[tor-bugs] #24350 [Core Tor/Tor]: A fresh compiled tor does not honor MaxCircuitDirtiness

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Nov 18 22:41:21 UTC 2017 

#24350: A fresh compiled tor does not honor MaxCircuitDirtiness
------------------------------+--------------------
     Reporter:  Zakhar        |      Owner:  (none)
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+--------------------
 I am having a strange behavior when compiling tor, it does not take into
 account the '''MaxCircuitDirtiness''' I have set in the configuration...
 nor the default value that is supposed to be 10 minutes.

 In fact, it changes identity '''every 5 minutes'''!

 I tried both the Ubuntu version (0.2.9.11) and the last official one from
 tor (0.3.1.18)

 What is even stranger it that with the Ubuntu repo binary, it works fine.

 Steps to reproduce:

  * Start a Live Ubuntu 16.04.3 (x64 in my case) [so that the behavior is
 easy to reproduce]

 Execute that script (as root... no problem we are in a Live session, all
 is gone in the end), it will install the necessary packages to compile
 (otherwise configure will complain on libevent-dev, then on libssl-dev),
 download sources and compile both versions.

 {{{
 #!/bin/sh

 cd /tmp
 echo  'deb-src http://archive.ubuntu.com/ubuntu/ xenial-updates universe'
 >>'/etc/apt/sources.list'
 apt-get update
 apt-get install -y libevent-core-2.0-5 libevent-extra-2.0-5 libevent-
 openssl-2.0-5 libevent-pthreads-2.0-5 libevent-dev libssl-doc zlib1g-dev
 libssl-dev
 gpg --keyserver keyserver.ubuntu.com --recv-keys 64792D67
 gpg --no-default-keyring -a --export 64792D67 | gpg --no-default-keyring
 --keyring ~/.gnupg/trustedkeys.gpg --import -
 apt-get source tor
 cd "tor-0.2.9.11"
 ./configure
 make

 cd /tmp
 wget https://www.torproject.org/dist/tor-0.3.1.8.tar.gz
 tar xvzf tor-0.3.1.8.tar.gz
 cd "tor-0.3.1.8"
 ./configure
 make
 }}}

 You will have some warnings like:
 {{{
 ar: `u' modifier ignored since `D' is the default (see `U')
 }}}
 I am assuming these warnings are benign looking a 'u' and 'D' options in
 the man of ar.
 You will get both versions of tor compiled as documented by the README.
 Save them before rebooting.

 Now whichever version you try, here is the output tracking the change of
 IP:

 Set '''MaxCircuitDirtiness''' to 30 minutes for example with:

 {{{
 sudo echo "MaxCircuitDirtiness 1800" >>/etc/tor/torrc
 }}}

 Then test the ip we have through tor

 {{{
 $ while :; do line="$( date +%H:%M ) == $( curl -s
 http://whatismyip.akamai.com/ )"; echo "$line"; sleep 60; done
 19:27 == 185.100.84.82
 19:28 == 185.100.84.82
 19:29 == 185.100.84.82
 19:30 == 185.100.84.82
 19:31 == 185.100.84.82
 19:32 == 204.85.191.30
 19:34 == 204.85.191.30
 19:35 == 204.85.191.30
 19:36 == 204.85.191.30
 19:37 == 204.85.191.30
 19:38 == 192.160.102.168
 19:39 == 192.160.102.168
 19:40 == 192.160.102.168
 19:41 == 192.160.102.168
 19:42 == 192.160.102.168
 19:43 == 163.172.101.137
 19:44 == 163.172.101.137
 19:45 == 163.172.101.137
 19:46 == 163.172.101.137
 19:47 == 163.172.101.137
 19:48 == 62.210.105.116
 }}}

 (This is done inside a VM with transparent proxying to Tor, see
 "middlebox").

 We can see that it is changing ip '''exactly''' every 5 minutes.

 When doing the same exit ip test with the stock binary version of Ubuntu
 that you get with:
 {{{
 sudo apt-get install tor
 }}}

 ... all works well, it changes ip every 30 minutes as the configuration
 says.


 '''Questions:'''
 So... is there a magic trick to compile so that MaxCircuitDirtiness is
 taken into account ? If so, that would be a '''documentation enhancement
 request'''. I am thinking something like a flag: compile for
 "debug"/compile for "production" -didn't find that in the documentation!

 Should I ask instead on the Ubuntu Launchpad (apparently they are clever
 enough to have figured out a way to make it work!)

 We can however notice a difference between the versions we compiled and
 the binary from Ubuntu repo: '''size'''!
 That is (I am guessing) because the tor we compiled has all the symbols.
 But if you do (which is undocumented!):
 {{{
 strip --strip-unneeded tor
 }}}
 you get about the same size of stock binary. Anyway, I don't think having
 the symbols should change behaviors -except in case you have very very
 little RAM, which is not my case!-

 MaxCircuitDirtiness is not such a big issue per se, but I am afraid that
 if we have those kind of "silent tricky bugs" (nothing in the log of tor)
 when compiling ourselves, there might be other more serious bugs that
 could compromise anonymity.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24350>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list