Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

can't change exit nodes/receive new IP in Tor window #19371

Closed
kjozwiak opened this issue Nov 11, 2021 · 3 comments · Fixed by brave/brave-core#11028
Closed

can't change exit nodes/receive new IP in Tor window #19371

kjozwiak opened this issue Nov 11, 2021 · 3 comments · Fixed by brave/brave-core#11028
Labels
feature/tor OS/Desktop QA Pass-macOS QA Pass-Win64 QA/Test-Plan-Specified QA/Yes regression release/blocking release-notes/exclude
Milestone
1.32.x - Release

Comments

@kjozwiak
Copy link
Member

Description

With C96, users won't be able to connect to a new exit node/get a new IP address. Doing a hard refresh or running through Hamburger Menu -> New Tor connection for this site doesn't work/change the IP address.

Steps to Reproduce

  1. launch a build that has C96 (used 1.32.97 Chromium: 96.0.4664.35 in this case)
  2. launch a Tor window
  3. visit https://check.torproject.org
  4. hard refresh (notice that the IP/exit node doesn't change)
  5. try changing the exit node via Hamburger Menu -> New Tor connection for this site (nothing happens)

Actual result:

Can't connect to a new exit node/get a new IP address in Tor windows.

Expected result:

Users should be able to change exit nodes/get new IP addresses like they did in previous versions

Reproduces how often:

100% reproducible using the above STR

Brave version (brave://version info)

Brave | 1.34.3 Chromium: 96.0.4664.35 (Official Build) nightly (64-bit)
-- | --
Revision | 8df3babf8da8faa8aacb78f4848ef66a93b4944b-refs/branch-heads/4664@{#680}
OS | Windows 11 Version 21H2 (Build 22000.318)

Version/Channel Information:

  • Can you reproduce this issue with the current release? N/A (but it's in the current 1.32.x RC)
  • Can you reproduce this issue with the beta channel? Yes
  • Can you reproduce this issue with the nightly channel? Yes

Other Additional Information:

  • Does the issue resolve itself when disabling Brave Shields? N/A
  • Does the issue resolve itself when disabling Brave Rewards? N/A
  • Is the issue reproducible on the latest version of Chrome? N/A

Miscellaneous Information:

CCing @diracdeltas @brave/legacy_qa @mkarolin @rebron
@kjozwiak kjozwiak added this to the 1.32.x - Release milestone Nov 11, 2021
@GeetaSarvadnya
Copy link

Reproduced on Windows 10 x64 - 1.32.97

@stephendonner
Copy link

stephendonner commented Nov 11, 2021
edited
Loading

Looks like this is related to the SOCK5 auth rewrite in CR96; I see this in the logs from brave://tor-internals, Tor Control Events tab:

STREAM: 8 NEW 0 check.torproject.org:443 SOURCE_ADDR=127.0.0.1:53969 PURPOSE=USER SOCKS_USERNAME="torproject.org" SOCKS_PASSWORD="4771A464A547FF65676C7E0F984A2726" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-4 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH STREAM: 8 SENTCONNECT 1 check.torproject.org:443 SOCKS_USERNAME="torproject.org" SOCKS_PASSWORD="4771A464A547FF65676C7E0F984A2726" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-4 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH STREAM: 8 REMAP 1 116.202.120.181:443 SOURCE=EXIT SOCKS_USERNAME="torproject.org" SOCKS_PASSWORD="4771A464A547FF65676C7E0F984A2726" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-4 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH STREAM: 8 SUCCEEDED 1 116.202.120.181:443 SOCKS_USERNAME="torproject.org" SOCKS_PASSWORD="4771A464A547FF65676C7E0F984A2726" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-4 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH STREAM: 8 CLOSED 1 116.202.120.181:443 REASON=END REMOTE_REASON=DONE SOCKS_USERNAME="torproject.org" SOCKS_PASSWORD="4771A464A547FF65676C7E0F984A2726" CLIENT_PROTOCOL=SOCKS5 NYM_EPOCH=0 SESSION_GROUP=-4 ISO_FIELDS=SOCKS_USERNAME,SOCKS_PASSWORD,CLIENTADDR,SESSION_GROUP,NYM_EPOCH

@mkarolin mkarolin mentioned this issue Nov 11, 2021
Merged
24 tasks
mkarolin added a commit to brave/brave-core that referenced this issue Nov 13, 2021
@mkarolin
Fixes serialization of ProxyServer for mojo.
a251f29 
Previuosly, serialization of ProxyServer's HostPortPair used
its ToString method which we overrode, but now
ProxyServerToPacResultElement explicitly constructs the string
by getting host() and port() members and calling
ConstructHostPortString. We need to override this behavior to insert
auth info.

Fixes brave/brave-browser#19371

Chromium change:

https://source.chromium.org/chromium/chromium/src/+/5dbd4599a981da1fac5dc5211772fe843a06a9b0

commit 5dbd4599a981da1fac5dc5211772fe843a06a9b0
Author: Eric Orth <[email protected]>
Date:   Fri Sep 24 21:21:24 2021 +0000

    Stop dealing with HostPortPair in proxy_string_util.(cc/h)

    String->ProxyServer now done using ProxyServer::FromSchemeHostAndPort,
    and ProxyServer->String now done using ProxyServer::GetHost() and
    ProxyServer::GetPort(). With less ProxyServer-external dealing with
    HostPortPair, will aide the future-CL transition to not storing
    HostPortPair for all proxies.

    Also has the effect that construction-from-string now results in
    canonicalization of the ProxyServer hostname. Slight impact on tests
    that were parsing stuff with now-recognized-as-invalid hostnames
    (especially the v8 tracing tests that were hacking information into
    wildly invalid hostnames), but don't expect any real-world impact
    because these are clearly invalid names that shouldn't ever be able to
    resolve to real servers.

    Also moved the hostname:port parsing directly into proxy_string_util.cc
    (from url_util::ParseHostAndPort()) to avoid silliness like stripping
    IPv6 brackets just for them to be added back for canonicalization.

    Bug: 1243398
This was referenced Nov 13, 2021
Merged
Merged
@kjozwiak
Copy link
Member Author

kjozwiak commented Nov 15, 2021
edited by stephendonner
Loading

Verification PASSED on Win 11 x64 using the following build:

Brave | 1.32.103 Chromium: 96.0.4664.45 (Official Build) (64-bit)
-- | --
Revision | 76e4c1bb2ab4671b8beba3444e61c0f17584b2fc-refs/branch-heads/4664@{#947}
OS | Windows 11 Version 21H2 (Build 22000.318)
Connecting to Tor - Logs 
Nov 15 11:59:18.986 [notice] Tor 0.4.5.11 running on Windows 8 [or later] with Libevent 2.1.11-stable, OpenSSL 1.1.1l, Zlib 1.2.11, Liblzma N/A, Libzstd N/A and Unknown N/A as libc.
Nov 15 11:59:18.986 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 15 11:59:18.987 [notice] Configuration file "C:\nonexistent" not present, using reasonable defaults.
Nov 15 11:59:18.987 [warn] Path for GeoIPFile (<default>) is relative and will resolve to C:\Program Files\BraveSoftware\Brave-Browser\Application\96.1.32.103\<default>. Is this what you wanted?
Nov 15 11:59:18.987 [warn] Path for GeoIPv6File (<default>) is relative and will resolve to C:\Program Files\BraveSoftware\Brave-Browser\Application\96.1.32.103\<default>. Is this what you wanted?
Nov 15 11:59:18.988 [notice] Wow!  I detected that you have 32 CPUs. I will not autodetect any more than 16, though.  If you want to configure more, set NumCPUs in your torrc
Nov 15 11:59:18.989 [notice] Opening Socks listener on 127.0.0.1:0
Nov 15 11:59:18.989 [notice] Socks listener listening on port 55198.
Nov 15 11:59:18.989 [notice] Opened Socks listener connection (ready) on 127.0.0.1:55198
Nov 15 11:59:18.989 [notice] Opening Control listener on 127.0.0.1:0
Nov 15 11:59:18.989 [notice] Control listener listening on port 55199.
Nov 15 11:59:18.989 [notice] Opened Control listener connection (ready) on 127.0.0.1:55199
[43272:31708:1115/115918.990:INFO:tor_file_watcher.cc(183)] tor: failed to open control auth cookie
[43272:31708:1115/115918.990:INFO:tor_file_watcher.cc(183)] tor: failed to open control auth cookie
[43272:31708:1115/115918.991:INFO:tor_file_watcher.cc(183)] tor: failed to open control auth cookie
[43272:31708:1115/115918.992:INFO:tor_file_watcher.cc(183)] tor: failed to open control auth cookie
[43272:31708:1115/115918.992:INFO:tor_file_watcher.cc(183)] tor: failed to open control auth cookie
Nov 15 11:59:19.000 [notice] Bootstrapped 0% (starting): Starting
Nov 15 11:59:19.000 [notice] Starting with guard context "default"
Nov 15 11:59:19.000 [notice] New control connection opened from 127.0.0.1.
Nov 15 11:59:19.000 [warn] Path for GeoIPFile (<default>) is relative and will resolve to C:\Program Files\BraveSoftware\Brave-Browser\Application\96.1.32.103\<default>. Is this what you wanted?
Nov 15 11:59:19.000 [warn] Path for GeoIPv6File (<default>) is relative and will resolve to C:\Program Files\BraveSoftware\Brave-Browser\Application\96.1.32.103\<default>. Is this what you wanted?
Nov 15 11:59:19.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
Nov 15 11:59:19.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
Nov 15 11:59:19.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay
Nov 15 11:59:19.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done
Nov 15 11:59:19.000 [notice] Bootstrapped 20% (onehop_create): Establishing an encrypted directory connection
Nov 15 11:59:19.000 [notice] Bootstrapped 25% (requesting_status): Asking for networkstatus consensus
Nov 15 11:59:19.000 [notice] Bootstrapped 30% (loading_status): Loading networkstatus consensus
Nov 15 11:59:21.000 [notice] I learned some more directory information, but not enough to build a circuit: We have no usable consensus.
Nov 15 11:59:21.000 [notice] Bootstrapped 40% (loading_keys): Loading authority key certs
Nov 15 11:59:21.000 [notice] The current consensus has no exit nodes. Tor can only build internal paths, such as paths to onion services.
Nov 15 11:59:21.000 [notice] Bootstrapped 45% (requesting_descriptors): Asking for relay descriptors
Nov 15 11:59:21.000 [notice] I learned some more directory information, but not enough to build a circuit: We need more microdescriptors: we have 0/6145, and can only build 0% of likely paths. (We have 0% of guards bw, 0% of midpoint bw, and 0% of end bw (no exits in consensus, using mid) = 0% of path bw.)
Nov 15 11:59:22.000 [notice] Bootstrapped 50% (loading_descriptors): Loading relay descriptors
Nov 15 11:59:22.000 [notice] The current consensus contains exit nodes. Tor can build exit and internal paths.
Nov 15 11:59:23.000 [notice] Bootstrapped 57% (loading_descriptors): Loading relay descriptors
Nov 15 11:59:23.000 [notice] Bootstrapped 62% (loading_descriptors): Loading relay descriptors
Nov 15 11:59:23.000 [notice] Bootstrapped 72% (loading_descriptors): Loading relay descriptors
Nov 15 11:59:23.000 [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits
Nov 15 11:59:24.000 [notice] Bootstrapped 80% (ap_conn): Connecting to a relay to build circuits
Nov 15 11:59:24.000 [notice] Bootstrapped 85% (ap_conn_done): Connected to a relay to build circuits
Nov 15 11:59:24.000 [notice] Bootstrapped 89% (ap_handshake): Finishing handshake with a relay to build circuits
Nov 15 11:59:24.000 [notice] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits
Nov 15 11:59:24.000 [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit
Nov 15 11:59:24.000 [notice] Bootstrapped 100% (done): Done
  • ensure that you can change the current exit node/IP address via CTRL + SHIFT + R
  • ensure that you can change the current exit node/IP address via Hamburger Menu -> New Tor connection for this site...
  • ensure that https://check.torproject.org correctly displays that you're connected to the Tor network
  • ensure that loading https://brave.com & https://duckduckgo.com within Tor works without any issues
  • ensure that loading https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion within Tor works
  • ensure that loading https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion within Tor works
  • ensure that visiting https://www.nytimes.com, https://brave.com & https://account.protonmail.com/login displays the Open in Tor button in the URL bar when loading in a Normal window
  • ensure that clicking on Open in Tor works as expected (opening the website within Tor)

Verified PASSED using

Brave 1.32.103 Chromium: 96.0.4664.45 (Official Build) (x86_64)
Revision 76e4c1bb2ab4671b8beba3444e61c0f17584b2fc-refs/branch-heads/4664@{#947}
OS macOS Version 11.6.1 (Build 20G224)
Tor logs 
Nov 15 15:45:37.093 [notice] Tor 0.4.5.11 running on Darwin with Libevent 2.1.11-stable, OpenSSL 1.1.1l, Zlib 1.2.11, Liblzma N/A, Libzstd N/A and Unknown N/A as libc.
Nov 15 15:45:37.093 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Nov 15 15:45:37.093 [notice] Configuration file "/nonexistent" not present, using reasonable defaults.
Nov 15 15:45:37.095 [notice] Opening Socks listener on 127.0.0.1:0
Nov 15 15:45:37.095 [notice] Socks listener listening on port 64648.
Nov 15 15:45:37.095 [notice] Opened Socks listener connection (ready) on 127.0.0.1:64648
Nov 15 15:45:37.095 [notice] Opening Control listener on 127.0.0.1:0
Nov 15 15:45:37.095 [notice] Control listener listening on port 64649.
Nov 15 15:45:37.096 [notice] Opened Control listener connection (ready) on 127.0.0.1:64649
Nov 15 15:45:37.000 [notice] Bootstrapped 0% (starting): Starting
Nov 15 15:45:37.000 [notice] Starting with guard context "default"
Nov 15 15:45:37.000 [notice] New control connection opened from 127.0.0.1.
Nov 15 15:45:37.000 [notice] Bootstrapped 5% (conn): Connecting to a relay
Nov 15 15:45:37.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
Nov 15 15:45:37.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay
Nov 15 15:45:38.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done
Nov 15 15:45:38.000 [notice] Bootstrapped 20% (onehop_create): Establishing an encrypted directory connection
Nov 15 15:45:39.000 [notice] Bootstrapped 25% (requesting_status): Asking for networkstatus consensus
Nov 15 15:45:39.000 [notice] Bootstrapped 30% (loading_status): Loading networkstatus consensus
Nov 15 15:45:40.000 [notice] I learned some more directory information, but not enough to build a circuit: We have no usable consensus.
Nov 15 15:45:40.000 [notice] Bootstrapped 40% (loading_keys): Loading authority key certs
Nov 15 15:45:40.000 [notice] The current consensus has no exit nodes. Tor can only build internal paths, such as paths to onion services.
Nov 15 15:45:40.000 [notice] Bootstrapped 45% (requesting_descriptors): Asking for relay descriptors
Nov 15 15:45:40.000 [notice] I learned some more directory information, but not enough to build a circuit: We need more microdescriptors: we have 0/6153, and can only build 0% of likely paths. (We have 0% of guards bw, 0% of midpoint bw, and 0% of end bw (no exits in consensus, using mid) = 0% of path bw.)
Nov 15 15:45:41.000 [notice] Bootstrapped 50% (loading_descriptors): Loading relay descriptors
Nov 15 15:45:41.000 [notice] The current consensus contains exit nodes. Tor can build exit and internal paths.
Nov 15 15:45:43.000 [notice] Bootstrapped 55% (loading_descriptors): Loading relay descriptors
Nov 15 15:45:50.000 [notice] Bootstrapped 62% (loading_descriptors): Loading relay descriptors
Nov 15 15:45:50.000 [notice] Bootstrapped 67% (loading_descriptors): Loading relay descriptors
Nov 15 15:45:50.000 [notice] Bootstrapped 73% (loading_descriptors): Loading relay descriptors
Nov 15 15:45:50.000 [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits
Nov 15 15:45:51.000 [notice] Bootstrapped 80% (ap_conn): Connecting to a relay to build circuits
Nov 15 15:45:51.000 [notice] Bootstrapped 85% (ap_conn_done): Connected to a relay to build circuits
Nov 15 15:45:51.000 [notice] Bootstrapped 89% (ap_handshake): Finishing handshake with a relay to build circuits
Nov 15 15:45:51.000 [notice] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits
Nov 15 15:45:51.000 [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit
Nov 15 15:45:52.000 [notice] Bootstrapped 100% (done): Done
  • ensured that you can change the current exit node/IP address via command + shift + r
  • ensure that you can change the current exit node/IP address via Hamburger Menu -> New Tor connection for this site...
  • ensured that https://check.torproject.org correctly displays that you're connected to the Tor network
  • ensured that loading https://brave.com & https://duckduckgo.com within Tor works without any issues
  • ensured that loading https://brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion within Tor works
  • ensured that loading https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion within Tor works
  • ensured that visiting https://www.nytimes.com, https://brave.com & https://account.protonmail.com/login displays the Open in Tor button in the URL bar when loading in a Normal window
  • ensured that clicking on Open in Tor works as expected (opening the website within Tor)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature/tor OS/Desktop QA Pass-macOS QA Pass-Win64 QA/Test-Plan-Specified QA/Yes regression release/blocking release-notes/exclude
Projects
None yet
Milestone
1.32.x - Release
Development

Successfully merging a pull request may close this issue.

Fixes serialization of ProxyServer for mojo. brave/brave-core
3 participants
@stephendonner @kjozwiak @GeetaSarvadnya