derivative-maker fails with onion sources

Good evening,

I recently forked and cleaned up this github project that builds whonix images in a docker container.
@ tabletseeker/whonix_docker

Everything works except onion sources with apt-cacher-ng.
Looks like an issue with apt-transport-tor because apt-cacher-ng works fine otherwise.

+ sudo --non-interactive --preserve-env=tbb_version,tb_onion,tpo_downloader_debug,tb_disable_anon_ws_dnf_conf,anon_shared_inst_tb,SKIP_SCRIPTS,SOURCE_DATE_EPOCH,dist_aptgetopt_file,dist_build_sources_list_primary,dist_mmdebstrap_build_sources_list_primary,dist_build_sources_list_primary_contents,dist_build_apt_sources_mirror,dist_build_apt_stable_release,dist_build_target_arch,dist_grml_mount_point,dist_source_help_steps_folder,dist_build_multiarch_package_item,dist_build_unsafe_io,dist_build_version,derivative_maker,user_name,LD_PRELOAD,LANG,LC_ALL,TZ,DEBDEBUG,XZ_OPT,REPO_PROXY,APTGETOPT,apt_unattended_opts,DERIVATIVE_APT_REPOSITORY_OPTS,DEBOOTSTRAP,http_proxy,https_proxy,ALL_PROXY,DEBIAN_FRONTEND,DEBIAN_PRIORITY,DEBCONF_NOWARNINGS,APT_LISTCHANGES_FRONTEND,INITRD apt-get -o Acquire::http::Proxy=http://127.0.0.1:3142 -o Acquire::https::Proxy=http://127.0.0.1:3142 -o Acquire::tor::Proxy=http://127.0.0.1:3142 -o APT::Update::Error-Mode=any -o Acquire::Languages=none -o Acquire::IndexTargets::deb::Contents-deb::DefaultEnabled=false -o Apt::Install-Recommends=false -o Acquire::Retries=5 -o Dpkg::Options::=--force-confnew -o Dir::Etc::sourcelist=/home/user/17.2.0.7-stable/build_sources/debian_stable_current_onion.list -o Dir::Etc::sourceparts=- update
Ign:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease
Ign:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease
Ign:3 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian bookworm-fasttrack InRelease
Ign:4 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease
Ign:5 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease
Ign:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease
Ign:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease
Ign:3 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian bookworm-fasttrack InRelease
Ign:4 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease
Ign:5 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease
Ign:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease
Ign:3 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian bookworm-fasttrack InRelease
Ign:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease
Ign:4 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease
Ign:5 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease
Ign:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease
Ign:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease
Ign:3 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian bookworm-fasttrack InRelease
Ign:4 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease
Ign:5 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease
Ign:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease
Ign:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease
Ign:3 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian bookworm-fasttrack InRelease
Ign:4 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease
Ign:5 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease
Err:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease
  503  Operation not permitted [IP: 127.0.0.1 3142]
Err:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease
  503  Operation not permitted [IP: 127.0.0.1 3142]
Err:3 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian bookworm-fasttrack InRelease
  503  Operation not permitted [IP: 127.0.0.1 3142]
Err:4 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease
  503  Operation not permitted [IP: 127.0.0.1 3142]
Err:5 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease
  503  Operation not permitted [IP: 127.0.0.1 3142]
Reading package lists...
E: Failed to fetch tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security/dists/bookworm-security/InRelease  503  Operation not permitted [IP: 127.0.0.1 3142]
E: Failed to fetch tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian/dists/bookworm-updates/InRelease  503  Operation not permitted [IP: 127.0.0.1 3142]
E: Failed to fetch tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian/dists/bookworm-backports/InRelease  503  Operation not permitted [IP: 127.0.0.1 3142]
E: Failed to fetch tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian/dists/bookworm-fasttrack/InRelease  503  Operation not permitted [IP: 127.0.0.1 3142]
E: Failed to fetch tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian/dists/bookworm/InRelease  503  Operation not permitted [IP: 127.0.0.1 3142]
E: Some index files failed to download. They have been ignored, or old ones used instead.
++ exception_handler_general ERR
++ last_failed_exit_code=100
++ last_failed_bash_command='$SUDO_TO_ROOT apt-get ${APTGETOPT[@]} -o Dir::Etc::sourcelist="$dist_build_sources_list_primary" -o Dir::Etc::sourceparts="-" update'
++ output_cmd_set
++ '[' -o xtrace ']'
++ output_cmd=true
++ true 'INFO: Middle of function exception_handler_general of ././build-steps.d/1200_prepare-build-machine.'
++ exception_handler_process_shared ERR
++ last_script=././build-steps.d/1200_prepare-build-machine
++ trap_signal_type_previous=
++ '[' '' = '' ']'
++ trap_signal_type_previous=unset
++ trap_signal_type_last=ERR
++ dist_build_error_counter=1
+++ benchmarktimeend 1723038846
++++ date +%s
+++ benchmarktimeend=1723038877
+++ benchmark_took_seconds=31
++++ convertsecs 31
++++ local h m s
++++ (( h=31/3600 ))
++++ true
++++ (( m=(31%3600)/60 ))
++++ true
++++ (( s=31%60 ))
++++ printf '%02d:%02d:%02d\n' 0 0 31
+++ echo 00:00:31
++ benchmark_took_time=00:00:31
++ local first
++ read -r first _
++ process_backtrace_function
++ true 'INFO: BEGIN: process_backtrace_function'
++ '[' -o xtrace ']'
++ set +x
++ true 'INFO: END  : process_backtrace_function'
++ function_trace_function
++ true 'INFO: BEGIN: function_trace_function'
++ '[' -o xtrace ']'
++ set +x
++ true 'INFO: END  : function_trace_function'
++ output_cmd_set
++ '[' -o xtrace ']'
++ output_cmd=true
++ true '
############################################################
ERROR detected in script!: ././build-steps.d/1200_prepare-build-machine

#####
User Help Message 2/2:

Please READ this message carefully.

Copying/pasting/screenshotting this box alone will not be insightful, and no help can be provided with it alone as it may not contain sufficient information by itself.

In many instances, providing a longer segment above this box or the entire log may be necessary for an effective diagnosis.
#####

dist_build_version: 17.2.0.7
dist_build_error_counter: 1
benchmark: 00:00:31
last_failed_exit_code: 100
trap_signal_type_previous: unset
trap_signal_type_last    : ERR

process_backtrace_result:
1: : init
2: : /bin/bash -exc source /etc/docker-entrypoint-cmd 
3: : /bin/bash /starter.sh 
7:timestamp '\''Git Start'\'' ~/logs/git.log; [ -d ~/17.2.0.7-stable ] || { cd ~/ && git clone --depth=1 --branch 17.2.0.7-stable --jobs=4 --recurse-submodules --shallow-submodules https://github.com/Whonix/derivative-maker.git 17.2.0.7-stable &>> ~/logs/git.log; }; 
8:}; [ -f ~/derivative.asc ] || { wget https://www.whonix.org/keys/derivative.asc -O ~/derivative.asc && gpg --keyid-format long --import --import-options show-only --with-fingerprint ~/derivative.asc && gpg --import ~/derivative.asc && gpg --check-sigs 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA; } &> ~/logs/key.log; 
17:${1} Time: $(date +'\''%H:%M:%S'\'')
20: : sudo -u user /bin/bash -c timestamp () 
24:timestamp '\''Git Start'\'' ~/logs/git.log; [ -d ~/17.2.0.7-stable ] || { cd ~/ && git clone --depth=1 --branch 17.2.0.7-stable --jobs=4 --recurse-submodules --shallow-submodules https://github.com/Whonix/derivative-maker.git 17.2.0.7-stable &>> ~/logs/git.log; }; 
25:}; [ -f ~/derivative.asc ] || { wget https://www.whonix.org/keys/derivative.asc -O ~/derivative.asc && gpg --keyid-format long --import --import-options show-only --with-fingerprint ~/derivative.asc && gpg --import ~/derivative.asc && gpg --check-sigs 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA; } &> ~/logs/key.log; 
34:${1} Time: $(date +'\''%H:%M:%S'\'')
37: : sudo -u user /bin/bash -c timestamp () 
41:timestamp '\''Git Start'\'' ~/logs/git.log; [ -d ~/17.2.0.7-stable ] || { cd ~/ && git clone --depth=1 --branch 17.2.0.7-stable --jobs=4 --recurse-submodules --shallow-submodules https://github.com/Whonix/derivative-maker.git 17.2.0.7-stable &>> ~/logs/git.log; }; 
42:}; [ -f ~/derivative.asc ] || { wget https://www.whonix.org/keys/derivative.asc -O ~/derivative.asc && gpg --keyid-format long --import --import-options show-only --with-fingerprint ~/derivative.asc && gpg --import ~/derivative.asc && gpg --check-sigs 916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA; } &> ~/logs/key.log; 
51:${1} Time: $(date +'\''%H:%M:%S'\'')
54: : /bin/bash -c timestamp () 
55: : /bin/bash /home/user/17.2.0.7-stable/derivative-maker --flavor whonix-workstation-cli --target raw --arch amd64 --repo true --type vm --connection onion --report true --verifiable true --freshness current --retry-max 5 
56: : /bin/bash ././build-steps.d/1200_prepare-build-machine --flavor whonix-workstation-cli --target raw --arch amd64 --repo true --type vm --connection onion --report true --verifiable true --freshness current --retry-max 5 

function_trace_result:
main (line number: 500)
main (line number: 488)
build_machine_setup (line number: 85)
exception_handler_general (line number: 85)
exception_handler_process_shared (line number: 85)

last_failed_bash_command: $SUDO_TO_ROOT apt-get ${APTGETOPT[@]} -o Dir::Etc::sourcelist="$dist_build_sources_list_primary" -o Dir::Etc::sourceparts="-" update
############################################################

Building on the host yields the same error.
Any idea what might be causing this?

Here are the setup commands for apt-cache-ng:

#50_user.conf
cat > /lib/systemd/system/apt-cacher-ng.service.d/50_user.conf << EOF
[Service]
ExecStart=
ExecStart=torsocks /usr/sbin/apt-cacher-ng SocketPath=/run/apt-cacher-ng/socket -c /etc/apt-cacher-ng ForeGround=1
EOF

#installs supporting packages
apt-get install -y torsocks tor apt-transport-tor

#installs bookworm version 3.7.4-1 
echo no | apt-get install -y apt-cacher-ng && \	
chmod 777 /var/cache/apt-cacher-ng

#apt-cacher-ng config
cat >> /etc/apt-cacher-ng/acng.conf << EOF
PassThroughPattern: .*
BindAddress: localhost
SocketPath: /run/apt-cacher-ng/socket
Port:3142
Proxy: http://127.0.0.1:3142
AllowUserPorts: 0
EOF

#30user config
echo "Acquire::BlockDotOnion \"false\";" > /etc/apt/apt.conf.d/30user && \

#starting services
systemctl daemon-reload && systemctl start tor.service && \
systemctl restart apt-cacher-ng.service

This needs some fixes in documentation.

• APT Onion Build Sources
• Torified or Host APT Cache

Hi I will update the wiki no problem but those settings and commands don’t seem to be enough for onion sources to work. Is something missing?

I assumed the commands provided would fix it. If that is not the case, back to square one.

It is broken and remains broken until someone finds out how to fix it.

Makes no sense because then nothing is actually cached?

I got that from resonat0r git. It’s supposed to ensure the proxy accepts any source. Could make sense with onion I thought.

In order for SSL/TLS to work, apt-cacher-ng has to be told beforehand which domains it can CONNECT to via the PassThroughPattern: option in /etc/apt-cacher-ng/acng.conf. For instance, to allow apt-cacher-ng to proxy anything, you can do: PassThroughPattern: .*

Ok so I will try to figure this out then and come back. I’m gonna compile it now and try every option.

The first thing to figure out how to use Debian + onion repositories + apt-cacher-ng.

That is, while excluding derivative-maker for now. Once that has been figured out, we can look into fixing derivative-maker.

@Patrick I got onion sources with apt-cacher-ng working.

derivative-maker/help-steps/variables

Before:

   aptgetopt_add "Acquire::http::Proxy=${REPO_PROXY}"
   aptgetopt_conf_add "Acquire::http::Proxy \"${REPO_PROXY}\";"

   aptgetopt_add "Acquire::https::Proxy=${REPO_PROXY}"
   aptgetopt_conf_add "Acquire::https::Proxy \"${REPO_PROXY}\";"

   aptgetopt_add "Acquire::tor::Proxy=${REPO_PROXY}"
   aptgetopt_conf_add "Acquire::tor::Proxy \"${REPO_PROXY}\";"

After:

   aptgetopt_add "Acquire::http::Proxy=${REPO_PROXY}"
   aptgetopt_conf_add "Acquire::http::Proxy \"${REPO_PROXY}\";"
   
   aptgetopt_add "Acquire::https::Proxy=${REPO_PROXY}"
   aptgetopt_conf_add "Acquire::https::Proxy \"${REPO_PROXY}\";"
   
   aptgetopt_conf_add "Acquire::BlockDotOnion \"false\";"

Then just install torsocks apt-transport-tor and it should work.
Made a pull request too.

This is actually breaking onions?

aptgetopt_conf_add “Acquire::BlockDotOnion "false";”

Use aptgetopt_add equivalent too for consistency?

This is actually breaking onions?

Looks like it. I started with testing different apt-cacher-ng versions, but it turns out that Acquire::tor::Proxy was the culprit.

This would be another solution if you prefer it.

Acquire::HTTP::Proxy="socks5h://127.0.0.1:9150"

But simply removing it and using apt-transport-tor seems cleaner.

Use aptgetopt_add equivalent too for consistency?

Yeah sure, I’ll update it real quick.

Fixed in git master. Does it look correct?

Hey that was my thread anyway, haha.

Yeah, looks good thank you!

Working nicely

+ sudo --non-interactive --preserve-env=APTGETOPT_SERIALIZED,tbb_version,tb_onion,tpo_downloader_debug,tb_disable_anon_ws_dnf_conf,anon_shared_inst_tb,SKIP_SCRIPTS,SOURCE_DATE_EPOCH,dist_aptgetopt_file,dist_build_sources_list_primary,dist_mmdebstrap_build_sources_list_primary,dist_build_sources_list_primary_contents,dist_build_apt_sources_mirror,dist_build_apt_stable_release,dist_build_target_arch,dist_grml_mount_point,dist_source_help_steps_folder,dist_build_multiarch_package_item,dist_build_unsafe_io,dist_build_version,derivative_maker,user_name,LD_PRELOAD,LC_ALL,TZ,DEBDEBUG,XZ_OPT,REPO_PROXY,apt_unattended_opts,DERIVATIVE_APT_REPOSITORY_OPTS,DEBOOTSTRAP,http_proxy,https_proxy,ALL_PROXY,DEBIAN_FRONTEND,DEBIAN_PRIORITY,DEBCONF_NOWARNINGS,APT_LISTCHANGES_FRONTEND,INITRD,HOMEVAR_VBOX_TEMP apt-get -o Acquire::http::Proxy=http://127.0.0.1:3142 -o Acquire::https::Proxy=http://127.0.0.1:3142 -o Acquire::BlockDotOnion=false -o APT::Update::Error-Mode=any -o Acquire::Languages=none -o Acquire::IndexTargets::deb::Contents-deb::DefaultEnabled=false -o Apt::Install-Recommends=false -o Acquire::Retries=5 -o Dpkg::Options::=--force-confnew -o Acquire::BlockDotOnion=false -o Dir::Etc::sourcelist=/home/user/derivative-maker/build_sources/debian_stable_current_onion.list -o Dir::Etc::sourceparts=- update
Get:1 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security InRelease [48.0 kB]                         
Get:2 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates InRelease [55.4 kB]                         
Get:3 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security/non-free-firmware Sources [796 B]
Get:4 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security/contrib Sources [856 B]
Get:5 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security/main Sources [129 kB]
Get:6 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security/contrib amd64 Packages [896 B]
Get:7 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security/main amd64 Packages [258 kB]
Get:8 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports InRelease [59.4 kB]         
Get:10 tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/debian-security bookworm-security/non-free-firmware amd64 Packages [688 B]   
Get:11 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm InRelease [151 kB]                                           
Get:12 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates/main Sources [796 B]                                 
Get:13 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-updates/main amd64 Packages [512 B]                          
Get:14 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/main Sources [280 kB]                              
Ign:15 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian-fasttrack bookworm-backports-staging InRelease                        
Get:16 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/non-free-firmware Sources [2280 B]                 
Get:17 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/contrib Sources [3868 B]                           
Get:18 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/non-free Sources [3076 B]                          
Get:19 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/non-free amd64 Packages [13.3 kB]                  
Get:20 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/contrib amd64 Packages [5664 B]                    
Get:21 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/non-free-firmware amd64 Packages [3868 B]          
Get:22 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm-backports/main amd64 Packages [276 kB]                       
Get:23 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm/non-free Sources [77.9 kB]                                   
Get:24 tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bookworm/main Sources [9495 kB]                                       
Get:9 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian-fasttrack bookworm-fasttrack InRelease [495 kB]                                 
Get:15 tor+http://5phjdr2nmprmhdhw4fdqfxvpvt363jyoeppewju2oqllec7ymnolieyd.onion/debian-fasttrack bookworm-backports-staging InRelease [632 kB]                       
0% [24 Sources 588 kB/9495 kB 6%] [Connecting to SOCKS5h proxy (socks5h://127.0.0.1:9050)]    

Yay! Thank you! Finally a long standing bug fixed.