Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T16:09:13Zhttps://gitlab.torproject.org/legacy/trac/-/issues/8745Add thread safe support with documentation2020-06-13T16:09:13ZDavid Gouletdgoulet@torproject.orgAdd thread safe support with documentationAt the moment, torsocks does not seems to be thread safe so this would be a nice feature to have but in the meantime, it should be documented for the user to understand the limitations.At the moment, torsocks does not seems to be thread safe so this would be a nice feature to have but in the meantime, it should be documented for the user to understand the limitations.Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/8220add TORSOCKS_CONF_FILE to debug output2020-06-13T16:09:06Zproperadd TORSOCKS_CONF_FILE to debug outputWhen
```
export TORSOCKS_DEBUG=1
```
is set, please add $TORSOCKS_CONF_FILE to the debug output.When
```
export TORSOCKS_DEBUG=1
```
is set, please add $TORSOCKS_CONF_FILE to the debug output.Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/29236After updating tor to 8.0.5, socks5 started to not work2020-06-13T16:10:05ZTracAfter updating tor to 8.0.5, socks5 started to not workI usually use socks5 in Adium messenger, but when i updated tor to new version Adium start to give the error - Error: Connection failed
In tor logs i found those -
1/30/19, 20:16:31.821 [WARN] Fetching socks handshake failed. Closing.
...I usually use socks5 in Adium messenger, but when i updated tor to new version Adium start to give the error - Error: Connection failed
In tor logs i found those -
1/30/19, 20:16:31.821 [WARN] Fetching socks handshake failed. Closing.
1/30/19, 20:16:31.821 [WARN] socks5: parsing failed - invalid user/pass authentication message.
1/30/19, 20:16:31.821 [WARN] Fetching socks handshake failed. Closing.
1/30/19, 20:16:37.680 [WARN] socks5: parsing failed - invalid user/pass authentication message.
1/30/19, 20:16:37.680 [WARN] Fetching socks handshake failed. Closing.
1/30/19, 20:16:37.680 [WARN] socks5: parsing failed - invalid user/pass authentication message.
I never had this before, all have worked perfectly. Immediately after the update, everything stopped working. I tried all, i installed tor/messenger and updated os, but nothing helped.
Help!
**Trac**:
**Username**: bugiguimanDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/17479Allow port 655352020-06-13T16:09:39ZTracAllow port 65535Port 65535 is a valid port among the tor code base. In fact, in_port_t
type will guarantee a valid port number. The only special value is "0",
so drop the 65535 check completely.
**Trac**:
**Username**: junglefowlPort 65535 is a valid port among the tor code base. In fact, in_port_t
type will guarantee a valid port number. The only special value is "0",
so drop the 65535 check completely.
**Trac**:
**Username**: junglefowlDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/8038Allow torsocks to interact with TBB in a useful way2020-06-13T16:09:00ZMatthew FinkelAllow torsocks to interact with TBB in a useful wayTBB will select a random SOCKS port, torsocks should provide a way to find/be given this port number. Asking users to retrieve it from Data/Tor/port.conf and modify torsocks.conf is nonobvious.TBB will select a random SOCKS port, torsocks should provide a way to find/be given this port number. Asking users to retrieve it from Data/Tor/port.conf and modify torsocks.conf is nonobvious.https://gitlab.torproject.org/legacy/trac/-/issues/23667Always send ATYP 0x03 (domain name) with a plain IP address2020-06-13T16:09:48ZDavid Gouletdgoulet@torproject.orgAlways send ATYP 0x03 (domain name) with a plain IP addressNoticed with #22461, torsocks should always send a DOMAIN NAME type for the SOCKS5 request if it gets a plain IP address so tor doesn't warn on the control port and SafeSocks to deny the request.Noticed with #22461, torsocks should always send a DOMAIN NAME type for the SOCKS5 request if it gets a plain IP address so tor doesn't warn on the control port and SafeSocks to deny the request.David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/3711Application support for optimistic data: Torsocks2020-06-13T16:08:56ZNick MathewsonApplication support for optimistic data: TorsocksNow that Tor (as of 0.2.3.x) supports optimistic data, we should try to get torsocks to support it.
This won't be totally trivial, since we'll need to tell the application "yes, it connected" early, and then give an error if the connect...Now that Tor (as of 0.2.3.x) supports optimistic data, we should try to get torsocks to support it.
This won't be totally trivial, since we'll need to tell the application "yes, it connected" early, and then give an error if the connection actually happens. (Perhaps we can get away with doing an early shutdown() on the connection so that reads and writes fail, but the fd lingers. If not, we'll have to intercept read, write, pread, pwrite, writev, select, etc, so that we can give an error if needed.)
There was some discussion of this in the comments of #1849.Matthew FinkelMatthew Finkelhttps://gitlab.torproject.org/legacy/trac/-/issues/16308Attempts to resolve local hostname using tor2020-06-13T16:09:32ZTracAttempts to resolve local hostname using torWhen using torsocks 2.1.0 built from tarball, torsocks attempts to resolve the local machine's hostname using tor.
To reproduce: clone a git repository using torsocks
Result: clone is successful, but produces an error in torsocks after...When using torsocks 2.1.0 built from tarball, torsocks attempts to resolve the local machine's hostname using tor.
To reproduce: clone a git repository using torsocks
Result: clone is successful, but produces an error in torsocks after an attempt to resolve the machine's hostname:42 using tor.
`ERROR torsocks[pid]: Unable to resolve. Status reply: 4 (in socks5_recv_resolve_reply() at socks5.c:666)`
**Trac**:
**Username**: leeroyDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/28539Build breaks on FreeBSD: undefined reference to `handle_mmap'2020-06-13T16:10:00Zyurivict271Build breaks on FreeBSD: undefined reference to `handle_mmap'In version 2.3.0:
```
../../src/lib/.libs/libtorsocks.so: undefined reference to `handle_mmap'
cc: error: linker command failed with exit code 1 (use -v to see invocation)
gmake[4]: *** [Makefile:623: test_socks5] Error 1
gmake[4]: *** ...In version 2.3.0:
```
../../src/lib/.libs/libtorsocks.so: undefined reference to `handle_mmap'
cc: error: linker command failed with exit code 1 (use -v to see invocation)
gmake[4]: *** [Makefile:623: test_socks5] Error 1
gmake[4]: *** Waiting for unfinished jobs....
libtool: link: cc -I../../include -I../../src -I../../tests/utils/ -I. -I../../src/lib -DTORSOCKS_FIXTURE_PATH=\"/usr/ports/net/torsocks/work/torsocks-2.3.0/tests/unit/fixtures/\" -O2 -pipe -fno-omit-frame-pointer -fstack-protector -fno-strict-aliasing -Wall -fPIE -fwrapv --param ssp-buffer-size=1 -fstack-protector-all -fstack-protector -pie -z relro -z now -o .libs/test_compat test_compat.o ../../tests/utils/tap/.libs/libtap.a ../../src/common/.libs/libcommon.a ../../src/lib/.libs/libtorsocks.so -Wl,-rpath -Wl,/usr/local/lib/torsocks
../../src/lib/.libs/libtorsocks.so: undefined reference to `handle_mmap'
```David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/32491Build fails with uClibc (and maybe some other non-standard libc's) sometimes2020-06-13T16:10:08ZTracBuild fails with uClibc (and maybe some other non-standard libc's) sometimesIn torsocks' configure.ac, libc_name is determined by means of ldd /usr/bin/yes which is then grepped for libc.
On a uClibc system I use, ldd /usr/bin/yes yields two entries, namely
libc.so.0 => ...
ld64-uClibc.so.0 => ...
The resulti...In torsocks' configure.ac, libc_name is determined by means of ldd /usr/bin/yes which is then grepped for libc.
On a uClibc system I use, ldd /usr/bin/yes yields two entries, namely
libc.so.0 => ...
ld64-uClibc.so.0 => ...
The resulting string begins with quotation mark, ends with quotation mark and contains newline character.
At some point during the configuration process (I have not figured out when exactly), the aforementioned string is trimmed erroneously. In my case, the first line is left out and the second one is discarded. The remaining chunk, with the opening quotation mark but without the closing one, ends up in another configuration file, producing a line like
SOME_VARIABLE="libc.so.0
without the closing quotation mark. Build cannot proceed from there.
The libc determination process thus needs to be improved.
My hotfix was to change
grep 'libc\.'
to
grep '\slibc\.'
but I can't suggest the proper solution as I'm not experienced with shell scripts. I will perform a test if provided with (a link to) a relevant standalone patch for torsocks-2.2.0 or torsocks-2.3.0.
**Trac**:
**Username**: akaterhttps://gitlab.torproject.org/legacy/trac/-/issues/8597Catch res_n* functions on systems that support them2020-06-13T16:09:11ZMatthew FinkelCatch res_n* functions on systems that support themWe should overload the res_n* functions on systems that support them. Currently we catch res_query and it's family, but not the newer res_n* set. They've been around for a while now, there are likely programs that could be trying to perf...We should overload the res_n* functions on systems that support them. Currently we catch res_query and it's family, but not the newer res_n* set. They've been around for a while now, there are likely programs that could be trying to perform dns resolution using udp and failing.Matthew FinkelMatthew Finkelhttps://gitlab.torproject.org/legacy/trac/-/issues/11724Check recvmmsg() FD passing on Unix socket for TCP socket2020-06-13T16:09:18ZDavid Gouletdgoulet@torproject.orgCheck recvmmsg() FD passing on Unix socket for TCP socketrecvmsg() is supported as of now. A full exit should be done here because Torsocks can't handle this inet socket with Tor.recvmsg() is supported as of now. A full exit should be done here because Torsocks can't handle this inet socket with Tor.https://gitlab.torproject.org/legacy/trac/-/issues/11726choosing ip / port by command line2020-06-13T16:09:19ZDavid Gouletdgoulet@torproject.orgchoosing ip / port by command lineIt would be great if users could choose ip / port using the command line for easier stream isolation.
Note that for that -u/-p is available on the command line for stream isolation with SOCKS5 authentication method.It would be great if users could choose ip / port using the command line for easier stream isolation.
Note that for that -u/-p is available on the command line for stream isolation with SOCKS5 authentication method.David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/10007Code review of torsocks 2.x2020-06-13T16:09:14ZDavid Gouletdgoulet@torproject.orgCode review of torsocks 2.xCode review by the Torproject of the new torsocks version created to replace the current 1.3 version.
Code: https://github.com/dgoulet/torsocks
History and Why?: https://lists.torproject.org/pipermail/tor-dev/2013-June/004959.html
Aug...Code review by the Torproject of the new torsocks version created to replace the current 1.3 version.
Code: https://github.com/dgoulet/torsocks
History and Why?: https://lists.torproject.org/pipermail/tor-dev/2013-June/004959.html
August 24th, RC 1: https://lists.torproject.org/pipermail/tor-dev/2013-August/005319.html
Sept 2th, RC 2: https://lists.torproject.org/pipermail/tor-dev/2013-September/005359.html
Right now, the code is ready for review and still in release candidate until people are comfortable for a stable version to ideally be packaged and distributed.Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/11810Connection through torsocks(1) impossible2020-06-13T16:09:20ZTracConnection through torsocks(1) impossibleAfter installing the recent Ubuntu 14.04 AMD64 desktop release (LTS) I went about testing tor(1) and torsocks(1) and saw this:
WITHOUT TOR
$svn co http://svn.apache.org/repos/asf/subversion/trunk subversion
A subversion/notes
A s...After installing the recent Ubuntu 14.04 AMD64 desktop release (LTS) I went about testing tor(1) and torsocks(1) and saw this:
WITHOUT TOR
$svn co http://svn.apache.org/repos/asf/subversion/trunk subversion
A subversion/notes
A subversion/notes/commit-access-templates
A subversion/notes/api-errata
A subversion/notes/api-errata/1.7
A subversion/notes/api-errata/1.8
[...]
WITH TOR
$torsocks svn co http://svn.apache.org/repos/asf/subversion/trunk subversion
svn: E120108: Unable to connect to a repository at URL 'http://svn.apache.org/repos/asf/subversion/trunk'
svn: E120108: Error running context: The server unexpectedly closed the connection.
Since the OS installation is brand new and plain vanilla (no network bridges, VPNs, custom routing, or even a single service configured except for Tor) it seems a problem lies in the Tor software (either the service itself or the Socks wrapper.)
IMPORTANT CLUE
The svn(1) symptom above does not appear when replacing with git(1).
DIAGNOSIS
Running commands through torsocks(1) showing the symptom while inspecting with strace(1) reveals typical socket(2), fcntl(2), fstat(2), setsockopt(2), getpeername(2), and connect(2) to a tor(1) service running on localhost:9050 as usual. What might be atypical is that ENOTCONN and EINPROGRESS are returned in the way indicated by bug #8066 [1]. A late comment in #8066 refers in turn to #3711 [2], which are both leads.
[1] https://trac.torproject.org/projects/tor/ticket/8066/
[2] https://trac.torproject.org/projects/tor/ticket/3711/
LINUX DISTROS
Due to time constraints, I wasn't able to build tor(1) and torsocks(1) from source (at git.torproject.org) so there's a small chance that the bug has been fixed although no bug report exists to support this theory. It doesn't solve the problem of integrating whichever solution exists into leading Linux distributions however, which are still bundling the flawed version.
**Trac**:
**Username**: michaelDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/6542curl 7.27.0 doesn't work with torsocks2020-06-13T16:08:58Zcypherpunkscurl 7.27.0 doesn't work with torsocksAfter upgrading curl to version 7.27.0, various programs that depend on libcurl (including curl itself) no longer work with torsocks.
All requests are replied to with the "501 Tor is not an HTTP proxy" message. Curiously, the first two ...After upgrading curl to version 7.27.0, various programs that depend on libcurl (including curl itself) no longer work with torsocks.
All requests are replied to with the "501 Tor is not an HTTP proxy" message. Curiously, the first two bytes of the response are 0x05 0x00 as you would expect from a valid SOCKS5 reply.
Perhaps there's some poor buffer management lurking around.
Thanks.
Software versions:
Linux 3.4.7-1-ARCH i686
curl 7.27.0
torsocks 1.2
tor 0.2.2.37David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/8316cvs via torsocks causes a segfault in libtorsocks.so2020-06-13T16:09:08Zintrigericvs via torsocks causes a segfault in libtorsocks.soTrying to run cvs via torsocks causes a segfault in libtorsocks.so.
Reproduced with Debian's torsocks 1.2-3 and 1.3-1 this way:
`torsocks cvs -d :pserver:anonymous@anonscm.debian.org:/cvs/webwml checkout webwml/english/doc`.
More infor...Trying to run cvs via torsocks causes a segfault in libtorsocks.so.
Reproduced with Debian's torsocks 1.2-3 and 1.3-1 this way:
`torsocks cvs -d :pserver:anonymous@anonscm.debian.org:/cvs/webwml checkout webwml/english/doc`.
More information, including a backtrace, can be found on the original bug report: http://bugs.debian.org/684580Jacob AppelbaumJacob Appelbaumhttps://gitlab.torproject.org/legacy/trac/-/issues/14210Enhance torsocks with ControlPort GETINFO communication skills and additional...2020-06-13T16:09:26ZTracEnhance torsocks with ControlPort GETINFO communication skills and additional Socks* optionsUse ControlPort access in Torsocks to GETINFO and attempt preferred transports first. This includes the #12585 SocksSocket and #14209 SocksNamedPipe communication paths to Tor process.
**Trac**:
**Username**: anonUse ControlPort access in Torsocks to GETINFO and attempt preferred transports first. This includes the #12585 SocksSocket and #14209 SocksNamedPipe communication paths to Tor process.
**Trac**:
**Username**: anonDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/32599ERROR: ld.so: object '/usr/lib/torsocks/libtorsocks.so' from LD_PRELOAD canno...2020-06-13T16:10:09ZTracERROR: ld.so: object '/usr/lib/torsocks/libtorsocks.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.When I run the command torsocks playonlinux, playonlinux open successfully, but when I open a game in playonlinux I get these error messages :
"ERROR: ld.so: object '/usr/lib/torsocks/libtorsocks.so' from LD_PRELOAD cannot be preloaded (...When I run the command torsocks playonlinux, playonlinux open successfully, but when I open a game in playonlinux I get these error messages :
"ERROR: ld.so: object '/usr/lib/torsocks/libtorsocks.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.
ERROR: ld.so: object '/usr/lib/torsocks/libtorsocks.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.
1574671114 WARNING torsocks[2613]: [syscall] Unsupported syscall number 158. Denying the call (in tsocks_syscall() at syscall.c:568)
1574671122 WARNING torsocks[2626]: [syscall] Unsupported syscall number 158. Denying the call (in tsocks_syscall() at syscall.c:568)
ERROR: ld.so: object '/usr/lib/torsocks/libtorsocks.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.
1574671129 WARNING torsocks[2611]: [syscall] Unsupported syscall number 234. Denying the call (in tsocks_syscall() at syscall.c:568)
1574671129 WARNING torsocks[2611]: [syscall] Unsupported syscall number 200. Denying the call (in tsocks_syscall() at syscall.c:568)"
**Trac**:
**Username**: avasvasafwfhttps://gitlab.torproject.org/legacy/trac/-/issues/26831Feature: conditionally allow non-localhost inbound connections with command-l...2020-06-13T16:09:58ZTracFeature: conditionally allow non-localhost inbound connections with command-line flagI am able to run ZNC without torsocks. Here's my attempt to proxy ZNC via torsocks:
```
foo@foo:~$ torsocks -d znc
1531790543 DEBUG torsocks[2727]: Logging subsytem initialized. Level 5, file (null), time 1 (in init_logging() at torsocks...I am able to run ZNC without torsocks. Here's my attempt to proxy ZNC via torsocks:
```
foo@foo:~$ torsocks -d znc
1531790543 DEBUG torsocks[2727]: Logging subsytem initialized. Level 5, file (null), time 1 (in init_logging() at torsocks.c:303)
1531790543 DEBUG torsocks[2727]: Config file not provided by TORSOCKS_CONF_FILE. Using default /etc/tor/torsocks.conf (in config_file_read() at config-file.c:543)
1531790543 DEBUG torsocks[2727]: Config file setting tor address to 127.0.0.1 (in conf_file_set_tor_address() at config-file.c:298)
1531790543 DEBUG torsocks[2727]: Config file setting tor port to 9050 (in conf_file_set_tor_port() at config-file.c:254)
1531790543 DEBUG torsocks[2727]: [config] Onion address range set to 127.42.42.0/24 (in set_onion_info() at config-file.c:108)
1531790543 DEBUG torsocks[2727]: Config file /etc/tor/torsocks.conf opened and parsed. (in config_file_read() at config-file.c:572)
1531790543 DEBUG torsocks[2727]: [fclose] Close caught for fd 3 (in tsocks_fclose() at fclose.c:45)
1531790543 DEBUG torsocks[2727]: [onion] Pool init with subnet 127.42.42.0 and mask 24 (in onion_pool_init() at onion.c:104)
1531790543 DEBUG torsocks[2727]: [onion] Pool initialized with base 0, max_pos 255 and size 8 (in onion_pool_init() at onion.c:132)
1531790543 DEBUG torsocks[2727]: [fclose] Close caught for fd 5 (in tsocks_fclose() at fclose.c:45)
[ .. ] Checking for list of available modules...
[ >> ] ok
[ .. ] Opening config [/home/foo/.znc/configs/znc.conf]...
[ >> ] ok
[ .. ] Loading global module [webadmin]...
[ >> ] [/usr/lib/znc/webadmin.so]
[ .. ] Binding to port [+21212]...
1531790543 DEBUG torsocks[2727]: [socket] Creating socket with domain 10, type 1 and protocol 6 (in tsocks_socket() at socket.c:33)
1531790543 DEBUG torsocks[2727]: [listen] Non localhost inbound connection are not allowed. (in tsocks_listen() at listen.c:64)
1531790543 DEBUG torsocks[2727]: [close] Close caught for fd 6 (in tsocks_close() at close.c:33)
[ !! ] Unable to bind [Operation not permitted]
[ ** ] Unrecoverable config error.
1531790543 DEBUG torsocks[2727]: [close] Close caught for fd 5 (in tsocks_close() at close.c:33)
1531790543 DEBUG torsocks[2727]: [onion] Destroying onion pool containing 0 entry (in onion_pool_destroy() at onion.c:148)
1531790543 DEBUG torsocks[2727]: [fclose] Close caught for fd 2 (in tsocks_fclose() at fclose.c:45)
foo@foo:~$
```
**Trac**:
**Username**: dbkaplun