Re: [Tails-dev] [review'n'merge:1.2] feature/tor-0.2.5.x-alp…

Delete this message

Reply to this message
Author: anonym
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] [review'n'merge:1.2] feature/tor-0.2.5.x-alpha (#7907) [Was: Tor 0.2.5.x and Tails]
18/09/14 18:32, intrigeri wrote:
> Hi,
>
>> Nick Mathewson wrote (17 Sep 2014 23:59:11 GMT) :
>>> My opinion is that Tor 0.2.5.x is better than 0.2.4.x, if it's working
>>> with you.
>
> The feature/tor-0.2.5.x-alpha (sic) branch:
>
> * installs Tor 0.2.5.7-rc from the Tor project's
> tor-experimental-0.2.5.x-wheezy APT repo
> * enables the brand new syscall sandbox if no special Tor
> configuration is asked for in the Greeter (as it's not compatible
> with managed proxies); as said earlier, finer granularity would be
> better (too bad users who simply need to configure a HTTP proxy or
> allowed firewall ports won't get the sandboxing, while technically
> they could), but that's the low-hanging fruit I could easily pick
> while I were at it, and is already much better than nothing.
>
> It passes the test suite for me, and I successfully manually tested
> bridges support (since we have no automated tests for that yet).
>
> Please review'n'merge into devel for Tails 1.2.


Since tor 0.2.5.8-rc has been pushed to the stable APT suites [1], but
the experimental ones still remain on 0.2.5.7-rc, I took the liberty to
push stuff into the branch so it would install 0.2.5.8-rc. I reverted
these two commits:

748e9e0 Also pull tor-geoipdb from the Tor project's
tor-experimental-0.2.5.x-wheezy suite.
9f18b50 Install Tor 0.2.5.x.

merged devel and built an image.

Now I get the exact same issue as I reported yesterday privately: about
half of the times tor 0.2.5.8-rc gets stuck during bootstrap for a long
time (perhaps indefinitely sometimes). There also seem to be
post-bootstrap issues that can result in circuits timing out. When
testing the image in the automated test suite, the delay often exceeds
the maximum time we allow in the "Tor is ready" step, resulting in test
failure, but sometimes it "just" adds about two minutes of extra run
time for the feature/scenario.

An example from the log when running torified_browsing.feature:

Sep 25 14:48:09.000 [notice] Tor 0.2.5.8-rc (git-eaa9ca1011e73a9d)
opening new log file.
Sep 25 14:48:09.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Sep 25 14:48:10.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Sep 25 14:48:10.000 [warn] This version of Tor was built without support
for sandboxing. To build with support for sandboxing on Linux, you must
have libseccomp and its necessary header files (e.g. seccomp.h).
Sep 25 14:48:10.000 [notice] Bootstrapped 0%: Starting
Sep 25 14:48:11.000 [notice] Bootstrapped 5%: Connecting to directory server
Sep 25 14:48:12.000 [notice] Bootstrapped 10%: Finishing handshake with
directory server
Sep 25 14:48:12.000 [notice] Bootstrapped 15%: Establishing an encrypted
directory connection
Sep 25 14:48:12.000 [notice] Bootstrapped 20%: Asking for networkstatus
consensus
Sep 25 14:48:12.000 [notice] Bootstrapped 25%: Loading networkstatus
consensus
Sep 25 14:48:12.000 [notice] I learned some more directory information,
but not enough to build a circuit: We have no usable consensus.
Sep 25 14:48:15.000 [notice] Bootstrapped 40%: Loading authority key certs
Sep 25 14:48:18.000 [notice] Bootstrapped 45%: Asking for relay descriptors
Sep 25 14:48:18.000 [notice] I learned some more directory information,
but not enough to build a circuit: We need more microdescriptors: we
have 0/6207, and can only build 0% of likely paths. (We have 0% of
guards bw, 0% of midpoint bw, and 0% of exit bw.)
Sep 25 14:48:18.000 [notice] Bootstrapped 50%: Loading relay descriptors
Sep 25 14:48:20.000 [notice] Bootstrapped 55%: Loading relay descriptors
Sep 25 14:48:20.000 [notice] Bootstrapped 60%: Loading relay descriptors
Sep 25 14:48:20.000 [notice] Bootstrapped 65%: Loading relay descriptors
Sep 25 14:48:20.000 [notice] Bootstrapped 70%: Loading relay descriptors
Sep 25 14:50:19.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:50:19.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:50:19.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)

And another slightly different example when running apt.feature:

Sep 25 14:55:37.000 [notice] Tor 0.2.5.8-rc (git-eaa9ca1011e73a9d)
opening new log file.
Sep 25 14:55:37.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Sep 25 14:55:37.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Sep 25 14:55:37.000 [warn] This version of Tor was built without support
for sandboxing. To build with support for sandboxing on Linux, you must
have libseccomp and its necessary header files (e.g. seccomp.h).
Sep 25 14:55:38.000 [notice] Bootstrapped 0%: Starting
Sep 25 14:55:39.000 [notice] Bootstrapped 5%: Connecting to directory server
Sep 25 14:55:39.000 [notice] Bootstrapped 10%: Finishing handshake with
directory server
Sep 25 14:55:39.000 [notice] Bootstrapped 15%: Establishing an encrypted
directory connection
Sep 25 14:55:39.000 [notice] Bootstrapped 20%: Asking for networkstatus
consensus
Sep 25 14:55:39.000 [notice] Bootstrapped 25%: Loading networkstatus
consensus
Sep 25 14:55:40.000 [notice] I learned some more directory information,
but not enough to build a circuit: We have no usable consensus.
Sep 25 14:55:40.000 [notice] Bootstrapped 40%: Loading authority key certs
Sep 25 14:55:41.000 [notice] Bootstrapped 45%: Asking for relay descriptors
Sep 25 14:55:41.000 [notice] I learned some more directory information,
but not enough to build a circuit: We need more microdescriptors: we
have 0/6207, and can only build 0% of likely paths. (We have 0% of
guards bw, 0% of midpoint bw, and 0% of exit bw.)
Sep 25 14:55:41.000 [notice] Bootstrapped 50%: Loading relay descriptors
Sep 25 14:55:43.000 [notice] Bootstrapped 55%: Loading relay descriptors
Sep 25 14:55:43.000 [notice] Bootstrapped 60%: Loading relay descriptors
Sep 25 14:55:43.000 [notice] Bootstrapped 65%: Loading relay descriptors
Sep 25 14:56:52.000 [notice] No circuits are opened. Relaxed timeout for
circuit 6 (a General-purpose client 1-hop circuit in state doing
handshakes with channel state open) to 60000ms. However, it appears the
circuit has timed out anyway. 3 guards are live.
Sep 25 14:57:42.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:57:42.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:57:42.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:59:42.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:59:42.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 14:59:42.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)

Here's a third example of unsafe_browser.feature, and now Tor bootstraps
successfully (but with timeouts) before the "Tor is ready" times out
(but there's a long delay). However, Tor actually fails later on, as you
can see, which results in that a failure to fetch the UDF, so the
"available upgrades have been checked" step fails.

Sep 25 16:29:56.000 [notice] Tor 0.2.5.8-rc (git-eaa9ca1011e73a9d)
opening new log file.
Sep 25 16:29:56.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Sep 25 16:29:57.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Sep 25 16:29:57.000 [warn] This version of Tor was built without support
for sandboxing. To build with support for sandboxing on Linux, you must
have libseccomp and its necessary header files (e.g. seccomp.h).
Sep 25 16:29:57.000 [notice] Bootstrapped 0%: Starting
Sep 25 16:29:58.000 [notice] Bootstrapped 5%: Connecting to directory server
Sep 25 16:29:58.000 [notice] Bootstrapped 10%: Finishing handshake with
directory server
Sep 25 16:29:59.000 [notice] Bootstrapped 15%: Establishing an encrypted
directory connection
Sep 25 16:29:59.000 [notice] Bootstrapped 20%: Asking for networkstatus
consensus
Sep 25 16:29:59.000 [notice] Bootstrapped 25%: Loading networkstatus
consensus
Sep 25 16:29:59.000 [notice] I learned some more directory information,
but not enough to build a circuit: We have no usable consensus.
Sep 25 16:30:00.000 [notice] Bootstrapped 40%: Loading authority key certs
Sep 25 16:30:01.000 [notice] Bootstrapped 45%: Asking for relay descriptors
Sep 25 16:30:01.000 [notice] I learned some more directory information,
but not enough to build a circuit: We need more microdescriptors: we
have 0/6247, and can only build 0% of likely paths. (We have 0% of
guards bw, 0% of midpoint bw, and 0% of exit bw.)
Sep 25 16:30:01.000 [notice] Bootstrapped 50%: Loading relay descriptors
Sep 25 16:30:03.000 [notice] Bootstrapped 55%: Loading relay descriptors
Sep 25 16:30:04.000 [notice] Bootstrapped 60%: Loading relay descriptors
Sep 25 16:30:04.000 [notice] Bootstrapped 65%: Loading relay descriptors
Sep 25 16:32:02.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:32:02.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:32:02.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:32:02.000 [notice] Application request when we haven't used
client functionality lately. Optimistically trying directory fetches again.
Sep 25 16:32:03.000 [notice] Bootstrapped 70%: Loading relay descriptors
Sep 25 16:32:03.000 [notice] Bootstrapped 76%: Loading relay descriptors
Sep 25 16:32:03.000 [notice] We now have enough directory information to
build circuits.
Sep 25 16:32:03.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Sep 25 16:32:03.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Sep 25 16:32:05.000 [notice] Tor has successfully opened a circuit.
Looks like client functionality is working.
Sep 25 16:32:05.000 [notice] Bootstrapped 100%: Done
Sep 25 16:32:14.000 [notice] New control connection opened.
Sep 25 16:32:14.000 [notice] New control connection opened.
Sep 25 16:32:18.000 [notice] New control connection opened from 127.0.0.1.
Sep 25 16:34:02.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:34:02.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:34:02.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:34:13.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)
Sep 25 16:34:46.000 [notice] Tried for 120 seconds to get a connection
to [scrubbed]:443. Giving up. (waiting for circuit)

I've also tested to restart Tor while it is in these states, and that
always resulted in an immediate successful bootstrap.

Because of [1] this also affects (well, affected [2]) the devel branch
so the issue has nothing to do with enabling the sandbox. In fact, I've
also tried both tor 0.2.5.7-rc and 0.2.5.8-rc in a 64-bit Debian Sid VM,
and as long as I clear /var/lib/tor to force a full bootstrap, I can
reproduce this problem, although it seems a lot rarer, like 10%.

Since I've been running 0.2.5.x for over a month without issue, I wonder
if the problems (both during and after bootstrap) only arises when a
full bootstrap is done. Well, I don't know what to make of all this, so
can someone please try reproducing this?

Cheers!

[1]
https://lists.torproject.org/pipermail/tor-talk/2014-September/034942.html
[2] I've pushed 0.2.4.24 into devels APT suite to fix that branch. This
bug should also affect experimental, but since feature/tor-0.2.5.x-alpha
is merged into it I let it remain with this broken Tor.