backtrace for 0.2.0.12
Core was generated by `/usr/sbin/tor'.
Program terminated with signal 11, Segmentation fault.
#0 0xb7f6e4b6 in event_tree_RB_REMOVE_COLOR () from /usr/lib/libevent-1.3d.so.1
(gdb) bt
#0 0xb7f6e4b6 in event_tree_RB_REMOVE_COLOR () from /usr/lib/libevent-1.3d.so.1
#1 0xb7f6e7b7 in event_tree_RB_REMOVE () from /usr/lib/libevent-1.3d.so.1
legacy/trac#2 0xb7f6ec0b in ?? () from /usr/lib/libevent-1.3d.so.1
legacy/trac#3 0x0813a614 in ?? ()
legacy/trac#4 0xa19c9398 in ?? ()
legacy/trac#5 0x0811beed in ?? ()
legacy/trac#6 0x081351e0 in evdns_log_fn ()
legacy/trac#7 0xa6a5f390 in ?? ()
legacy/trac#8 0x36dbdff4 in ?? ()
legacy/trac#9 0x0813a478 in ?? ()
legacy/trac#10 0xb7f7d170 in ?? () from /usr/lib/libevent-1.3d.so.1
legacy/trac#11 0x0813a478 in ?? ()
legacy/trac#12 0xa19c9398 in ?? ()
legacy/trac#13 0xbf90b498 in ?? ()
legacy/trac#14 0xb7f6eed1 in event_del () from /usr/lib/libevent-1.3d.so.1
Backtrace stopped: frame did not save the PC
(gdb)
[Automatically added by flyspray2trac: Operating System: Other Linux]
**Trac**:
**Username**: FaloNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/560tor app for iphone2020-06-27T14:10:29ZTractor app for iphonesince the iphone does wifi, it would be great if tor could be ported to the iphone so we could surf more safely.
[Automatically added by flyspray2trac: Operating System: OSX 10.5 Leopard]
**Trac**:
**Username**: dramsince the iphone does wifi, it would be great if tor could be ported to the iphone so we could surf more safely.
[Automatically added by flyspray2trac: Operating System: OSX 10.5 Leopard]
**Trac**:
**Username**: dramhttps://gitlab.torproject.org/tpo/core/tor/-/issues/557http[s]proxyauthenticator in torrc can't contain # symbol2020-06-27T14:10:29ZRoger Dingledinehttp[s]proxyauthenticator in torrc can't contain # symbolThis was reported in a comment on bug 550, but it deserves its own flyspray entry.
If you add a line to your torrc like
httpproxyauthenticator foo:bar#5
then you can see via getconf that it only sets the value to 'foo:bar'.
One option ...This was reported in a comment on bug 550, but it deserves its own flyspray entry.
If you add a line to your torrc like
httpproxyauthenticator foo:bar#5
then you can see via getconf that it only sets the value to 'foo:bar'.
One option would be to force the user to provide a base64'ed value in the
first place. That's not a very convenient approach though.
Another option would be to make them put it in double quotes, or put a
backslash before it, or otherwise quote it.
Would supporting that in torrc parsing introduce any problems elsewhere?
I can't think of any.
[Automatically added by flyspray2trac: Operating System: All]Nick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/556avoid going to the authorities so much2020-06-27T14:10:30Zweasel (Peter Palfrader)avoid going to the authorities so muchWhen we have a dirport enabled in our config we always go to the
authorities for our directory requests. We should probably only
go to the DAs when we actually have a dirport published.
[Automatically added by flyspray2trac: Operating...When we have a dirport enabled in our config we always go to the
authorities for our directory requests. We should probably only
go to the DAs when we actually have a dirport published.
[Automatically added by flyspray2trac: Operating System: All]Roger DingledineRoger Dingledinehttps://gitlab.torproject.org/tpo/core/tor/-/issues/555Mac OS X 0.1.2.18 Tiger Universal Bundle addsysuser RFE2020-06-27T14:10:30ZTracMac OS X 0.1.2.18 Tiger Universal Bundle addsysuser RFEOne side-effect of the 2007-06-12 modifications to addsysuser for Mac
OS X 10.5 (Leopard) is that the "_tor" account is no longer assigned
an explicit uid. Cf., the statement in "else" clause that executes
uiddef=`nidump passwd / | ...One side-effect of the 2007-06-12 modifications to addsysuser for Mac
OS X 10.5 (Leopard) is that the "_tor" account is no longer assigned
an explicit uid. Cf., the statement in "else" clause that executes
uiddef=`nidump passwd / | cut -d: -f3 | sort -n | grep -v '!^[56789]..' |grep -v '!^....$' | tail -n 1`
However, these modifications now cause the "else" clause that employs
nidump to never be executed even for older versions of the Mac OS X
(including 10.2 through 10.4) because they (too) have /usr/bin/dscl.
Therefore, I suggest that something along the following be added
within the "if [ -x /usr/bin/dscl ]; then" clause:
if [ -x /usr/bin/nidump ]; then
uiddef=`nidump passwd / | cut -d: -f3 | sort -n | grep -v '!^[56789]..' |grep -v '!^....$' | tail -n 1`
else
set _tmp=/tmp/_dsexport_tmp.txt.$$
rm -f $_tmp
dsexport $_tmp '/Local/Default' 'dsRecTypeStandard:Users' > /dev/null 2>&1
uiddef=`cat $_tmp | sed 's/\\\://g' | cut -d: -f6 | grep '!^[0-9]' | sort -n | grep -v '!^[56789]..' | grep -v '!^....$' | tail -n 1`
rm -f $_tmp
fi
uiddef=`echo $uiddef + 1 | bc`
dscl . -create /users/$username uid $uiddef
(Note that the "if [ -x /usr/bin/nidump ]; then" protection exists
because OSes prior to 10.5 do _not_ have /usr/bin/dsexport (sigh).)
[Automatically added by flyspray2trac: Operating System: OSX 10.5 Leopard]
**Trac**:
**Username**: mwfongAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/tpo/core/tor/-/issues/5530.2.0.11-alpha fails to compile in osx 10.32020-06-27T14:10:30ZAndrew Lewman0.2.0.11-alpha fails to compile in osx 10.3cc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -MT log.o -MD -MP -MF .deps/log.Tpo -c -o log.o log.c
mv -f .deps/log.Tpo .deps/log.Po
gcc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -MT util.o ...cc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -MT log.o -MD -MP -MF .deps/log.Tpo -c -o log.o log.c
mv -f .deps/log.Tpo .deps/log.Po
gcc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -MT util.o -MD -MP -MF .deps/util.Tpo -c -o util.o util.c
mv -f .deps/util.Tpo .deps/util.Po
gcc -DHAVE_CONFIG_H -I. -I../.. -I../common -g -O2 -Wall -g -O2 -MT compat.o -MD -MP -MF .deps/compat.Tpo -c -o compat.o compat.c
compat.c:670: error: conflicting types for `rlim_t'
/usr/include/sys/types.h:103: error: previous declaration of `rlim_t'
make[4]: *** [compat.o] Error 1
make[3]: *** [all-recursive] Error 1
make[2]: *** [all-recursive] Error 1
make[1]: *** [all] Error 2
make: *** [dist-osx] Error 2
[Automatically added by flyspray2trac: Operating System: OSX 10.3 Panther]0.2.0.10-alphahttps://gitlab.torproject.org/tpo/core/tor/-/issues/552Mac OS X 0.1.2.18 Tiger Universal Bundle postflight Error2020-06-27T14:10:30ZTracMac OS X 0.1.2.18 Tiger Universal Bundle postflight ErrorTor.pkg:postflight contains the following code:
# Create the configuration file only if there wasn't one already.
if [ ! -f $TARGET/torrc ]; then
cp $TARGET/torrc.sample $TARGET/torrc.sample
fi
which _should_ read
# Create the confi...Tor.pkg:postflight contains the following code:
# Create the configuration file only if there wasn't one already.
if [ ! -f $TARGET/torrc ]; then
cp $TARGET/torrc.sample $TARGET/torrc.sample
fi
which _should_ read
# Create the configuration file only if there wasn't one already.
if [ ! -f $TARGET/torrc ]; then
cp $TARGET/torrc.sample $TARGET/torrc
fi
[Automatically added by flyspray2trac: Operating System: OSX 10.5 Leopard]
**Trac**:
**Username**: mwfongAndrew LewmanAndrew Lewmanhttps://gitlab.torproject.org/tpo/core/tor/-/issues/550TOR 407 Proxy authentication required2020-06-27T14:10:30ZTracTOR 407 Proxy authentication requiredNov 11 10:06:41.421 [Notice] Tor v0.1.2.18. This is experimental software. Do not rely on it for strong anonymity.
Nov 11 10:06:41.531 [Notice] Initialized libevent version 1.3e using method win32. Good.
Nov 11 10:06:41.531 [Notice] Open...Nov 11 10:06:41.421 [Notice] Tor v0.1.2.18. This is experimental software. Do not rely on it for strong anonymity.
Nov 11 10:06:41.531 [Notice] Initialized libevent version 1.3e using method win32. Good.
Nov 11 10:06:41.531 [Notice] Opening Socks listener on 127.0.0.1:9050
Nov 11 10:06:41.531 [Notice] Opening Control listener on 127.0.0.1:9051
Nov 11 10:07:42.968 [Warning] Received http status code 407 ("Proxy Authentication Required") from server '128.31.0.34:9032' while fetching "/tor/status/fp/38D4F5FCF7B1023228B895EA56EDE7D5CCDCAF32+719BE45DE224B607C53707D0E2143E2D423E74CF+7EA6EAD6FD83083C538F44038BBFA077587DD755+847B1F850344D7876491A54892F904934E4EB85D+FFCB46DB1339DA84674C70D7CB586434C4370441.z". I'll try again soon.
Nov 11 10:08:43.859 [Warning] Received http status code 407 ("Proxy Authentication Required") from server '194.109.206.212:80' while fetching "/tor/status/fp/38D4F5FCF7B1023228B895EA56EDE7D5CCDCAF32+719BE45DE224B607C53707D0E2143E2D423E74CF+7EA6EAD6FD83083C538F44038BBFA077587DD755+847B1F850344D7876491A54892F904934E4EB85D+FFCB46DB1339DA84674C70D7CB586434C4370441.z". I'll try again soon.
Nov 11 10:09:44.859 [Warning] Received http status code 407 ("Proxy Authentication Required") from server '194.109.206.212:80' while fetching "/tor/status/fp/38D4F5FCF7B1023228B895EA56EDE7D5CCDCAF32+719BE45DE224B607C53707D0E2143E2D423E74CF+7EA6EAD6FD83083C538F44038BBFA077587DD755+847B1F850344D7876491A54892F904934E4EB85D+FFCB46DB1339DA84674C70D7CB586434C4370441.z". I'll try again soon.
Nov 11 10:10:45.859 [Warning] Received http status code 407 ("Proxy Authentication Required") from server '140.247.60.64:80' while fetching "/tor/status/fp/38D4F5FCF7B1023228B895EA56EDE7D5CCDCAF32+719BE45DE224B607C53707D0E2143E2D423E74CF+7EA6EAD6FD83083C538F44038BBFA077587DD755+847B1F850344D7876491A54892F904934E4EB85D+FFCB46DB1339DA84674C70D7CB586434C4370441.z". I'll try again soon.
Nov 11 10:11:46.843 [Warning] Received http status code 407 ("Proxy Authentication Required") from server '140.247.60.64:80' while fetching "/tor/status/fp/38D4F5FCF7B1023228B895EA56EDE7D5CCDCAF32+719BE45DE224B607C53707D0E2143E2D423E74CF+7EA6EAD6FD83083C538F44038BBFA077587DD755+847B1F850344D7876491A54892F904934E4EB85D+FFCB46DB1339DA84674C70D7CB586434C4370441.z". I'll try again soon.
This is my error log.
My frd's (same school network) computer can use the tor network in his computer, but mine's kept on receiving 407...
I have typed in http proxy as proxy:8080, domain\user pw:xxxx in the latest version of Vidalia in the network field of Vidalia 0.0.15
I have no idea wt I have to do now. I have changed versions of TOR and Vidalia, but it still gives me this problem.
I have shut down ZA and my Anti-Virus, but still this went on...
Anyone here can help me out of this?
[Automatically added by flyspray2trac: Operating System: Windows 2k/XP]
**Trac**:
**Username**: lsc01287post 0.2.0.xhttps://gitlab.torproject.org/tpo/core/tor/-/issues/549massive memory leak in exit nodes2020-06-27T14:10:30ZRoger Dingledinemassive memory leak in exit nodesmikeperry ran 0.1.2.17 on his exit node under valgrind:
==1715== 141,696 bytes in 492 blocks are possibly lost in loss record 15 of 17
==1715== at 0x40053C0: malloc (vg_replace_malloc.c:149)
==1715== by 0x80B7240: _tor_malloc (uti...mikeperry ran 0.1.2.17 on his exit node under valgrind:
==1715== 141,696 bytes in 492 blocks are possibly lost in loss record 15 of 17
==1715== at 0x40053C0: malloc (vg_replace_malloc.c:149)
==1715== by 0x80B7240: _tor_malloc (util.c:116)
==1715== by 0x80B8F06: _tor_malloc_zero (util.c:135)
==1715== by 0x808AB2A: dns_resolve (dns.c:719)
==1715== by 0x8071513: connection_exit_begin_conn (connection_edge.c:2250)
==1715== by 0x8095BA3: connection_edge_process_relay_cell (relay.c:1023)
==1715== by 0x8096310: circuit_receive_relay_cell (relay.c:171)
==1715== by 0x805B96E: command_process_cell (command.c:327)
==1715== by 0x80732BC: connection_or_process_inbuf (connection_or.c:768)
==1715== by 0x8067954: connection_process_inbuf (connection.c:2238)
==1715== by 0x806A792: connection_handle_read (connection.c:1449)
==1715== by 0x8091107: conn_read_callback (main.c:422)
==1715==
==1715==
==1715== 178,968,672 (177,808,896 direct, 1,159,776 indirect) bytes in 617,392 blocks are definitely lost in loss record 17 of 17
==1715== at 0x40053C0: malloc (vg_replace_malloc.c:149)
==1715== by 0x80B7240: _tor_malloc (util.c:116)
==1715== by 0x80B8F06: _tor_malloc_zero (util.c:135)
==1715== by 0x808AB2A: dns_resolve (dns.c:719)
==1715== by 0x8071513: connection_exit_begin_conn (connection_edge.c:2250)
==1715== by 0x8095BA3: connection_edge_process_relay_cell (relay.c:1023)
==1715== by 0x8096310: circuit_receive_relay_cell (relay.c:171)
==1715== by 0x805B96E: command_process_cell (command.c:327)
==1715== by 0x80732BC: connection_or_process_inbuf (connection_or.c:768)
==1715== by 0x8067954: connection_process_inbuf (connection.c:2238)
==1715== by 0x806A792: connection_handle_read (connection.c:1449)
==1715== by 0x8091107: conn_read_callback (main.c:422)
That's this malloc in dns.c:
/* not there, need to add it */
resolve = tor_malloc_zero(sizeof(cached_resolve_t));
resolve->magic = CACHED_RESOLVE_MAGIC;
My first thought is that the "if" above that can still have resolve there,
just without the expected 'expired' value. We should convert r12469 into an
assert at some point.
On closer inspection, r12470 looks like a better candidate for the problem.
[Automatically added by flyspray2trac: Operating System: All]https://gitlab.torproject.org/tpo/core/tor/-/issues/548recent dir auths are dropping routers from networkstatus2020-06-27T14:10:30ZRoger Dingledinerecent dir auths are dropping routers from networkstatusNov 09 18:11:21.626 [notice] Tongagetting added to v2 vote.
Nov 09 18:11:21.647 [notice] I added 1 Tongas to the v2 vote
Nov 09 18:11:52.892 [notice] Tongagetting added to v2 vote.
Nov 09 18:11:52.911 [notice] I added 1 Tongas to the v2 ...Nov 09 18:11:21.626 [notice] Tongagetting added to v2 vote.
Nov 09 18:11:21.647 [notice] I added 1 Tongas to the v2 vote
Nov 09 18:11:52.892 [notice] Tongagetting added to v2 vote.
Nov 09 18:11:52.911 [notice] I added 1 Tongas to the v2 vote
Nov 09 18:11:57.496 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_add_to_routerlist
Nov 09 18:11:57.496 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_replace, replacing another descriptor
Nov 09 18:11:57.496 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_add_to_routerlist, being better than the old Tonga
Nov 09 18:12:28.223 [notice] Tongagetting added to v2 vote.
Nov 09 18:12:28.242 [notice] I added 1 Tongas to the v2 vote
Nov 09 18:12:59.058 [notice] Tongagetting added to v2 vote.
Nov 09 18:12:59.077 [notice] I added 1 Tongas to the v2 vote
...
Nov 10 12:12:32.405 [notice] Tongagetting added to v2 vote.
Nov 10 12:12:32.422 [notice] I added 1 Tongas to the v2 vote
Nov 10 12:12:36.812 [notice] A descriptor for Tonga (published 2007-11-10 17:12:
36) was spotted in routerlist_add_to_routerlist
Nov 10 12:12:36.812 [notice] A descriptor for Tonga (published 2007-11-10 17:12:
36) was spotted in routerlist_replace, replacing another descriptor
Nov 10 12:12:36.812 [notice] A descriptor for Tonga (published 2007-11-10 17:12:
36) was spotted in routerlist_add_to_routerlist, being better than the old Tonga
Nov 10 12:13:04.723 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_reparse_old, getting ready to go back onto the rou
terlist.
Nov 10 12:13:04.723 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_add_to_routerlist
Nov 10 12:13:04.723 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_replace, replacing another descriptor
Nov 10 12:13:04.723 [notice] A descriptor for Tonga (published 2007-11-09 23:11:
57) was spotted in routerlist_add_to_routerlist, being better than the old Tonga
Nov 10 12:13:06.003 [notice] Tongagetting added to v2 vote.
Nov 10 12:13:06.027 [notice] I added 1 Tongas to the v2 vote
...
Nov 10 12:22:37.467 [notice] Tongagetting added to v2 vote.
Nov 10 12:22:37.485 [notice] I added 1 Tongas to the v2 vote
Nov 10 12:22:50.643 [info] dirserv_orconn_tls_done(): Found router Tonga to be r
eachable. Yay.
Nov 10 12:23:11.088 [notice] Tongagetting added to v2 vote.
Nov 10 12:23:11.106 [notice] I added 1 Tongas to the v2 vote
...
Nov 10 12:43:42.098 [notice] Tongagetting added to v2 vote.
Nov 10 12:43:42.116 [notice] I added 1 Tongas to the v2 vote
Nov 10 12:44:20.516 [info] dirserv_orconn_tls_done(): Found router Tonga to be r
eachable. Yay.
Nov 10 12:44:21.532 [notice] Tongagetting added to v2 vote.
Nov 10 12:44:21.550 [notice] I added 1 Tongas to the v2 vote
Nov 10 12:45:01.439 [notice] Tongagetting added to v2 vote.
Nov 10 12:45:01.466 [notice] I added 1 Tongas to the v2 vote
...
Nov 10 14:09:42.178 [notice] Tongagetting added to v2 vote.
Nov 10 14:09:42.197 [notice] I added 1 Tongas to the v2 vote
Nov 10 14:10:14.103 [notice] Tongagetting added to v2 vote.
Nov 10 14:10:14.121 [notice] I added 1 Tongas to the v2 vote
Nov 10 14:10:40.705 [info] dirserv_orconn_tls_done(): Found router Tonga to be r
eachable. Yay.
Nov 10 14:10:41.115 [info] connection_read_to_buf(): tls error [unexpected close
]. breaking (nickname Tonga, address 82.94.251.206).
Nov 10 14:10:47.784 [notice] Tongagetting added to v2 vote.
Nov 10 14:10:47.803 [notice] I added 1 Tongas to the v2 vote
Nov 10 14:11:21.388 [notice] Tongagetting added to v2 vote.
Nov 10 14:11:21.408 [notice] I added 1 Tongas to the v2 vote
Nov 10 14:11:54.131 [notice] Tongagetting added to v2 vote.
Nov 10 14:11:54.151 [notice] I added 1 Tongas to the v2 vote
Nov 10 14:12:31.128 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:13:02.633 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:13:34.137 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:14:06.078 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:14:39.603 [notice] I added 0 Tongas to the v2 vote
...
Nov 10 14:31:08.730 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:31:41.332 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:32:00.538 [info] dirserv_orconn_tls_done(): Found router Tonga to be r
eachable. Yay.
Nov 10 14:32:12.992 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:32:45.342 [notice] I added 0 Tongas to the v2 vote
Nov 10 14:33:17.402 [notice] I added 0 Tongas to the v2 vote
[Automatically added by flyspray2trac: Operating System: All]https://gitlab.torproject.org/tpo/core/tor/-/issues/547consensus with very few running routers2020-06-27T14:10:30Zweasel (Peter Palfrader)consensus with very few running routerswhen a majority of the authorities upgrade/restart just when it's time
to vote then they will builds votes with only themselves marked as running.
This causes consensus documents with only very few, if any routers marked
as running. ...when a majority of the authorities upgrade/restart just when it's time
to vote then they will builds votes with only themselves marked as running.
This causes consensus documents with only very few, if any routers marked
as running. In such cases it'd probably smarter to continue using an old
consensus.
Maybe the solution is to not vote when you have only been running for a
few (5 to 20?) minutes.
[Automatically added by flyspray2trac: Operating System: All]https://gitlab.torproject.org/tpo/core/tor/-/issues/546missing cert launches never back off2020-06-27T14:10:31ZRoger Dingledinemissing cert launches never back offI just added ides as a new v3 authority to my config.c (on moria[12] and on my
bridge relay), and now
Nov 07 16:24:07.260 [notice] Launching request for 1 missing certificates
Nov 07 16:24:07.261 [warn] Received http status code 404 ("N...I just added ides as a new v3 authority to my config.c (on moria[12] and on my
bridge relay), and now
Nov 07 16:24:07.260 [notice] Launching request for 1 missing certificates
Nov 07 16:24:07.261 [warn] Received http status code 404 ("Not found") from serv
er '128.31.0.34:9031' while fetching "/tor/keys/fp/27B6B5996C426270A5C95488AA5BC
EB6BCC86956".
Nov 07 16:24:07.261 [notice] Launching request for 1 missing certificates
Nov 07 16:24:07.469 [warn] Received http status code 404 ("Not found") from serv
er '86.59.21.38:80' while fetching "/tor/keys/fp/27B6B5996C426270A5C95488AA5BCEB
6BCC86956".
Nov 07 16:24:07.469 [notice] Launching request for 1 missing certificates
Nov 07 16:24:07.616 [warn] Received http status code 404 ("Not found") from serv
er '216.224.124.114:9030' while fetching "/tor/keys/fp/27B6B5996C426270A5C95488A
A5BCEB6BCC86956".
Nov 07 16:24:07.616 [notice] Launching request for 1 missing certificates
Nov 07 16:24:07.616 [warn] Received http status code 404 ("Not found") from serv
er '128.31.0.34:9031' while fetching "/tor/keys/fp/27B6B5996C426270A5C95488AA5BC
EB6BCC86956".
Nov 07 16:24:07.617 [notice] Launching request for 1 missing certificates
Nov 07 16:24:07.618 [warn] Received http status code 404 ("Not found") from server '128.31.0.34:9031' while fetching "/tor/keys/fp/27B6B5996C426270A5C95488AA5BCEB6BCC86956".
it repeats ad infinitum without ever backing off.
(The other half of the bug might be that this cert isn't to be found anywhere,
even though ides is running. How are certs for new authorities supposed to get
spread around the network?)
[Automatically added by flyspray2trac: Operating System: All]0.2.0.10-alphahttps://gitlab.torproject.org/tpo/core/tor/-/issues/545updating guard status from v2 networkstatuses?2020-06-27T14:10:31ZRoger Dingledineupdating guard status from v2 networkstatuses?This is on my bridge, which is a relay plus dircache.
Nov 06 15:27:35.689 [info] connection_dir_client_reached_eof(): Received network
status objects (size 1729899) from server '128.31.0.34:9031'
Nov 06 15:27:35.720 [info] router_set_ne...This is on my bridge, which is a relay plus dircache.
Nov 06 15:27:35.689 [info] connection_dir_client_reached_eof(): Received network
status objects (size 1729899) from server '128.31.0.34:9031'
Nov 06 15:27:35.720 [info] router_set_networkstatus_v2(): Setting networkstatus
downloaded from directory server "moria1" at 128.31.0.34:9031 (published 2007-11
-06 20:27:25)
Nov 06 15:27:35.803 [info] router_set_networkstatus_v2(): Setting networkstatus
downloaded from directory server "tor26" at 86.59.21.38:80 (published 2007-11-06
20:26:19)
Nov 06 15:27:35.886 [info] router_set_networkstatus_v2(): Setting networkstatus
downloaded from directory server "dizum" at 194.109.206.212:80 (published 2007-1
1-06 20:26:24)
Nov 06 15:27:35.967 [info] router_set_networkstatus_v2(): Setting networkstatus
downloaded from directory server "moria2" at 128.31.0.34:9032 (published 2007-11
-06 20:26:30)
Nov 06 15:27:36.048 [info] router_set_networkstatus_v2(): Setting networkstatus
downloaded from directory server "lefkada" at 140.247.60.64:80 (published 2007-1
1-06 20:26:49)
Nov 06 15:27:36.107 [info] entry_guards_compute_status(): Summary: Entry 'sabota
ge' is reachable, unusable and not live.
Nov 06 15:27:36.107 [info] entry_guards_compute_status(): Summary: Entry 'teunto
rt' is reachable, usable and live.
...
It appears to be not only caching the v2 networkstatuses, but also looking at them
and acting on them?
[Automatically added by flyspray2trac: Operating System: All]https://gitlab.torproject.org/tpo/core/tor/-/issues/544bandwidth buckets are ints2020-06-27T14:10:31ZRoger Dingledinebandwidth buckets are intsNov 06 12:09:57.592 [debug] global_read_bucket now 6291456.
Nov 06 13:10:20.167 [debug] global_read_bucket now -1815240658.
Nov 06 13:10:20.167 [debug] global_write_bucket now -1815085682.
Nov 06 13:10:20.167 [debug] global_relayed_read...Nov 06 12:09:57.592 [debug] global_read_bucket now 6291456.
Nov 06 13:10:20.167 [debug] global_read_bucket now -1815240658.
Nov 06 13:10:20.167 [debug] global_write_bucket now -1815085682.
Nov 06 13:10:20.167 [debug] global_relayed_read_bucket now 512000.
Nov 06 13:10:20.167 [warn] Your system clock just jumped 3517 seconds forward; a
ssuming established circuits no longer work.
This overflow is probably a bug in 0.1.2.x too.
[Automatically added by flyspray2trac: Operating System: All]