Bug #11736

torsocks complains when used with Monkeysign, but works anyway

Added by emmapeel 12 months ago. Updated 3 months ago.

Status:ResolvedStart date:08/27/2016
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:-
Target version:Tails_3.0~rc1
QA Check:Pass Blueprint:
Feature Branch:tails:feature/11736_add_torsocks_config Easy:
Type of work:Code Affected tool:

Description

Problem
-------

Scary message from torsocks before a long pause, says:

[Aug 26 13:53:36] ERROR torsocks[9563]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:666)
[Aug 26 13:53:36] ERROR torsocks[9563]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:666)

But if you wait some seconds, it presents you with the password prompt
and the connection happens.

What should happen:
-------------------

I shut it down several times because i thought it was dropping all packages, was not working. When I left it on, after several seconds, it worked.

But such an error message before a long pause makes it look like not working.

Is there a way to filter this messages?


Related issues

Related to Tails - Feature #8054: Add support for SOCKS proxy to check-mirrors In Progress 10/12/2014

Associated revisions

Revision 406f924a
Added by intrigeri 5 months ago

Merge remote-tracking branch 'origin/feature/11736_add_torsocks_config' into feature/stretch (refs: #11736)

History

#1 Updated by emmapeel 12 months ago

  • Status changed from New to Confirmed

#2 Updated by intrigeri 12 months ago

  • Assignee set to emmapeel

Please provide the exact steps that will allow me to reproduce this bug, and then I'm happy to have a look :)

#3 Updated by emmapeel 12 months ago

Oops sorry...

running

torsocks monkeysign -u key_id@riseup.net --smtp=smtp.riseup.net:587 --smtpuser=key_id 0x1202821CBE2CD9C1

(more complete instructions wiaitng for review at
https://git-tails.immerda.ch/emmapeel/tails/tree/wiki/src/doc/advanced_topics/monkeysign.mdwn?h=docs/11240-monkeysign )

#4 Updated by emmapeel 12 months ago

  • Assignee deleted (emmapeel)

#5 Updated by intrigeri 12 months ago

  • Type of work changed from Discuss to Research

#6 Updated by intrigeri 11 months ago

  • Assignee set to emmapeel
  • Target version set to Tails_3.0
  • QA Check deleted (Info Needed)
  • Type of work changed from Research to Test

At first glance, I see two problems here, and both are in monkeysign:

  • if I got this report right, monkeysign apparently does not provide sufficient feedback about what's going on, so the user gets confused and thinks that the whole thing is stalled;
  • monkeysign lacks support for using a SOCKS5h proxy for its outgoing SMTP connections, so we have to use the Very Big Hammer (torsocks) approach, and then all kinds of things can behave in a weird way. torsocks 2.2 and AllowOutboundLocalhost 2 might fix the specific issue this ticket is about, though (one could confirm that by checking the firewall logs while reproducing the UX problem this ticket is about). We can easily retry once it's released and in Stretch (with a Tails ISO built from feature/stretch).

emmapeel: at this point, I see two options, that are compatible with each other. You could take these issues to monkeysign upstream. And you could test again in Tails/Stretch once it has torsocks 2.2, after setting AllowOutboundLocalhost 2 in its configuration file. I'll assume we go for the latter, since it's easier and could very well be good enough.

#7 Updated by intrigeri 11 months ago

  • Related to Feature #8054: Add support for SOCKS proxy to check-mirrors added

#9 Updated by intrigeri 10 months ago

intrigeri wrote:

  • monkeysign lacks support for using a SOCKS5h proxy for its outgoing SMTP connections, so we have to use the Very Big Hammer (torsocks) approach, and then all kinds of things can behave in a weird way. torsocks 2.2 and AllowOutboundLocalhost 2 might fix the specific issue this ticket is about, though (one could confirm that by checking the firewall logs while reproducing the UX problem this ticket is about). We can easily retry once it's released and in Stretch (with a Tails ISO built from feature/stretch).

emmapeel: at this point, I see two options, that are compatible with each other. You could take these issues to monkeysign upstream. And you could test again in Tails/Stretch once it has torsocks 2.2, after setting AllowOutboundLocalhost 2 in its configuration file. I'll assume we go for the latter, since it's easier and could very well be good enough.

I've uploaded torsocks 2.2 to jessie-backports, so the nightly builds from our stable and devel branch should have it in 6-24 hours, which will allow you to more easily test this.

#10 Updated by intrigeri 7 months ago

  • Related to Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS added

#11 Updated by emmapeel 5 months ago

  • Assignee changed from emmapeel to intrigeri

It works!

Using Tails 3.0beta2, after changing `AllowOutboundLocalhost` from 1 to 2, when running:

torsocks monkeysign -u  --smtp=smtp.riseup.net:587 --smtpuser=emma.peel [fingerprint of key to be signed]

I don't receive the weird errors anymore.

I still receive them without doing the change, though...

#12 Updated by intrigeri 5 months ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from intrigeri to u
  • Priority changed from Low to Normal
  • Target version changed from Tails_3.0 to Tails_2.12
  • % Done changed from 0 to 10
  • Type of work changed from Test to Code

So we'll set AllowOutboundLocalhost 2 in 2.12.

#13 Updated by intrigeri 5 months ago

  • Subject changed from Torsocks complains when used with Monkeysign, but works anyway to torsocks complains when used with Monkeysign, but works anyway

#14 Updated by intrigeri 5 months ago

  • Related to deleted (Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS)

#15 Updated by intrigeri 5 months ago

  • Blocks Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS added

#16 Updated by u 5 months ago

  • Feature Branch set to tails:feature/11736_torsocks_config

#17 Updated by intrigeri 5 months ago

  • Blocks deleted (Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS)

#18 Updated by u 5 months ago

  • Assignee changed from u to intrigeri
  • Feature Branch changed from tails:feature/11736_torsocks_config to tails:feature/11736_add_torsocks_config

#19 Updated by u 5 months ago

  • Assignee changed from intrigeri to anonym
  • QA Check set to Ready for QA

I've added a configuration file for torsocks. It's basically the same file as in feature/stretch, except that it's using a different value, in order to resolve this bug.

#20 Updated by intrigeri 5 months ago

FTR I've merged this into feature/stretch, and agree with this change for 2.12.

#21 Updated by anonym 4 months ago

  • Assignee changed from anonym to intrigeri
  • QA Check changed from Ready for QA to Info Needed

With this configuration change in Tails 2.x, I still see the Unable to resolve errors and experience a long delay. IMHO: let's forget about this for Tails 2.x, and call it fixed in Tails 3.0. Thoughts?

#22 Updated by intrigeri 4 months ago

  • Assignee changed from intrigeri to anonym
  • QA Check changed from Info Needed to Ready for QA

With this configuration change in Tails 2.x, I still see the Unable to resolve errors and experience a long delay.

Interesting. I thought that u had tested this change before proposing it. Anyway:

IMHO: let's forget about this for Tails 2.x, and call it fixed in Tails 3.0. Thoughts?

ACK!

#23 Updated by anonym 4 months ago

  • Target version changed from Tails_2.12 to Tails_3.0

#24 Updated by u 4 months ago

Weird, i've tested that and it worked.

Is it normal that I don't see the file here: https://labs.riseup.net/code/projects/tails/repository/revisions/406f924ae3fc7a915ba17b2590e3a7e113ba3169?

#25 Updated by intrigeri 4 months ago

  • Target version changed from Tails_3.0 to Tails_3.0~rc1

#26 Updated by anonym 4 months ago

  • Status changed from In Progress to Fix committed
  • Assignee deleted (anonym)
  • % Done changed from 10 to 100
  • QA Check changed from Ready for QA to Pass

u wrote:

Weird, i've tested that and it worked.

Whatever, let's forget about it.

Is it normal that I don't see the file here: https://labs.riseup.net/code/projects/tails/repository/revisions/406f924ae3fc7a915ba17b2590e3a7e113ba3169?

It's normal. That commit is a merge commit, and it will only list files for which there was conflicts.

#27 Updated by intrigeri 3 months ago

  • Status changed from Fix committed to Resolved

Also available in: Atom PDF