tor: Error connecting to Tor control socket #13397

issue pruflyos opened this issue on June 5, 2018
  1. pruflyos commented at 2:10 PM on June 5, 2018: none

    <!-- This issue tracker is only for technical issues related to Bitcoin Core. General bitcoin questions and/or support requests are best directed to the Bitcoin StackExchange at https://bitcoin.stackexchange.com. For reporting security issues, please read instructions at https://bitcoincore.org/en/contact/. If the node is "stuck" during sync or giving "block checksum mismatch" errors, please ensure your hardware is stable by running memtest and observe CPU temperature with a load-test tool such as linpack before creating an issue! -->

    <!-- Describe the issue -->

    bitcoin-0.16.0 (pre-compiled, downloaded from bitcoin.org) Debian Stretch

    <!--- What behavior did you expect? -->

    Following https://github.com/bitcoin/bitcoin/blob/master/doc/tor.md I face a couple of issues:

    First, here's my current understanding: Tor offers two ways of being controlled on Linux.

    1. TCP Control Port (by default 127.0.0.1:9051 but disabled)
    2. Control Socket which is Unix Domain Socket (by default /run/tor/control on Debian)

    By reading the Bitcoin Core Tor documentation, it sounds like the 2nd (newer) way is supported:

    Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket API, to create and destroy 'ephemeral' hidden services programmatically. Bitcoin Core has been updated to make use of this.

    That's what I'm trying to achieve. Tor Control Port (TCP) is disabled by default on Debian anyway, but Tor Control Socket is enabled. Here are the respective sections from the config files:

    /etc/bitcoin/bitcoin.conf

    # [debug]
    debug=tor
    
    # [network]
    # Accept incoming connections from peers.   
    listen=1
    # connect to peers via Tor.
    onlynet=onion
    # Connect through <ip:port> SOCKS5 proxy.   
    proxy=127.0.0.1:9050
    

    /usr/share/tor/tor-service-defaults-torrc

    User debian-tor
    
    ControlSocket /var/run/tor/control GroupWritable RelaxDirModeCheck
    ControlSocketsGroupWritable 1
    SocksPort unix:/var/run/tor/socks WorldWritable
    SocksPort 9050
    
    CookieAuthentication 1
    CookieAuthFileGroupReadable 1
    CookieAuthFile /var/run/tor/control.authcookie
    

    However, I get the following error in ~/.bitcoin/debug.log:

    tor: Error connecting to Tor control socket
    tor: Not connected to Tor control port 127.0.0.1:9051, trying to reconnect
    

    The second error is expected, because Tor control port is disabled. But the first error is unexpected. It's not a file permision issue, because I added the user who runs bitcoind to the group debian-tor:

    $ ls -la /run/tor/
    total 8
    drwxr-sr-x  2 debian-tor debian-tor 100 ---  - --:-- .
    drwxr-xr-x 20 root       root       760 ---  - --:-- ..
    srw-rw----  1 debian-tor debian-tor   0 ---  - --:-- control
    -rw-rw----  1 debian-tor debian-tor  32 ---  - --:-- control.authcookie
    -rw-r--r--  1 debian-tor debian-tor   5 ---  - --:-- tor.pid
    
    $ cat /etc/group | grep bitcoind
    debian-tor:x:114:bitcoind
    
    ps aux | grep bitcoind
    bitcoind  ----  ---  --- ------ ----- ?        Rsl  --:--   --:-- /usr/local/bin/bitcoind -daemon -conf=/etc/bitcoin/bitcoin.conf -pid=/run/bitcoind/bitcoind.pid -rpccookiefile=/run/bitcoind/authcookie
    

    I also tried to explictly tell bitcoind the path to the control socket by adding torcontrol=/run/tor/control as a config option:

    # [debug]
    debug=tor
    
    # [network]
    # Accept incoming connections from peers.   
    listen=1
    # connect to peers via Tor.
    onlynet=onion
    torcontrol=/run/tor/control
    

    However, this results the following error:

    tor: Error parsing socket address /run/tor/control
    tor: Initiating connection to Tor control port /run/tor/control failed
    

    So obviously, the torcontrol option only allows to specify the TCP Tor control port. How does bitcoind know the path to the Tor control socket? Is there an undocumented config option to set it? Is it hard coded? Or is the documentation just ambiguous and it isn't supported yet?

    Final issue with the documentation is:

    For cookie authentication the user running bitcoind must have write access to the CookieAuthFile specified in Tor configuration.

    Why write access??? Read access should be sufficient! It's just the cookie file.

    <!--- What was the actual behavior (provide screenshots if the issue is GUI-related)? -->

    <!--- How reliably can you reproduce the issue, what are the steps to do so? -->

    <!-- What version of Bitcoin Core are you using, where did you get it (website, self-compiled, etc)? -->

    <!-- What type of machine are you observing the error on (OS/CPU and disk type)? -->

    <!-- Any extra information that might be useful in the debugging process. -->

    <!--- This is normally the contents of a `debug.log` or `config.log` file. Raw text or a link to a pastebin type site are preferred. -->

  2. fanquake added the label P2P on Jun 5, 2018
  3. emilrus commented at 2:45 PM on September 17, 2018: none

    Bitcoin Core does not support interacting with Tor's control protocol through unix sockets. The use of the term "socket" in Bitcoin Core's tor doc and in the error message: "tor: Error connecting to Tor control socket" does not imply unix sockets.
    For clarity Bitcoin Core's tor doc should say "through Tor's control protocol API".
    The issue with the cookie file has been addressed in fb97437efa06acfbe75a5e34d8bbf8388d5f6432

  4. rebroad commented at 11:16 AM on March 19, 2020: contributor

    why is this issue still open?

  5. MarcoFalke commented at 1:00 PM on March 19, 2020: member

    @pruflyos Let me know if this is still an issue with a recent version of Bitcoin Core

  6. MarcoFalke closed this on Mar 19, 2020

  7. DrahtBot locked this on Feb 15, 2022

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-21 21:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me