Tor Relay problems - v1.11.0

General discussion about Gargoyle, OpenWrt or anything else even remotely related to the project

Moderator: Moderators

ysy
Posts: 47
Joined: Sat Oct 28, 2017 12:24 pm

Tor Relay problems - v1.11.0

Post by ysy »

RE: Tor Relay

Hi All,

Just tested Tor Relay with the default configuration. Got the following warnings. Tor Relay worked pretty well during the early days when directory cache was not turned on:

1) OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 1000214f: OpenSSL 1.0.2t 10 Sep 2019; running with 1000213f: OpenSSL 1.0.2s 28 May 2019).

2) Being a directory cache (default) with less than DIRCACHE_MIN_MEM_MB MB of memory is not recommended and may consume most of the available resources, consider disabling this functionality by setting the DirCache option to 0.

3) ControlPort is open, but no authentication method has been configured. This means that any program on your computer can reconfigure your Tor. That's bad! You should upgrade your Tor controller as soon as possible.

4) /var/tor/keys is not owned by this user (tor, 52) but by root (0). Perhaps you are running Tor as the wrong user?

5) http status 400 ("Tor version is insecure or unsupported. Please upgrade!") response from dirserver '204.13.164.118:80', '128.31.0.34:9131', '131.188.40.189:80'...... Please correct.

6) Please upgrade! This version of Tor (0.3.2.10) is not recommended, according to the directory authorities. Recommended versions are: 0.2.9.15,0.2.9.16,0.2.9.17,0.3.5.8,0.3.5.9,0.4.0.5,0.4.0.6,0.4.1.2-alpha,0.4.1.3-alpha,0.4.1.4-rc,0.4.1.5,0.4.1.6,0.4.1.7,0.4.2.1-alpha,0.4.2.2-alpha,0.4.2.3-alpha,0.4.2.4-rc,0.4.2.5

7) Your system clock just jumped 224 seconds forward; assuming established circuits no longer work.

Cheers!

Lantis
Moderator
Posts: 5588
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Tor Relay problems - v1.11.0

Post by Lantis »

Is this using v1.11.0 or 1.11.x? If 1.11.x, which exact version?
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

ysy
Posts: 47
Joined: Sat Oct 28, 2017 12:24 pm

Re: Tor Relay problems - v1.11.0

Post by ysy »

Just upgraded to 1.12.0
Still got the same warning from dirservers... a lot of.
Apology for the belated reply.

Cheers

ispyisail
Moderator
Posts: 4833
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Tor Relay problems - v1.11.0

Post by ispyisail »

"preserve setting" or a backup file used to upgrade

ysy
Posts: 47
Joined: Sat Oct 28, 2017 12:24 pm

Re: Tor Relay problems - v1.11.0

Post by ysy »

ispyisail wrote:"preserve setting" or a backup file used to upgrade

fresh install. no setting preserved.

Armik
Posts: 47
Joined: Mon Mar 28, 2016 7:59 am

Re: Tor Relay problems - v1.11.0

Post by Armik »

hi, I decided to try your firmware again and the question immediately arises why the versions of packages from firmware to firmware are so old, like a tor, for example, this version has been unsupported for more than a year, and in general all packages are very very old.
WRT3200ACM
PC Engines APU2

Lantis
Moderator
Posts: 5588
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Tor Relay problems - v1.11.0

Post by Lantis »

In general, because there is 1 active developer, and several contributors.
There just isn't the time to keep up to date with every single package.

If you have a legitimate security concern, please feel free to make a formal bug so that i can look into something specific.
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

Armik
Posts: 47
Joined: Mon Mar 28, 2016 7:59 am

Re: Tor Relay problems - v1.11.0

Post by Armik »

As already mentioned above, this version of tor does not work because authoritarian catalogs are no longer supported tor simply discards connections of outdated versions. It is also not entirely clear to me how tor relay is organized in firmware since it is completely different from openwrt.
I tried to update version that is in directory /usr/sbin/tor but after update it does not start at all.
WRT3200ACM
PC Engines APU2

Lantis
Moderator
Posts: 5588
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Tor Relay problems - v1.11.0

Post by Lantis »

As a client?
Because i'm having no trouble at all in client configuration on 1.13.x.

Code: Select all

Mon Feb 24 22:19:25 2020 daemon.notice Tor[5221]: Catching signal TERM, exiting cleanly.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Tor 0.3.2.10 (git-31cc63deb69db819) running on Linux with Libevent 2.1.11-stable, OpenSSL 1.1.1d, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Read configuration file "/etc/tor/torrc".
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: You configured a non-loopback address '192.168.1.1:9053' for DNSPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: You configured a non-loopback address '192.168.1.1:9040' for TransPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.
Mon Feb 24 22:19:28 2020 daemon.warn Tor[12547]: ControlPort is open, but no authentication method has been configured.  This means that any program on your computer can reconfigure your Tor.  That's bad!  You should upgrade your Tor controller as soon as possible.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Scheduler type KIST has been enabled.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: You configured a non-loopback address '192.168.1.1:9053' for DNSPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: You configured a non-loopback address '192.168.1.1:9040' for TransPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Opening DNS listener on 192.168.1.1:9053
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Opening Transparent pf/netfilter listener on 192.168.1.1:9040
Mon Feb 24 22:19:28 2020 daemon.notice Tor[12547]: Opening Control listener on 127.0.0.1:9051
Mon Feb 24 22:19:30 2020 daemon.notice Tor[12547]: Bootstrapped 0%: Starting
Mon Feb 24 22:19:36 2020 daemon.notice Tor[12547]: Starting with guard context "default"
Mon Feb 24 22:19:36 2020 daemon.notice Tor[12547]: Bootstrapped 80%: Connecting to the Tor network
Mon Feb 24 22:19:36 2020 daemon.notice Tor[12547]: New control connection opened from 127.0.0.1.
Mon Feb 24 22:19:37 2020 daemon.notice Tor[12547]: New control connection opened from 127.0.0.1.
Mon Feb 24 22:19:38 2020 daemon.notice Tor[12547]: Bootstrapped 85%: Finishing handshake with first hop
Mon Feb 24 22:19:38 2020 daemon.notice Tor[12547]: Bootstrapped 90%: Establishing a Tor circuit
Mon Feb 24 22:19:39 2020 daemon.notice Tor[12547]: New control connection opened from 127.0.0.1.
Mon Feb 24 22:19:40 2020 daemon.notice Tor[12547]: New control connection opened from 127.0.0.1.
Mon Feb 24 22:19:40 2020 daemon.notice Tor[12547]: Tor has successfully opened a circuit. Looks like client functionality is working.
Mon Feb 24 22:19:40 2020 daemon.notice Tor[12547]: Bootstrapped 100%: Done
Mon Feb 24 22:19:41 2020 daemon.notice Tor[12547]: New control connection opened from 127.0.0.1.
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

Armik
Posts: 47
Joined: Mon Mar 28, 2016 7:59 am

Re: Tor Relay problems - v1.11.0

Post by Armik »

NOT A CLIENT !!!! TOR RELAY.
WRT3200ACM
PC Engines APU2

Post Reply