logs archiveIRC Archive / Oftc / #tor / 2010 / April / 22 / 1
arma
barkerjr: actually, that's great. it means we've figured out what the problem is. :) now we just have to solve it.
BarkerJr
ok, cool
so I shouldn't skip 0.2.2.12 to 0.2.2.13, should I? :)
arma
0.2.2.11-alpha should be ok as long as you don't tickle the crash bugs
0.2.2.12-alpha should be better though, yes
BarkerJr
my 0.2.2.7 is very stable :)
arma
a good vintage
ryanakca
#privoxy forwards me here for questions. Should I ask my privoxy question in #nottor ?
_lance_
Any web-based tor status pages up? I've got issues with torstatus.kgprog.com, torstatus.blutmagie.de and torstat.xenobite.eu
Sebastian
ryanakca: just ask your question. We'll tell you to go elsewhere.
_lance_: http://torstatus.blutmagie.de/ works fine for me. Define issues
_lance_
Scratch that. I was imagining things, blutmagie works.
Thanks
         

ryanakca
Can I setup privoxy in order to use it all the time, and the only thing that changes is wether or not I use Tor (presumably by using Torbutton to switch between the privoxy-Tor port and the privoxy-only port)?
Sebastian
The Torbutton part question is a fine question for here. The other question really is a privoxy question. I have no idea if privoxy supports that. It should come with a manual, though?
ryanakca
Sebastian: I'll hunt around. Thanks.
Anaxim
hello
I have what I think is a minor configuration problem, and despite attempting to follow clear directions from the bug tracker, am unable to resolve it.
might I bother someone here for assistance?
Sebastian
Anaxim: just ask. Someone might answer. Depedning on who is available, it might take some time. I for one am just leaving, for example. ;)
Anaxim
ah, very good.
Sebastian
But if you're still there when I wake up, I will help you if nobody has helped so far.
Anaxim
I am running the Vidalia 0.2.8 client on top of tor 0.2.1.15-rc and Qt 4.6.1
My client stops at "Establishing an encrypted directory connection"
and when I peek into my message log, I find the following "Apr 21 13:48:33.093 [Warning] TLS error: unexpected close while renegotiating"
After browsing the bug tracker, I found https://bugs.torproject.org/flyspray/index.php?do=details&id=1225 which directed me to a simple terminal command, but that did not yield anything fruitful
please help!
nickm
Anaxim: upgrade to a recent Tor, maybe? I think you need a fix that 0.2.1.15-rc does not have.
Anaxim
How?
downloading a new client doesn't update tor, nickm. any specific direction you could offer?
arma
are you on osx?
if so, you need to uninstall all your tor stuff. somewhere in there we broke the installer so it doesn't upgrade you well.
Francis_
could anyone tell me why OTR is so fast if it uses Tor?
GodfatherofEir1
How do I compile from source on ubuntu? I keep running into an error with libssl, but that's not in the repos (at least not by that exact name)
nickm
What error do you run into? Knowing the exact message might help.
_lance_
why compile from source by the way?
GodfatherofEir1
_lance_, I've had problems with the repo candidates
_lance_
ah
GodfatherofEir1
http://pastebin.com/YhgXnZRT
_lance_
libssl0.9.8 and libssl-dev ?
GodfatherofEir1
I believe so
         

phobos
the directions for compiling are on the debian page, i believe
_lance_
those are the relevant package names under 8.04 i believe
Anaxim
arma: took me a little bit to figure out the uninstall, but I've got a functional connection again. thanks!
phobos
you were running a recent version of everything, which means an uninstall wasn't needed, odd
you/they
arma
phobos: no, he was running 0.2.1.15-rc and it stayed that way when installing the new bnudle
Lucky
As I am reading the discussion on or-dev, I can't help but think that if you knew why one of my virtually identical Tor nodes has twice as many connections open than the other, you would know root cause of the issue. (Not that I care if my Tor nodes have 20k or even 40k of open connections).
phobos
that was new enough to have the new installer though
and since vidalia was 0.2.8, it already was looking for a different tor
arma
lucky: tonga is avoided by clients, since it's got an Authority flag
lucky: you're a special case
Lucky
Ah. There goes that hope :-)
arma
lucky: i think we've got a good handle on the problem. the question now is how best to solve it.
Francis_
could anyone tell me why OTR is so fast if it uses Tor?
arma
francis_: your question is ill-formed. so nobody knows what you mean.
"it's not fast" "IM is not real-time so it feels fast enough" "you're not using tor"
Francis_
the messages are sent and received so quickly, it makes no sense that it could be going through tor
arma
maybe it isn't?
phobos
IM is little bandwidth
Francis_
oh
phobos
how are you using IM with OTR?
Francis_
what about latency?
phobos
otr alone doesn't use tor
Lucky
Well, then let me throw this one in. I noticed that there is still discussion going on about OpenSSL's buffer memory consumption. Two years after a certain individual that prefers to be anonymous on IRC and who REALLY understands the issue explained how to fix it. I am surprised that this is still being talked about. (Not related to the current fire, of course).
phobos
otr is an add-on to inst msg clients, not a client itself
Francis_
how do you set it up to use tor?
phobos
which inst msg client?
Francis_
im using msn
arma
lucky: we have a patch in openssl that gets rid of the excess buffer memory consumption. however, two years is not enough time for any distributions to be shipping that openssl.
Francis_
pidgin
arma
lucky: it's possible tor should just reach inside openssl and start doing stuff itself. and handle every possible version of openssl, including the lies from os x about what version of openssl it gives you.
Lucky
arma: ship your own OpenSSL?
arma
we do on windows and osx, which is where none of our relays are
Francis_
phobos, how do you set it up to use tor?
phobos
Francis_: pidgin alone or pidgin in the tor browser bundle?
Francis_
pidgin alone
in Linux
Lucky
If your upstream can't apply patches in two years, this is a hit that you should ship your own version on all platforms. ;)
hint
misc
well, openssl is quite a sensitive issue ( *khof* debian random *khof* )
arma
lucky: our upstream seems to spend its time removing critical components of openssl without changing the openssl version, actually. that keeps us busy enough.
Francis_
phobos, pidgin on linux
phobos
Francis_: https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO/InstantMessaging#Pidgin
Lucky
arma: yeah, I followed that (irresponsible) saga. All the more reason to ship your own version of OpenSSL. Though it wouldn't have helped for the renegotiation issue, since (sorry Ben) that move effectively killed SSL renegotiation on the Internet.
And what a useful and under appreciated (and under documented) feature it was...
arma
the saga actually continues. a few weeks ago centos backported that whole patch to its openssl while leaving its openssl version claiming it's years out of date
silly us for thinking we could rely on the header files (os x) or rely on the actual shipped library (centos)
Lucky
I did mention the benefits of shipping your own version of OpenSSL recently, I believe? ;-)
arma
in any case, renegotiation never did what we wanted. if you look at the wire, you can see that a renegotiation was requested.
so much for "tunneled inside the first tls"
misc
and mhh, what about using another ssl library ? ( maybe I am just saying something stupid )
arma
misc: to a first approximation, there aren't any.
misc
there is gnutls, and mozilla nss, but maybe they are not suitable for what tor does
Lucky
Fair enough. I forgot that you can see it in the control channel when I proposed the use of this feature. That said, there are (honestly) good reasons for a renegotiation to take place. Though I don't know how common that case was in practice, given how under-documented that feature was.
arma
misc: we want the tls that includes ephemeral diffie-hellman. last i checked, gnutls couldn't do that server-side.
Lucky
So mea culpa if I lead you down the garden path. Still no excuse for OpenSSL to kill that feature.
micah
i'm trying to use 'arm' and finding 'isGuard' is not defined (http://micah.riseup.net/pastes/2010-04-21T210909.qT55hWPfld)
atagar: I suppose I should query you
nsa
or: [tor/master] 2010-04-22 01:35:18 Roger Dingledine <arma@torproject.org>: finally get rid of "clique mode"
keb
tor has cliques?
howcome i wasnt invited
arma
you're not a relay
("you're a human being")
keb
(Action) feels better
arma
unless you'd like to have a mainline straight from your brain to every authority, all the time
keb
havent had those sockets put in behind my ears yet :/
does this mean a step toward more scalable loosely integrated network
arma
nope
well, a mild shuffle toward one
katmagic
Why was it called clique mode?
arma
once upon a time the tor network was a fully connected clique
atagar
(Action) appears
root? tisk, tisk
katmagic
Eek! A ghost!
atagar
michah: is this with the tarball version?
michah: nm, it is - problem found
Thanks for the catch! I'll get out a fix in a day or so, in the meantime I'd suggest the svn version (the release you're using is ancient)
arma
micah: ^^
micah
arma: thanks for the highlight :)
atagar: and thanks for the fix!
_lance_
wowsers.. that's some reaction to the newest south park episodes
er, not the channel for it, nm
Francis_
is it possible somehow to play radio through tor on linux?
atagar
tab completion was made for a reason... (oops)
Francis_
I know how to set it up properly but it doesn't work.
\is ixquick the new default redirect when tor detects a captcha?
katmagic
Francis_: Sort of, but you shouldn't do it, and it'll be a really unpleasant experience.
phobos
katmagic: how so?
katmagic
It'd be like watching YouTube over Tor, except without a buffer.
phobos
oh, the radio bit
_lance_
well.. you can set a buffer in say winamp
phobos
it depends on your circuit
i've done voip and video calls over tor just fine
Francis_
phobos, are there any IP address leaking risks associated with making voip calls?
micah
atagar: seems you took the cookie option out of the svn trunk :(
phobos
Francis_: i'm sure there are lots
Francis_
does anyone care to let me know if this is abnormal to be redirected to ixquick when "tor detect[s] a captcha"?
phobos
it's normal in torbutton 1.2.5
Francis_
what happens when they start DoSing ixquick?
atagar
micah: it autodetects now (so that option's unnecessary)
micah
atagar: ah! i'll give a shot then
Francis_
I don't have anything against ixquick, I like it infact, but was curious.
phobos
well, i gave ixquick a heads up actually
katmagic
This is the first time I've heard of Ixquick.
phobos
they said they could handle it
ixquick = startpage.com
micah
atagar: hmm, i've been running it for a while now, and nothing but blank screen
atagar
micah: that's interesting (never had that happen before!)
without a stack trace or some other indicator of what's going wrong I'm at a bit of a loss...
lets start with trying to type 'q' a bunch of times - does it quit? (if so it's a terminal refresh problem beyond arm, if not then... hmmm...)
Anything special about the system you're using? Unsual torrc? Odd OS?
micah
atagar: its a debian lenny system, pretty standard there
running 0.2.2.12-alpha-1~~lenny+1 tor version
tried qqqqqq nothing happened, got it to quit with a control-c
atagar: doing a strace on the process and see it is running through doing a lot of these:
sendto(3, "GETINFO ip-to-country/67.249.213."..., 38, 0, NULL, 0) = 38
futex(0xbd1ce0, FUTEX_WAIT_PRIVATE, 0, NULL
different ips...
atagar
try running arm via the starter ("python init/starter.py") then using control-c to quit (that should at least give some stack trace)
micah
yeah, just did that, didn't get a stack
atagar
ahhh, catching the keyboard interrupt (oops!)
are you confident enought to make minor tweaks to python?
micah
sure
arma
for those relay operators who are having memory problems from too many connections, see my tor-relays mail. i have your solution.
atagar
ok - at the end of interface/controller.py please take out the try/catch (that should give us the interrupt trace)
micah
atagar: ooh
atagar
micah: also, try running with the -b option
that'll skip the connection page (and hence those sendto calls)
micah
atagar: http://micah.riseup.net/pastes/2010-04-22T000802.8r1L9xXxLd
seems to still be doing country-code lookups
atagar
yup, looks like - does the -b option fix it?
micah
atagar: I was running with -b
atagar: python init/starter.py -b
atagar
and it still provides this trace (with connPanel.py)?
arma
(rggh. did my tor-relays mail actually arrive?)
micah
arma: haven't found it yet
_lance_
i don't see it on the web archive yet
arma
so sad.
_lance_
got a ticket number?
keb
Attached is that patch. It only applies against git head,
is that the one
arma
yes!
_lance_
one of my relays is pumping a lot of traffic and only has 128mb of ram.. if i could get it to use slightly less ram it could do more.
atagar
micah: one sec, looking into TorCtl (odd that it's waiting, which is making me suspicious...)
micah
atagar: no prob. thanks for looking
arma
atagar
micah: Thanks for reporting this! Spotted something I really don't like in TorCtl - "while not result: condition.wait()"
mikeperry: you around?
micah: at the moment I'm suspecting that for some reason tor isn't responding to your ip-to-country GETINFO requests, hence causing TorCtl to wait indefinately (never seen this sort of issue before - hopefully Mike will have some ideas)
micah
atagar: could it be because I have 14k connections or so?
atagar
micah: oh... I have had reports that arm isn't working well at the moment with especially busy relays (I'm trying to correct this in the next release, but that's still a month or so out)
arma
micah: you can become less busy by using the tarball i just sent out :)
micah
haha :)
arma
(not to stop you from tracking two bugs at once...)
micah
arma: that would be three actually
atagar
back to the earlier question then, you're still getting this sort of stack trace with the -b option? (connPanel.py shouldn't be getting called at all with that option)
micah
i'm trying to maintain more than 4 days uptime to prove I've solved this kvm bug, and I just put -12-alpha on last night
atagar: i am invoking it as follows: python init/starter.py -b
atagar: which I guess means the answer to your questio is yes
« prev 1 2 3 next »