Tor snowflake-client not working on macOS

Hey Tor people!

I am trying to get snowflake-client working on macOS with the Tor daemon. Everything was installed via homebrew.

Configs:

lunar@machine ~ % cat /opt/homebrew/etc/tor/torrc     
UseBridges 1

ClientTransportPlugin snowflake exec /opt/homebrew/bin/snowflake-client -url https://snowflake-broker.torproject.net/ -ampcache https://cdn.ampproject.org/ -front www.google.com -ice stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 -log /opt/homebrew/var/log/snowflake-client.log

Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72
Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA

lunar@machine ~ % tail -n 100 /opt/homebrew/var/log/tor.log
Nov 17 02:09:02.865 [notice] Tor 0.4.8.9 running on Darwin with Libevent 2.1.12-stable, OpenSSL 3.1.4, Zlib 1.2.12, Liblzma N/A, Libzstd N/A and Unknown N/A as libc.
Nov 17 02:09:02.865 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/
Nov 17 02:09:02.865 [notice] Read configuration file "/opt/homebrew/etc/tor/torrc".
Nov 17 02:09:02.867 [notice] Opening Socks listener on 127.0.0.1:9050
Nov 17 02:09:02.867 [notice] Opened Socks listener connection (ready) on 127.0.0.1:9050
Nov 17 02:09:02.000 [warn] Cannot find maximum file descriptor, assuming: 256
Nov 17 02:09:02.000 [notice] Parsing GEOIP IPv4 file /opt/homebrew/Cellar/tor/0.4.8.9/share/tor/geoip.
Nov 17 02:09:02.000 [notice] Parsing GEOIP IPv6 file /opt/homebrew/Cellar/tor/0.4.8.9/share/tor/geoip6.
Nov 17 02:09:02.000 [notice] Bootstrapped 0% (starting): Starting
Nov 17 02:09:03.000 [notice] Starting with guard context "bridges"
Nov 17 02:09:03.000 [notice] Delaying directory fetches: No running bridges
Nov 17 02:09:04.000 [notice] Bootstrapped 1% (conn_pt): Connecting to pluggable transport
Nov 17 02:09:04.000 [notice] Bootstrapped 2% (conn_done_pt): Connected to pluggable transport
Nov 17 02:09:04.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay
Nov 17 02:09:04.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": offer created
Nov 17 02:09:04.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": broker failure http: no Host in request URL
Nov 17 02:09:09.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": offer created
Nov 17 02:09:09.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": broker failure http: no Host in request URL
Nov 17 02:09:14.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": offer created
Nov 17 02:09:14.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": broker failure http: no Host in request URL
Nov 17 02:09:19.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": offer created
Nov 17 02:09:19.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": broker failure http: no Host in request URL
Nov 17 02:09:24.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": offer created
Nov 17 02:09:24.000 [notice] Managed proxy "/opt/homebrew/bin/snowflake-client": broker failure http: no Host in request URL

What could the problem be? I have searched around everywhere but I can’t figure out why the error broker failure http: no Host in request URL happens.

Running the snowflake-client command manually using the following actually works 100% fine, so I can’t figure out why it doesn’t work through the Tor daemon.

lunar@machine ~ % TOR_PT_MANAGED_TRANSPORT_VER=1 TOR_PT_CLIENT_TRANSPORTS=snowflake /opt/homebrew/bin/snowflake-client -url https://snowflake-broker.torproject.net/ -ampcache https://cdn.ampproject.org/ -front www.google.com -ice stun:stun.voip.blackberry.com:3478,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 -log /opt/homebrew/var/log/snowflake-client.log
VERSION 1
CMETHOD snowflake socks5 127.0.0.1:65219
CMETHODS DONE

What version of the snowflake client are you using? There was a recent bug involving the host field that has now been fixed: Non-fronted connections to the broker no longer work since 9fdfb3d1b53e9113422a7a2816b2a9af4450b4ac (#40301) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

Though this doesn’t match what you’re seeing. Can you include the contents of /opt/homebrew/var/log/snowflake-client.log? That might give us some more clues about what is going wrong here.

Hey thanks for responding.

Here are the version details:

snowflake-client 2.7.0
Known utls-imitate values:
(empty)
helloios_auto
hellofirefox_auto
hellofirefox_56
hellochrome_auto
hellochrome_58
hellofirefox_55
hellofirefox_63
hellochrome_70
hellorandomizedalpn
hellorandomizednoalpn
hellofirefox_65
helloios_11_1
hellochrome_62
hellochrome_72
helloios_12_1

Here are the logs:

 --- Starting Snowflake Client ---
2023/11/18 08:38:14 Using ICE servers:
2023/11/18 08:38:14 url: stun:stun.l.google.com:19302
2023/11/18 08:38:14 url: stun:stun.sonetel.com:3478
2023/11/18 08:38:14 Using ICE servers:
2023/11/18 08:38:14 url: stun:stun.epygi.com:3478
2023/11/18 08:38:14 url: stun:stun.sonetel.com:3478
2023/11/18 08:38:14 url: stun:stun.l.google.com:19302
2023/11/18 08:38:14 url: stun:stun.antisip.com:3478
2023/11/18 08:38:14 url: stun:stun.uls.co.za:3478
2023/11/18 08:38:14 url: stun:stun.voipgate.com:3478
2023/11/18 08:38:14 url: stun:stun.epygi.com:3478
2023/11/18 08:38:14 url: stun:stun.voys.nl:3478
2023/11/18 08:38:14 Rendezvous using Broker at: https://snowflake-broker.torproject.net/
2023/11/18 08:38:14 Domain fronting using a randomly selected domain from: []
2023/11/18 08:38:14 Rendezvous using Broker at: https://snowflake-broker.torproject.net/
2023/11/18 08:38:14 Domain fronting using a randomly selected domain from: []
2023/11/18 08:38:14 Through AMP cache at: https://cdn.ampproject.org/
2023/11/18 08:38:14 Through AMP cache at: https://cdn.ampproject.org/
2023/11/18 08:38:14 ---- SnowflakeConn: begin collecting snowflakes ---
2023/11/18 08:38:14 ---- SnowflakeConn: starting a new session ---
2023/11/18 08:38:14 ---- SnowflakeConn: begin collecting snowflakes ---
2023/11/18 08:38:14 ---- SnowflakeConn: starting a new session ---
2023/11/18 08:38:14 WebRTC: Collecting a new Snowflake. Currently at [0/1]
2023/11/18 08:38:14 snowflake-0846b8f93ff9e1de  connecting...
2023/11/18 08:38:14 WebRTC: Collecting a new Snowflake. Currently at [0/1]
2023/11/18 08:38:14 snowflake-3f6388764b49aeec  connecting...
2023/11/18 08:38:14 ---- SnowflakeConn: begin stream 3 ---
2023/11/18 08:38:14 ---- SnowflakeConn: begin stream 3 ---
2023/11/18 08:38:14 redialing on same connection
2023/11/18 08:38:14 redialing on same connection
2023/11/18 08:38:14 WebRTC: DataChannel created
2023/11/18 08:38:14 WebRTC: DataChannel created
2023/11/18 08:38:14 WebRTC: Created offer
2023/11/18 08:38:14 WebRTC: Created offer
2023/11/18 08:38:14 WebRTC: Set local description
2023/11/18 08:38:14 WebRTC: Set local description
2023/11/18 08:38:14 Warning: NAT checking failed for server at stun.l.google.com:19302: NAT discovery feature not supported: attribute not found
2023/11/18 08:38:14 NAT Type: restricted
2023/11/18 08:38:14 NAT Type: restricted
2023/11/18 08:38:19 Negotiating via AMP cache rendezvous...
2023/11/18 08:38:19 Broker URL: https://snowflake-broker.torproject.net/
2023/11/18 08:38:19 AMP cache URL: https://cdn.ampproject.org/
2023/11/18 08:38:19 Negotiating via AMP cache rendezvous...
2023/11/18 08:38:19 Broker URL: https://snowflake-broker.torproject.net/
2023/11/18 08:38:19 AMP cache URL: https://cdn.ampproject.org/
2023/11/18 08:38:19 Front domain: 
2023/11/18 08:38:19 WebRTC: closing DataChannel
2023/11/18 08:38:19 WebRTC: closing PeerConnection
2023/11/18 08:38:19 Front domain: 
2023/11/18 08:38:19 WebRTC: closing DataChannel
2023/11/18 08:38:19 WebRTC: closing PeerConnection
2023/11/18 08:38:19 WebRTC: Closing
2023/11/18 08:38:19 WebRTC: http: no Host in request URL  Retrying...
2023/11/18 08:38:19 WebRTC: Closing
2023/11/18 08:38:19 WebRTC: http: no Host in request URL  Retrying...

I’m now convinced you are running into the bug linked above. The log messages match it exactly, and I was able to reproduce it from the v2.7.0 tag using your provided torrc files. This has been fixed in the Snowflake code, but we haven’t released a new version yet. We can do so early next week. Until then, you can try building the client from source from the main branch: The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab

Running the snowflake-client command manually using the following actually works 100% fine, so I can’t figure out why it doesn’t work through the Tor daemon.

This command just starts the Snowflake client as a separate process, but without another torrc file that looks something like the following, the client won’t yet attempt to make a connection to the bridge.

UseBridges 1

ClientTransportPlugin snowflake socks5 127.0.0.1:65219

Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72
Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA

with this torrc file, you should see the following error messages appear underneath CMETHODS DONE:

LOG SEVERITY=notice MESSAGE="offer created"
LOG SEVERITY=notice MESSAGE="broker failure http: no Host in request URL"

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.