Loading changes/bug12585 +5 −2 Original line number Diff line number Diff line o Major features (security) - Implementation of SocksSocket option - SocksSocket implements a SOCKS - Implementation of an AF_UNIX socket option to implement a SOCKS proxy reachable by Unix Domain Socket. This allows client applications to communicate with Tor without having the ability to create AF_INET or AF_INET6 family sockets. If an application has permission to create a socket with AF_UNIX, it may directly communicate with Tor as if it were an other SOCKS proxy. This should allow high risk applications to be entirely prevented from connecting directly with TCP/IP, they will be able to only connect to the internet through AF_UNIX and only through Tor. Closes ticket 12585. internet through AF_UNIX and only through Tor. To create a socket of this type, use the syntax "unix:/path/to/socket". Closes ticket 12585. doc/tor.1.txt +0 −4 Original line number Diff line number Diff line Loading @@ -483,10 +483,6 @@ GENERAL OPTIONS in accordance to RFC 1929. Both username and password must be between 1 and 255 characters. [[SocksSocket]] **SocksSocket** __Path__ [_flags_] [_isolation flags_]:: Like SocksPort, but listens on a Unix domain socket, rather than a TCP socket. '0' disables SocksSocket (Unix and Unix-like systems only.) [[SocksSocketsGroupWritable]] **SocksSocketsGroupWritable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read and write unix sockets (e.g. SocksSocket). If the option is set to 1, make Loading src/or/config.c +9 −25 Original line number Diff line number Diff line Loading @@ -69,7 +69,7 @@ extern int quiet_level; /* Prefix used to indicate a Unix socket in a FooPort configuration. */ static const char *unix_socket_prefix = "unix:"; static const char unix_socket_prefix[] = "unix:"; /** A list of abbreviations and aliases to map command-line options, obsolete * option names, or alternative option names, to their current values. */ Loading Loading @@ -203,7 +203,6 @@ static config_var_t option_vars_[] = { V(ControlPortWriteToFile, FILENAME, NULL), V(ControlSocket, LINELIST, NULL), V(ControlSocketsGroupWritable, BOOL, "0"), V(SocksSocket, LINELIST, NULL), V(SocksSocketsGroupWritable, BOOL, "0"), V(CookieAuthentication, BOOL, "0"), V(CookieAuthFileGroupReadable, BOOL, "0"), Loading Loading @@ -1053,20 +1052,6 @@ options_act_reversible(const or_options_t *old_options, char **msg) } #endif #ifndef HAVE_SYS_UN_H if (options->SocksSocket || options->SocksSocketsGroupWritable) { *msg = tor_strdup("Unix domain sockets (SocksSocket) not supported " "on this OS/with this build."); goto rollback; } #else if (options->SocksSocketsGroupWritable && !options->SocksSocket) { *msg = tor_strdup("Setting SocksSocketGroupWritable without setting" "a SocksSocket makes no sense."); goto rollback; } #endif if (running_tor) { int n_ports=0; /* We need to set the connection limit before we can open the listeners. */ Loading Loading @@ -5656,6 +5641,14 @@ config_parse_unix_port(const char *addrport, char **path_out) int config_parse_unix_port(const char *addrport, char **path_out) { tor_assert(path_out); tor_assert(addrport); if (strcmpstart(addrport, unix_socket_prefix)) { /* Not a Unix socket path. */ return -ENOENT; } log_warn(LD_CONFIG, "Port configuration %s is for an AF_UNIX socket, but we have no" "support available on this platform", Loading Loading @@ -6218,13 +6211,6 @@ parse_ports(or_options_t *options, int validate_only, *msg = tor_strdup("Invalid ControlSocket configuration"); goto err; } if (parse_port_config(ports, options->SocksSocket, NULL, "SocksSocket", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_IS_UNIXSOCKET) < 0) { *msg = tor_strdup("Invalid SocksSocket configuration"); goto err; } } if (! options->ClientOnly) { if (parse_port_config(ports, Loading Loading @@ -6268,8 +6254,6 @@ parse_ports(or_options_t *options, int validate_only, !! count_real_listeners(ports, CONN_TYPE_OR_LISTENER); options->SocksPort_set = !! count_real_listeners(ports, CONN_TYPE_AP_LISTENER); options->SocksSocket_set = !! count_real_listeners(ports, CONN_TYPE_AP_LISTENER); options->TransPort_set = !! count_real_listeners(ports, CONN_TYPE_AP_TRANS_LISTENER); options->NATDPort_set = Loading src/or/connection.c +1 −1 Original line number Diff line number Diff line Loading @@ -1496,7 +1496,7 @@ connection_handle_listener_read(connection_t *conn, int new_type) if (new_type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) { newconn->port = 0; newconn->address = tor_strdup(conn->address); log_info(LD_NET, "New SOCKS SocksSocket connection opened"); log_info(LD_NET, "New SOCKS AF_UNIX connection opened"); } if (new_type == CONN_TYPE_CONTROL) { log_notice(LD_CONTROL, "New control connection opened from %s.", Loading src/or/or.h +0 −4 Original line number Diff line number Diff line Loading @@ -3463,9 +3463,6 @@ typedef struct { * for control connections. */ int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */ config_line_t *SocksSocket; /**< List of Unix Domain Sockets to listen on * for SOCKS connections. */ int SocksSocketsGroupWritable; /**< Boolean: Are SOCKS sockets g+rw? */ /** Ports to listen on for directory connections. */ config_line_t *DirPort_lines; Loading @@ -3489,7 +3486,6 @@ typedef struct { */ unsigned int ORPort_set : 1; unsigned int SocksPort_set : 1; unsigned int SocksSocket_set : 1; unsigned int TransPort_set : 1; unsigned int NATDPort_set : 1; unsigned int ControlPort_set : 1; Loading Loading
changes/bug12585 +5 −2 Original line number Diff line number Diff line o Major features (security) - Implementation of SocksSocket option - SocksSocket implements a SOCKS - Implementation of an AF_UNIX socket option to implement a SOCKS proxy reachable by Unix Domain Socket. This allows client applications to communicate with Tor without having the ability to create AF_INET or AF_INET6 family sockets. If an application has permission to create a socket with AF_UNIX, it may directly communicate with Tor as if it were an other SOCKS proxy. This should allow high risk applications to be entirely prevented from connecting directly with TCP/IP, they will be able to only connect to the internet through AF_UNIX and only through Tor. Closes ticket 12585. internet through AF_UNIX and only through Tor. To create a socket of this type, use the syntax "unix:/path/to/socket". Closes ticket 12585.
doc/tor.1.txt +0 −4 Original line number Diff line number Diff line Loading @@ -483,10 +483,6 @@ GENERAL OPTIONS in accordance to RFC 1929. Both username and password must be between 1 and 255 characters. [[SocksSocket]] **SocksSocket** __Path__ [_flags_] [_isolation flags_]:: Like SocksPort, but listens on a Unix domain socket, rather than a TCP socket. '0' disables SocksSocket (Unix and Unix-like systems only.) [[SocksSocketsGroupWritable]] **SocksSocketsGroupWritable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read and write unix sockets (e.g. SocksSocket). If the option is set to 1, make Loading
src/or/config.c +9 −25 Original line number Diff line number Diff line Loading @@ -69,7 +69,7 @@ extern int quiet_level; /* Prefix used to indicate a Unix socket in a FooPort configuration. */ static const char *unix_socket_prefix = "unix:"; static const char unix_socket_prefix[] = "unix:"; /** A list of abbreviations and aliases to map command-line options, obsolete * option names, or alternative option names, to their current values. */ Loading Loading @@ -203,7 +203,6 @@ static config_var_t option_vars_[] = { V(ControlPortWriteToFile, FILENAME, NULL), V(ControlSocket, LINELIST, NULL), V(ControlSocketsGroupWritable, BOOL, "0"), V(SocksSocket, LINELIST, NULL), V(SocksSocketsGroupWritable, BOOL, "0"), V(CookieAuthentication, BOOL, "0"), V(CookieAuthFileGroupReadable, BOOL, "0"), Loading Loading @@ -1053,20 +1052,6 @@ options_act_reversible(const or_options_t *old_options, char **msg) } #endif #ifndef HAVE_SYS_UN_H if (options->SocksSocket || options->SocksSocketsGroupWritable) { *msg = tor_strdup("Unix domain sockets (SocksSocket) not supported " "on this OS/with this build."); goto rollback; } #else if (options->SocksSocketsGroupWritable && !options->SocksSocket) { *msg = tor_strdup("Setting SocksSocketGroupWritable without setting" "a SocksSocket makes no sense."); goto rollback; } #endif if (running_tor) { int n_ports=0; /* We need to set the connection limit before we can open the listeners. */ Loading Loading @@ -5656,6 +5641,14 @@ config_parse_unix_port(const char *addrport, char **path_out) int config_parse_unix_port(const char *addrport, char **path_out) { tor_assert(path_out); tor_assert(addrport); if (strcmpstart(addrport, unix_socket_prefix)) { /* Not a Unix socket path. */ return -ENOENT; } log_warn(LD_CONFIG, "Port configuration %s is for an AF_UNIX socket, but we have no" "support available on this platform", Loading Loading @@ -6218,13 +6211,6 @@ parse_ports(or_options_t *options, int validate_only, *msg = tor_strdup("Invalid ControlSocket configuration"); goto err; } if (parse_port_config(ports, options->SocksSocket, NULL, "SocksSocket", CONN_TYPE_AP_LISTENER, NULL, 0, CL_PORT_IS_UNIXSOCKET) < 0) { *msg = tor_strdup("Invalid SocksSocket configuration"); goto err; } } if (! options->ClientOnly) { if (parse_port_config(ports, Loading Loading @@ -6268,8 +6254,6 @@ parse_ports(or_options_t *options, int validate_only, !! count_real_listeners(ports, CONN_TYPE_OR_LISTENER); options->SocksPort_set = !! count_real_listeners(ports, CONN_TYPE_AP_LISTENER); options->SocksSocket_set = !! count_real_listeners(ports, CONN_TYPE_AP_LISTENER); options->TransPort_set = !! count_real_listeners(ports, CONN_TYPE_AP_TRANS_LISTENER); options->NATDPort_set = Loading
src/or/connection.c +1 −1 Original line number Diff line number Diff line Loading @@ -1496,7 +1496,7 @@ connection_handle_listener_read(connection_t *conn, int new_type) if (new_type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) { newconn->port = 0; newconn->address = tor_strdup(conn->address); log_info(LD_NET, "New SOCKS SocksSocket connection opened"); log_info(LD_NET, "New SOCKS AF_UNIX connection opened"); } if (new_type == CONN_TYPE_CONTROL) { log_notice(LD_CONTROL, "New control connection opened from %s.", Loading
src/or/or.h +0 −4 Original line number Diff line number Diff line Loading @@ -3463,9 +3463,6 @@ typedef struct { * for control connections. */ int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */ config_line_t *SocksSocket; /**< List of Unix Domain Sockets to listen on * for SOCKS connections. */ int SocksSocketsGroupWritable; /**< Boolean: Are SOCKS sockets g+rw? */ /** Ports to listen on for directory connections. */ config_line_t *DirPort_lines; Loading @@ -3489,7 +3486,6 @@ typedef struct { */ unsigned int ORPort_set : 1; unsigned int SocksPort_set : 1; unsigned int SocksSocket_set : 1; unsigned int TransPort_set : 1; unsigned int NATDPort_set : 1; unsigned int ControlPort_set : 1; Loading
