[tor-bugs] #12411 [Orbot]: Orbot broke using DNSPort

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jun 17 18:29:17 UTC 2014 

#12411: Orbot broke using DNSPort
-------------------------+-------------------------------------------------
     Reporter:  isis     |      Owner:  n8fr8
         Type:  defect   |     Status:  reopened
     Priority:  normal   |  Milestone:
    Component:  Orbot    |    Version:
   Resolution:           |   Keywords:  orbot-14.0.3.1, orbot-14.0.4, wtf,
Actual Points:           |  software-engineering
       Points:           |  Parent ID:
-------------------------+-------------------------------------------------
Changes (by mikeperry):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Actually, my blog post instructions explicitly say not to give Orbot root
 right now. I wanted to avoid this, because it was unnecessary and an
 additional security risk.

 Moreover, the custom torrc entries dialog you suggest is broken for this
 use case. Because Orbot now sets DNSPort and TransPort explicitly to 0 in
 its torrc, the user cannot override them in the same torrc file. If you
 add "TransPort 9040" in the "Torrc Custom Config" field in Orbot, tor will
 no longer start. Try it out.

 I think the right way to do this is as Isis suggested in #12413. If you
 start tor with --defaults-torrc pointing to your torrc, and then place the
 "Torrc Custom Config" values in a second torrc.custom file, those user
 values will then properly override anything from the main torrc.

 I don't think this can be called fixed until we have some way for people
 to enable these settings without giving Orbot root. I'd also like a way to
 script these settings from the HOWTO, so it can automatically override the
 Orbot default values to keep the installation simple. This is also
 currently impossible right now, though #12413 would help accomplish it.

 In fact, people who followed my howto are upgrading to Orbot 14.04 and
 probably scratching their heads wondering why their tablet's network
 access completely stopped working. That's kind of bad, and probably why
 Isis's description is so ragetastic. When it hit me, I was also rather
 confused, and it was not easy to downgrade to a working Orbot either.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12411#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list