[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor transparent proxy -> strange behavior regarding .onion

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor transparent proxy -> strange behavior regarding .onion
From: Ivan Markin <twim@xxxxxxxxxx>
Date: Sat, 21 Jan 2017 09:36:00 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 21 Jan 2017 04:39:14 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1484991537; bh=CIZXG6ZFyBcrxOkywhwpjW1Ztk+RooaaW1efah1LJn0=; h=Subject:To:References:From:Date:In-Reply-To:From; b=DwzlcM42/Xb7EGAaxWvwU1Vlc/4H6vKl5kVp+uMbRg3Ih/G+0pOmemJfiRBuEUWqu CEQLsgRQ5j2iXzZLl9W7oqFDdaEoRujfbd+9NvSlLgrzddBVPtrBK7Dpqmk5MqYMs6 wMeHgA+saOeYhpC3v3dW5otIpePisJCWIMGHyzg0=
In-reply-to: <0421FA3C-6AE2-4070-8EC2-97746BCC1853@chscene.ch>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <mailman.7.1484827203.24582.tor-talk@lists.torproject.org> <0421FA3C-6AE2-4070-8EC2-97746BCC1853@chscene.ch>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

radio_24@xxxxxxxxxx:
> But with Firefox and Safari I don’t see anything — whether with
> wireshark on the client nor with tcpdump on the proxy. Under
> about:networking <about:networking>, DNS-Lookup, Firefox's response
> is NS_ERROR_UNKNOWN_HOST. It seems as if macOS Sierra decided that
> .onion is not a valid DNS name and didn’t make a DNS request at all
> (and yes, I did flush the DNS cache before).
> 
> To replicate this behavior, I took an old Macbook with OS X El
> Capitan with exactly the same network configuration (Router:
> 192.168.42.1 / DNS: 192.168.42.1 / Search Domain: local). It worked
> without problems (Firefox / Safari have on both computers exactly the
> same plugins). More tests: It doesn’t work on iOS 10.2 either.

I tried disabling blockDotOnion in Firefox 50.0.1 and it works as
expected: I can see DNS requests to the server from resolv.conf. As long
as you have Chrome working correctly, I can say that OS isn't a problem
here. It's likely Firefox/Safari themselves.
Can you run Firefox with a new clean profile (-P option; don't know how
it works on macOS) and see if it still doesn't issue any DNS requests on
dotonions (with blockDotOnion = false).
Probably Safari has also got implementation for RFC 7686 but I don't
know whether it's possible to go around it.

--
Ivan Markin
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Tor transparent proxy -> strange behavior regarding .onion
  - From: radio_24@xxxxxxxxxx

Prev by Author: Re: [tor-talk] Why Tor can't connect?
Next by Author: [tor-talk] Why Tor can't connect?
Previous by thread: Re: [tor-talk] Tor transparent proxy -> strange behavior regarding .onion
Next by thread: [tor-talk] Tor 0.3.0.2-alpha is out!
Index(es):
- Author
- Thread