logs archiveIRC Archive / Oftc / #tor / 2010 / February / 24 / 1
steffan
rudi_s: "content-type" content="text/html"
if you are talking about http://www.torproject.org
rudi_s
Weird, I just tried it with curl http://www.torproject.org/ and get text/x-perl as content type.
Ah, it's not in english, but for polish pages, like download-unix.html.pl
bja
steffan: Can i pm you?
rudi_s
Can you confirm this?
steffan
rudi_s: "content-type" content="text/html;
no mention of x-perl in easy-download.html.pl - http://pastebin.com/QGJ2FTCi
rudi_s
steffan: Ah, I meant in the HTTP header. like curl -D - http://...
But now I get text/html as content-type too .. maybe a bad exit node or a temporary problem.
user123abc456def
did anyone else notice that https://www.torproject.org/dist/tor-0.2.1.24.tar.gz returned 404 around 10:00 GMT today?
arma
rudi_s: http://archives.seul.org/tor/translation/Feb-2010/msg00003.html
rudi_s
arma: Thanks.
         

bja
What does this mean ? Requested exit point '.....' is not known. Closing.
it has a long string of hex digits i believe
Sebastian
were you using .exit notation, mapaddress or hidden services?
bja
Not sure, but it is a posibility
I checked the time frame, and actually i was using a hidden service
Sebastian
ok. That probably means that the hidden service specified an intro point that wasn't available to your client.
bja
Sebastian: thx
arma
rudi_s: should be mostly solved now.
rudi_s
arma: Perfect, thanks again.
anrxc
I upgraded alpha to the latest and can't open anything, only difference in the log was this message: "OpenSSL 0.9.8h looks like it's older than 0.9.8l, I'll set SSL3_FLAGS just to be safe."
Sebastian
what is your os? How did you install?
anrxc
I run Slackware 11.0 on that machine, just built it, because just last night I upgraded to 0.2.2.8 (if only I waited an hour I thought)
and how did I build it? nothing special changed only things like --with-tor-user
Sebastian
you say you cannot open anything. What does that mean?
anrxc
sorry, I should have phrased it better. I can not open a web page, or use torify, although the log said a circuit was successfully built
Sebastian
is your socksport open?
anrxc
not 24 hours ago I installed 0.2.2.8-alpha, and it was working
Sebastian
(check with netstat or similar)
anrxc
Sebastian: I kind of hoped someone else already run unti problems (maybe even because of that SSL message)
Sebastian
I've used 0.2.2.9-alpha without problems as a client, sorry ;)
anrxc
Sebastian: then as you suspect, most likely it's a problem on my side... I will check back here if I can't get it working to maybe file a bug report
Sebastian
good luck.
If you need help debugging, someone here is likely to be able to help
anrxc
thanks
Slackware 11 is getting old, this proves I barely trust it
I mean because of outdated sofware and libraries
         

Sebastian
hm
what openssl version do you actually have?
also, does slackware do security backports or something like that?
BarkerJr
I get that same warning on centos 5.4, also
Sebastian
warning?
BarkerJr
but I'm pretty sure that rhel does backports
murb
does slackware even have security support?
Sebastian
BarkerJr: what warning?
anrxc
yes, even toda it still publishes security updates back to slackware v 8
today*
BarkerJr
OpenSSL OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 [90802f] looks like it's older than 0.9.8l, but some vendors have backported 0.9.8l's renegotiation code to earlier versions. I'll set SSL3_FLAGS just to be safe.
Sebastian
that's a warning?
I find that hard to believe.
BarkerJr
it looks like one to me
Sebastian
doesn't it say notice before that?
BarkerJr
yes
anrxc
the same that spooked me :)
Sebastian
so it's not a warning, but a notice.
BarkerJr
it's not a notice... it's a debug or a warning
Sebastian
hm?
BarkerJr
are you going to make me file a bug to get it changed to debug? :P
Sebastian
no?
It is a notice, and suppose it is a notice on purpose.
BarkerJr
why?
Sebastian
otherwise it would get an info loglevel
BarkerJr
what is its purpose?
Sebastian
It notifies you that it enabled the renegotiation fix
BarkerJr
so, if I don't see it, then I should assume it's still vulnerable?
why do I care?
Sebastian
vulnerable?
Tor was never vulnerable to the renegotiation bug
If you feel that this shouldn't be a notice, file a bugreport or ask nickm.
I was surprised that this wasn't loglevel info, but who cares
BarkerJr
it just seems like something which has one of two uses: 1) to /warn/ people they need to upgrade, or 2) to help /debug/ a problem someone's experiencing
what are we /notifying/ about?
Sebastian
we're telling the user "hey, I'm using the renegotiation workaround"
same as we're notifying the user "hey, I initialized libevent with method xy"
BarkerJr
we could say hey, we're running a a bridge
Sebastian
no
the user configures that
in their torrc
they already know.
BarkerJr
they don't configure libevent?
I do
you guys yell at me when I run with libevent 1.1 that comes with centos :P
Sebastian
sure, because using a libevent that old is braindead
BarkerJr
lol
Sebastian
not your fault, of course
but still
Do you really not see my point?
BarkerJr
hehe, ok
bbl
Sebastian
Sure, that message is very technical. As I said, personally I would've chosen loglevel info.
But notice is ok, too
formalist
is there a tor controller option that allows a hidden service operator to see the public key being used by a client to communicate with it?
arma
formalist: which public key? (the answer in any case is no)
formalist
i'd imagine it changes.
nsa
or: n8fr8 committed revision 21748 (/projects/android/trunk/Orbot/res): updated resources file to add new preferences, modified help text
formalist
it might be nice to track they key used to send encrypted messages to the client. i doubt it is the same one every time, though.
nsa
or: n8fr8 committed revision 21749 (/projects/android/trunk/Orbot/src/org/torproject/android): added check for trans proxy preference
arma
formalist: the hidden service uses the same perfect-forward-secret session key design as normal circuits.
nsa
or: arma committed revision 21750 (/website/trunk/en): transcribe the RelayMemory faq entry
or: arma committed revision 21751 (/website/trunk/en): make the RelayMemory faq entry actually provide useful tips
or: pootle committed revision 21752 (/translation/trunk/projects/website/nl): Commit from The Tor Translation Portal by user runa. 67 of 67 messages translated (0 fuzzy).
or: pootle committed revision 21753 (/translation/trunk/projects/website/fr/torvm): Commit from The Tor Translation Portal by user runa. 61 of 61 messages translated (0 fuzzy).
or: sebastian committed revision 21754 (/projects/todo): one more branch
Mhu
someone can help me about Tor network and keys ?
Runa
Mhu: you could email the list as well, see if anyone can help you there
Mhu: also, asking your question instead of asking if you can ask a question is much better :)
Mhu
okok
thank you
i need to understand step by step key generation and exchange from TLS link setup to setup tor circut.
Runa
and you've read the documentation?
ln5
Mhu: I found the paper "Tor: The Second-Generation Onion Router" very informative: http://www.torproject.org/doc/design-paper/tor-design.html
Runa
ln5: :)
Mhu
i have read the documentation
but
don't explain in details the generation of keys
Runa
Mhu: I suggest sending an email to or-talk. Most people are in another timezone and will be awake later :)
Mhu: see http://archives.seul.org/or/talk/
Mhu
ok thanks very much for your help :)
Runa
np, remember to mention which documents you have already checked :)
Mhu
ok
SwissTorExit
mornong to everyone :P
Sebastian
moin
SwissTorExit
hello Seb :P
murb: hello m8, are you here , i have the other message about invalid unicast packetm if you here i pv you and so you can explain me what that
or maybe you seb, can you maybe told me if are Tor traffic or others, have you 1 min Sebastian ?
Sebastian
maybe you just ask your quesiton
question*
SwissTorExit
nah, i pv you because there ip provided
if are ok for you,
Sebastian
go ahead...
grumpy3
hello, all
SwissTorExit
hello grumpy3
grumpy3
still very frustrated by my Tor exit node that fu*ked up my network... ;)
SwissTorExit
why that ?
ln5
grumpy3: have you measured the actual bandwidth it's using?
grumpy3
sure, with arm
ln5
vnstat, nload or mrtg
ok, good
Sebastian
ln5: it appears to be more a problem of too many connections, and some component cannot handle that
ln5
cause i see one of my relays chewing up approx double the bw i gave it in config
Sebastian: oh, right. i remember now, the ping that you couldn't interrupt and stuff.
Sebastian
probably because the value in config is the one for upload or download
grumpy3
I've tried with a very small bandwith (around 40kB/s) and the problem is still there
Sebastian
not both combined
grumpy3
however, less visible
ln5
Sebastian: BandwidthRate and BandwidthBurst in torrc?
Sebastian
ln5: that comment about the config was for you ;)
ln5: yes
ln5
Sebastian: ok. set them to 5MB and 10MB respectively and am now pushing ~16 Mbps, which is weird.
grumpy3
ln5: wait: B or b?
ln5
2100 kB/s
which is about 16,4 Mbps
grumpy3
yep
ln5: but you tell it is pushing 16Mbps, with a small b
Sebastian
ln5: 5MB/s are 40Mbps
ln5
meaning Mega-bits-per-second
Sebastian
ln5: Tor doesn't accept bits in its config.
it likes bytes.
ln5
lol
Sebastian
what's funny?
ln5
(Action) feels a bit embarrassed
i've been thinking bits per second in config all the time, when i "know" it's bytes.
thanks
dun
how safe is javascript when using torbutton? mibbit.com for example requires js, is it 100% safe to use it?
Sebastian_
nothing is 100% safe
but Torbutton prevents most attacks
dun
but if someone wants 100% anonymity its better to turn off js completely?
(yes, I know that brings another risk since only few people do it)
Sebastian_
no
Malkovich
Hello
dun
so I will have to use the old fashioned non-tor anonymity and get a prepaid SIM :)
Malkovich
As you wish
tornweb
Has anyone here gotten wget to work through tor on Linux? I keep getting "ERROR 501: Tor is not an HTTP Proxy"
I'm assuming I have to make it go through privoxy or polipo?
Runa
tornweb: what have you tried so far?
tornweb: that is, what is the command that you type?
tornweb
wget -r -proxy=on http://www.google.com
Runa
maybe you can do this with torify? 'torify wget -r http://www.google.com' or something
tornweb
hmm, let me try
nope, same error
Runa
does the man page for wget say anything interesting for '-proxy=on'?
tornweb
nope, and I've found several web pages claiming this is the correct way to use wget through tor
Sebastian
tornweb: assuming your polipo/privoxy runs on port 8118, try this:
http_proxy=127.0.0.1:8118 wget -r -proxy=on http://ww.google.com
tornweb
ok, one sec
Sebastian
the -proxy seems strange to me
but if you're sure wget has such an option, that should work.
"http_proxy=127.0.0.1:8118 wget -r
tornweb
Sebastian, are you on windows or linux?
Sebastian
OS X
where are you trying this?
tornweb
linux
Sebastian
should work.
tornweb
I just had to tranpose some syntax
it did
thanks
your a lifesaver
retrieving my source code from a site I built
« prev 1 2 next »