- Jun 21, 2016
-
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
- Jun 14, 2016
-
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
David Goulet authored
The accept(2) man page specifies that addr can be a NULL pointer for both accept() and accept4(). This has been reported in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811266 Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
- Jun 13, 2016
-
-
junglefowl authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Alexander Hansen Færøy authored
This patch adds two new arguments for the torsocks script: --address (-a), for specifying the address of the Tor instance to use, and --port (-P), for specifying the port of the Tor instance to use.
-
Alexander Hansen Færøy authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Alexander Hansen Færøy authored
This patch exposes set_tor_address and set_tor_port as part of the configuration API as conf_file_set_tor_address and conf_file_set_tor_port. We also ensure to free() the Tor address if it's set multiple times during execution. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Alexander Hansen Færøy authored
This is a trivial clean-up patch that makes init_config() use the DEFAULT_CONF_FILE_ENV define instead of the hardcoded string literal. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Shawn Landden authored
In addition to trying to detect them in the torsocks library, we also check for capabilities in the torsocks wrapper. Signed-off-by: Shawn Landden <shawn@churchofgit.com> Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
junglefowl authored
Port 65535 is a valid port among the tor code base. In fact, in_port_t type will guarantee a valid port number. The only special value is "0", so drop the 65535 check completely. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
junglefowl authored
It is possible to overflow tokens with a configuration that contains many arguments in one line. At first, the upper limit is specified as sizeof(tokens), which is wrong. It has to be DEFAULT_MAX_CONF_TOKEN or sizeof(tokens) / sizeof(tokens[0]). The former is shorter, therefor I took that one. The next issue is in utils_tokenize_ignore_comments, which verifies that enough space is available only with the ' ' separator. Later in the code, '\t' is also allowed as a separator, which means that more arguments could show up than previously taken into account during size checks. This is an unlikely case, so the check will be done while parsing. When the limit is reached, previously allocated memory is released again and error value is returned. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Yawning Angel authored
Exactly what it says on the tin, setting `AllowOutboundLocalhost 2` will: * Allow all SOCK_DGRAM socket() calls. * Allow connect() to localhost, even for SOCK_DGRAM. * Allow SOCK_DGRAM sendto() calls, as long as the destination address is localhost. Fixes bug #16765.
-
David Goulet authored
Apparently, this works on FreeBSD. Sorry if I broke it for anyone out there. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Taylor R Campbell authored
-
Taylor R Campbell authored
Caught by clang static analyzer.
-
Taylor R Campbell authored
Caught by clang static analyzer.
-
Taylor R Campbell authored
-
Taylor R Campbell authored
-
Taylor R Campbell authored
-
Taylor R Campbell authored
-
Taylor R Campbell authored
Local time may require opening files to load the time zone database, which leads to a potential deadlock-against-self when intercepting a close() in the middle of tsocks_once initialization for close(). The same issue applies even if we use UTC, via gmtime. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Taylor R Campbell authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Taylor R Campbell authored
Otherwise, we will define the ELF symbol __socket30 due to the declaration of socket in <sys/socket.h>, but try using dlsym to call the libc symbol "socket", which in NetBSD is defined as a compatibility wrapper that calls __socket30...which, because of ELF symbol resolution rules, will go back and call our __socket30, leading to infinite recursion. Instead, call the libc symbol "__socket30" explicitly so we get the real libc system call stub instead of the compatibility wrapper. (I don't know any way to automatically deduce the correct ELF symbol from the toolchain, even though it is written in <sys/socket.h>.) Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Taylor R Campbell authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Taylor R Campbell authored
The send_data_impl and recv_data_impl functions can enter an annoying busy loop if a connection is laggy. Potentially if the connection never establishes, this can continue for minutes, until the connection times out, having at least one core running at 100% the entire time, which is undesirable. Block on the fd until an I/O operation can be performed. Fixes #16355 Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Taylor R Campbell authored
-
Taylor R Campbell authored
-
David Goulet authored
If a binary is set with capabilities or is setuid/gid, the kernel will strip out the LD_PRELOAD thus making torsocks useless. This is only working on Linux at this point. This is not a complete fix but it's a good start and useful to have. See ticket #14322 for more information. Patch from cypherpunks with minor syntax edit. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
David Goulet authored
Musl library does not have a specific define so use __linux__ instead. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
- May 27, 2015
-
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
David Goulet authored
The resolve function was sending uninitialized data to tor and sometimes too much data than needed. Furthermore, a valid SOCKS5 request for that needs a port so add one in both resolve and resolve_ptr. Reported-by: Yawning Angel <yawning@schwanenlied.me> Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
- May 13, 2015
-
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
- May 12, 2015
-
-
David Goulet authored
Too many places were using the same code so create auth_socks5() to do that using a given connection object. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Yawning Angel authored
Signed-off-by: Yawning Angel <yawning@schwanenlied.me>
-
David Goulet authored
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Yawning Angel authored
IsolatePID will have torsocks automatically derive a unique SOCKS5 username/password pair of the form: 'torsocks-' PID ':' unixTime / '42' To provide automatic per-process isolation (Disabled by default). This behavior may be better for certain users/applications, and may also be controlled via the `TORSOCKS_ISOLATE_PID` env var. Option -i/--isolate to torsocks is added that automatically export the TORSOCKS_ISOLATE_PID variable. Implements #16006. Signed-off-by: Yawning Angel <yawning@schwanenlied.me> Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
Yawning Angel authored
Fun fact, `__attribute__(constructor)` functions aren't guaranteed to be called before C++ static object constructors. This change ensures that initialization will always be called once (and only once), as needed even if C++ codebases chose to use hijacked symbols in ctors for static objects. Things that got changed: * Added `tsocks_once()` that is a functional replica of pthread_once, but doesn't require linking in a real pthread library if the application does not. * Changed the initialization/cleanup to use tsocks_once. * Call the initialization from within all of the hijacked libc calls. Fixes bug #15584. Signed-off-by: Yawning Angel <yawning@schwanenlied.me> Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-
- Apr 23, 2015
-
-
David Goulet authored
-