Bug #11736

torsocks complains when used with Monkeysign, but works anyway

Added by emmapeel 7 months ago. Updated 10 days ago.

Status:In ProgressStart date:08/27/2016
Priority:NormalDue date:
Assignee:anonym% Done:

10%

Category:-
Target version:Tails_2.12
QA Check:Ready for QA Blueprint:
Feature Branch:tails:feature/11736_add_torsocks_config Easy:
Type of work:Code Affected tool:

Description

Problem
-------

Scary message from torsocks before a long pause, says:

[Aug 26 13:53:36] ERROR torsocks[9563]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:666)
[Aug 26 13:53:36] ERROR torsocks[9563]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:666)

But if you wait some seconds, it presents you with the password prompt
and the connection happens.

What should happen:
-------------------

I shut it down several times because i thought it was dropping all packages, was not working. When I left it on, after several seconds, it worked.

But such an error message before a long pause makes it look like not working.

Is there a way to filter this messages?


Related issues

Related to Tails - Feature #8054: Add support for SOCKS proxy to check-mirror In Progress 10/12/2014

Associated revisions

Revision 406f924a
Added by intrigeri 10 days ago

Merge remote-tracking branch 'origin/feature/11736_add_torsocks_config' into feature/stretch (refs: #11736)

History

#1 Updated by emmapeel 7 months ago

  • Status changed from New to Confirmed

#2 Updated by intrigeri 7 months ago

  • Assignee set to emmapeel

Please provide the exact steps that will allow me to reproduce this bug, and then I'm happy to have a look :)

#3 Updated by emmapeel 7 months ago

Oops sorry...

running

torsocks monkeysign -u key_id@riseup.net --smtp=smtp.riseup.net:587 --smtpuser=key_id 0x1202821CBE2CD9C1

(more complete instructions wiaitng for review at
https://git-tails.immerda.ch/emmapeel/tails/tree/wiki/src/doc/advanced_topics/monkeysign.mdwn?h=docs/11240-monkeysign )

#4 Updated by emmapeel 7 months ago

  • Assignee deleted (emmapeel)

#5 Updated by intrigeri 7 months ago

  • Type of work changed from Discuss to Research

#6 Updated by intrigeri 7 months ago

  • Assignee set to emmapeel
  • Target version set to Tails_3.0
  • QA Check deleted (Info Needed)
  • Type of work changed from Research to Test

At first glance, I see two problems here, and both are in monkeysign:

  • if I got this report right, monkeysign apparently does not provide sufficient feedback about what's going on, so the user gets confused and thinks that the whole thing is stalled;
  • monkeysign lacks support for using a SOCKS5h proxy for its outgoing SMTP connections, so we have to use the Very Big Hammer (torsocks) approach, and then all kinds of things can behave in a weird way. torsocks 2.2 and AllowOutboundLocalhost 2 might fix the specific issue this ticket is about, though (one could confirm that by checking the firewall logs while reproducing the UX problem this ticket is about). We can easily retry once it's released and in Stretch (with a Tails ISO built from feature/stretch).

emmapeel: at this point, I see two options, that are compatible with each other. You could take these issues to monkeysign upstream. And you could test again in Tails/Stretch once it has torsocks 2.2, after setting AllowOutboundLocalhost 2 in its configuration file. I'll assume we go for the latter, since it's easier and could very well be good enough.

#7 Updated by intrigeri 7 months ago

  • Related to Feature #8054: Add support for SOCKS proxy to check-mirror added

#9 Updated by intrigeri 5 months ago

intrigeri wrote:

  • monkeysign lacks support for using a SOCKS5h proxy for its outgoing SMTP connections, so we have to use the Very Big Hammer (torsocks) approach, and then all kinds of things can behave in a weird way. torsocks 2.2 and AllowOutboundLocalhost 2 might fix the specific issue this ticket is about, though (one could confirm that by checking the firewall logs while reproducing the UX problem this ticket is about). We can easily retry once it's released and in Stretch (with a Tails ISO built from feature/stretch).

emmapeel: at this point, I see two options, that are compatible with each other. You could take these issues to monkeysign upstream. And you could test again in Tails/Stretch once it has torsocks 2.2, after setting AllowOutboundLocalhost 2 in its configuration file. I'll assume we go for the latter, since it's easier and could very well be good enough.

I've uploaded torsocks 2.2 to jessie-backports, so the nightly builds from our stable and devel branch should have it in 6-24 hours, which will allow you to more easily test this.

#10 Updated by intrigeri about 2 months ago

  • Related to Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS added

#11 Updated by emmapeel 10 days ago

  • Assignee changed from emmapeel to intrigeri

It works!

Using Tails 3.0beta2, after changing `AllowOutboundLocalhost` from 1 to 2, when running:

torsocks monkeysign -u  --smtp=smtp.riseup.net:587 --smtpuser=emma.peel [fingerprint of key to be signed]

I don't receive the weird errors anymore.

I still receive them without doing the change, though...

#12 Updated by intrigeri 10 days ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from intrigeri to u
  • Priority changed from Low to Normal
  • Target version changed from Tails_3.0 to Tails_2.12
  • % Done changed from 0 to 10
  • Type of work changed from Test to Code

So we'll set AllowOutboundLocalhost 2 in 2.12.

#13 Updated by intrigeri 10 days ago

  • Subject changed from Torsocks complains when used with Monkeysign, but works anyway to torsocks complains when used with Monkeysign, but works anyway

#14 Updated by intrigeri 10 days ago

  • Related to deleted (Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS)

#15 Updated by intrigeri 10 days ago

  • Blocks Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS added

#16 Updated by u 10 days ago

  • Feature Branch set to tails:feature/11736_torsocks_config

#17 Updated by intrigeri 10 days ago

  • Blocks deleted (Bug #12205: Confusing error message when (successfully) cloning Git repos over HTTPS)

#18 Updated by u 10 days ago

  • Assignee changed from u to intrigeri
  • Feature Branch changed from tails:feature/11736_torsocks_config to tails:feature/11736_add_torsocks_config

#19 Updated by u 10 days ago

  • Assignee changed from intrigeri to anonym
  • QA Check set to Ready for QA

I've added a configuration file for torsocks. It's basically the same file as in feature/stretch, except that it's using a different value, in order to resolve this bug.

#20 Updated by intrigeri 10 days ago

FTR I've merged this into feature/stretch, and agree with this change for 2.12.

Also available in: Atom PDF