tor-commits October 2011

tor-commits@lists.torproject.org

18 participants
1256 discussions

[torbrowser/master] add preliminary linux makefile changes for the real alpha tor browser bundle
by erinn＠torproject.org 23 Oct '11

23 Oct '11

commit 82ef40620dcbe7c591866ddd5433373832bb1412 Author: Erinn Clark <erinn(a)torproject.org> Date: Thu Jan 20 05:18:38 2011 +0100 add preliminary linux makefile changes for the real alpha tor browser bundle --- build-scripts/linux.mk | 78 +++++++++++++++++++------------------ src/RelativeLink/RelativeLink.sh | 2 +- 2 files changed, 41 insertions(+), 39 deletions(-) diff --git a/build-scripts/linux.mk b/build-scripts/linux.mk index e1b2e8e..5a4b2e6 100644 --- a/build-scripts/linux.mk +++ b/build-scripts/linux.mk @@ -35,26 +35,26 @@ ARCH_TYPE=$(shell uname -m) ## Location of directory for source unpacking -FETCH_DIR=/build +FETCH_DIR=$(HOME)/build-alpha ## Location of directory for prefix/destdir/compiles/etc BUILT_DIR=$(FETCH_DIR)/built TBB_FINAL=$(BUILT_DIR)/TBBL ## Versions for our source packages HTTPSEVERY_VER=0.9.9.development.2 -FIREFOX_VER=3.6.13 -LIBEVENT_VER=1.4.13-stable -LIBPNG_VER=1.4.3 +FIREFOX_VER=4.0b8 +LIBEVENT_VER=2.0.10-stable +LIBPNG_VER=1.5.1beta01 NOSCRIPT_VER=2.0.7 -OPENSSL_VER=0.9.8p +OPENSSL_VER=1.0.0c OTR_VER=3.2.0 PIDGIN_VER=2.6.4 POLIPO_VER=1.0.4.1 -QT_VER=4.6.2 -TOR_VER=0.2.2.20-alpha -TORBUTTON_VER=1.2.5 +QT_VER=4.7.1 +TOR_VER=0.2.3.0-alpha +TORBUTTON_VER=1.3.1-alpha VIDALIA_VER=0.2.10 -ZLIB_VER=1.2.3 +ZLIB_VER=1.2.5 ## Extension IDs FF_VENDOR_ID:=\{ec8030f7-c20a-464f-9b0e-13a3a9e97384\} @@ -78,10 +78,10 @@ LIBPNG_URL=http://download.sourceforge.net/libpng/$(LIBPNG_PACKAGE).tar.gz OPENSSL_URL=https://www.openssl.org/source/$(OPENSSL_PACKAGE) PIDGIN_URL=http://sourceforge.net/projects/pidgin/files/Pidgin/$(PIDGIN_PAC… POLIPO_URL=http://freehaven.net/~chrisd/polipo/$(POLIPO_PACKAGE) -QT_URL=ftp://ftp.qt.nokia.com/qt/source/$(QT_PACKAGE) +QT_URL=http://get.qt.nokia.com/qt/source/$(QT_PACKAGE) TOR_URL=https://www.torproject.org/dist/$(TOR_PACKAGE) VIDALIA_URL=https://www.torproject.org/vidalia/dist/$(VIDALIA_PACKAGE) -ZLIB_URL=http://www.gzip.org/zlib/$(ZLIB_PACKAGE) +ZLIB_URL=http://www.zlib.net/$(ZLIB_PACKAGE) fetch-source: -mkdir $(FETCH_DIR) @@ -116,12 +116,11 @@ build-zlib: cd $(ZLIB_DIR) && make install OPENSSL_DIR=$(FETCH_DIR)/openssl-$(OPENSSL_VER) -OPENSSL_OPTS=-no-idea -no-rc5 -no-md2 shared zlib --prefix=$(BUILT_DIR) --openssldir=$(BUILT_DIR) -I$(BUILT_DIR)/include -L$(BUILT_DIR)/lib -CFLAGS=-Wa, --noexecstack +OPENSSL_OPTS=-no-idea -no-rc5 -no-md2 shared zlib -Wa,--noexecstack --prefix=$(BUILT_DIR) --openssldir=$(BUILT_DIR) -I$(BUILT_DIR)/include -L$(BUILT_DIR)/lib build-openssl: - cd $(OPENSSL_DIR) && CFLAGS=-Wa,--noexecstack ./config $(OPENSSL_OPTS) - cd $(OPENSSL_DIR) && CFLAGS=-Wa,--noexecstack make depend - cd $(OPENSSL_DIR) && CFLAGS=-Wa,--noexecstack make + cd $(OPENSSL_DIR) && ./config $(OPENSSL_OPTS) + cd $(OPENSSL_DIR) && make depend + cd $(OPENSSL_DIR) && make cd $(OPENSSL_DIR) && make install QT_DIR=$(FETCH_DIR)/qt-everywhere-opensource-src-$(QT_VER) @@ -132,8 +131,8 @@ build-qt: cd $(QT_DIR) && make cd $(QT_DIR) && make install -VIDALIA_DIR=$(FETCH_DIR)/vidalia-$(VIDALIA_VER) -VIDALIA_OPTS=-DOPENSSL_LIBRARY_DIR=$(BUILT_DIR)/lib -DCMAKE_BUILD_TYPE=debug -DQT_QMAKE_EXECUTABLE=$(BUILT_DIR)/bin/qmake .. +VIDALIA_DIR=$(FETCH_DIR)/vidalia.trunk +VIDALIA_OPTS=-DCMAKE_BUILD_TYPE=debug -DQT_QMAKE_EXECUTABLE=$(BUILT_DIR)/bin/qmake .. build-vidalia: -mkdir $(VIDALIA_DIR)/build cd $(VIDALIA_DIR)/build && cmake $(VIDALIA_OPTS) && make @@ -153,9 +152,10 @@ build-libpng: cd $(LIBPNG_DIR) && make cd $(LIBPNG_DIR) && make install -TOR_DIR=$(FETCH_DIR)/tor-$(TOR_VER) +TOR_DIR=$(FETCH_DIR)/tor.git TOR_OPTS=--with-openssl-dir=$(BUILT_DIR) --with-zlib-dir=$(BUILT_DIR) --with-libevent-dir=$(BUILT_DIR)/lib --prefix=$(BUILT_DIR) build-tor: + cd $(TOR_DIR) && ./autogen.sh cd $(TOR_DIR) && ./configure $(TOR_OPTS) cd $(TOR_DIR) && make -j2 cd $(TOR_DIR) && make install @@ -175,7 +175,7 @@ build-firefox: # XXX: add directions ASAP # source-dance unpack-source -build-all-binaries: build-zlib build-openssl build-libpng build-qt build-vidalia build-libevent build-tor build-polipo +build-all-binaries: source-dance build-zlib build-openssl build-libpng build-qt build-vidalia build-libevent build-tor build-polipo echo "If we're here, we've done something right." ## Location of compiled libraries @@ -230,7 +230,7 @@ COMPRESSED_NAME=$(DEFAULT_COMPRESSED_NAME) endif ## Extensions to install by default -DEFAULT_EXTENSIONS=torbutton.xpi noscript.xpi httpseverywhere.xpi +DEFAULT_EXTENSIONS=torbutton.xpi httpseverywhere.xpi ## Where to download Torbutton from TORBUTTON=https://www.torproject.org/torbutton/releases/torbutton-$(TORBUTT… @@ -325,20 +325,20 @@ directory-structure: ## Firefox and Pidgin are installed in their own targets install-binaries: # A minimal set of Qt libs and the proper symlinks - cp -d $(QT)/libQtCore.so $(QT)/libQtCore.so.4 $(QT)/libQtCore.so.4.6 $(QT)/libQtCore.so.4.6.2 $(LIBSDIR) - cp -d $(QT)/libQtGui.so $(QT)/libQtGui.so.4 $(QT)/libQtGui.so.4.6 $(QT)/libQtGui.so.4.6.2 $(LIBSDIR) - cp -d $(QT)/libQtNetwork.so $(QT)/libQtNetwork.so.4 $(QT)/libQtNetwork.so.4.6 \ - $(QT)/libQtNetwork.so.4.6.2 $(LIBSDIR) - cp -d $(QT)/libQtXml.so $(QT)/libQtXml.so.4 $(QT)/libQtXml.so.4.6 $(QT)/libQtXml.so.4.6.2 $(LIBSDIR) + cp -d $(QT)/libQtCore.so $(QT)/libQtCore.so.4 $(QT)/libQtCore.so.4.7 $(QT)/libQtCore.so.4.7.1 $(LIBSDIR) + cp -d $(QT)/libQtGui.so $(QT)/libQtGui.so.4 $(QT)/libQtGui.so.4.7 $(QT)/libQtGui.so.4.7.1 $(LIBSDIR) + cp -d $(QT)/libQtNetwork.so $(QT)/libQtNetwork.so.4 $(QT)/libQtNetwork.so.4.7 \ + $(QT)/libQtNetwork.so.4.7.1 $(LIBSDIR) + cp -d $(QT)/libQtXml.so $(QT)/libQtXml.so.4 $(QT)/libQtXml.so.4.7 $(QT)/libQtXml.so.4.7.1 $(LIBSDIR) # zlib - cp -d $(ZLIB)/libz.so $(ZLIB)/libz.so.1 $(ZLIB)/libz.so.1.2.3 $(LIBSDIR)/libz + cp -d $(ZLIB)/libz.so $(ZLIB)/libz.so.1 $(ZLIB)/libz.so.1.2.5 $(LIBSDIR)/libz # Libevent - cp -d $(LIBEVENT)/libevent-1.4.so.2 $(LIBEVENT)/libevent-1.4.so.2.1.3 $(LIBEVENT)/libevent_core.so \ - $(LIBEVENT)/libevent_core-1.4.so.2 $(LIBEVENT)/libevent_core-1.4.so.2.1.3 \ - $(LIBEVENT)/libevent_extra-1.4.so.2 $(LIBEVENT)/libevent_extra-1.4.so.2.1.3 \ + cp -d $(LIBEVENT)/libevent-2.0.so.5 $(LIBEVENT)/libevent-2.0.so.5.0.1 $(LIBEVENT)/libevent_core.so \ + $(LIBEVENT)/libevent_core-2.0.so.5 $(LIBEVENT)/libevent_core-2.0.so.5.0.1 \ + $(LIBEVENT)/libevent_extra-2.0.so.5 $(LIBEVENT)/libevent_extra-2.0.so.5.0.1 \ $(LIBEVENT)/libevent_extra.so $(LIBEVENT)/libevent.so $(LIBSDIR) # libpng - cp -d $(LIBPNG)/libpng14.so* $(LIBSDIR) + cp -d $(LIBPNG)/libpng15.so* $(LIBSDIR) # OpenSSL cp -d $(OPENSSL)/libcrypto.a $(OPENSSL)/libssl.a $(OPENSSL)/libssl.so* $(OPENSSL)/libcrypto.so* $(LIBSDIR) # Vidalia @@ -417,16 +417,16 @@ strip-it-stripper: ## ## Torbutton development version -torbutton.xpi: - $(WGET) -O $@ $(TORBUTTON) +#torbutton.xpi: +# $(WGET) -O $@ $(TORBUTTON) ## NoScript development version -noscript.xpi: - $(WGET) -O $@ $(NOSCRIPT) +#noscript.xpi: +# $(WGET) -O $@ $(NOSCRIPT) ## BetterPrivacy -betterprivacy.xpi: - $(WGET) -O $@ $(BETTERPRIVACY) +#betterprivacy.xpi: +# $(WGET) -O $@ $(BETTERPRIVACY) ## HTTPS Everywhere httpseverywhere.xpi: @@ -450,7 +450,7 @@ compressed-bundle_%: LANGCODE=$* make -f linux.mk compressed-bundle-localized bundle-localized_%.stamp: - make -f linux.mk copy-files_$* install-extensions install-betterprivacy install-lang-extensions patch-vidalia-language patch-firefox-language patch-pidgin-language update-extension-pref + make -f linux.mk copy-files_$* install-lang-extensions patch-vidalia-language patch-firefox-language patch-pidgin-language update-extension-pref touch bundle-localized_$*.stamp bundle-localized: bundle-localized_$(LANGCODE).stamp @@ -460,6 +460,7 @@ compressed-bundle-localized: bundle-localized_$(LANGCODE).stamp -mkdir $(DISTDIR) tar -cvzf $(DISTDIR)/$(DEFAULT_COMPRESSED_BASENAME)$(LANGCODE).tar.gz $(NAME)_$(LANGCODE); rm *.zip *.xpi + cp torbutton/torbutton.xpi . copy-files_%: generic-bundle.stamp rm -fr $(NAME)_$* @@ -511,6 +512,7 @@ endif patch-firefox-language: ## Patch the default Firefox prefs.js ## Don't use {} because they aren't always interpreted correctly. Thanks, sh. + mkdir -p $(BUNDLE)/App/Firefox/defaults/profile/ cp $(CONFIG_SRC)/bookmarks.html $(BUNDLE)/App/Firefox/defaults/profile/ cp $(CONFIG_SRC)/no-polipo.js $(BUNDLE)/App/Firefox/defaults/profile/prefs.js cp $(CONFIG_SRC)/bookmarks.html $(BUNDLE)/Data/profile diff --git a/src/RelativeLink/RelativeLink.sh b/src/RelativeLink/RelativeLink.sh index e7b7be4..5b83305 100755 --- a/src/RelativeLink/RelativeLink.sh +++ b/src/RelativeLink/RelativeLink.sh @@ -44,7 +44,7 @@ export DYLD_PRINT_LIBRARIES # if any relevant processes are running, inform the user and exit cleanly RUNNING=0 -for process in tor vidalia polipo privoxy +for process in tor vidalia do pid=`pidof $process` if [ -n "$pid" ]; then printf "\n$process is already running as PID $pid\n\n"

1 0

[torsocks/master] Issue 30: libtorsocks.so sanity check
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 845c4a02d095bde6b4e5446dc8c95adfe86ae264 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Oct 23 22:12:53 2011 +0100 Issue 30: libtorsocks.so sanity check "Currently if libtorsocks.so doesn't exist, torsocks will happily proceed without it, and not use tor." Check for libtorsocks.so and bail out if it isn't found. --- src/torsocks.in | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/src/torsocks.in b/src/torsocks.in index 27540ec..53db2fc 100755 --- a/src/torsocks.in +++ b/src/torsocks.in @@ -78,6 +78,12 @@ LIB_NAME="libtorsocks" SHLIB_EXT="@SHLIB_EXT@" SHLIB="${LIBDIR}/${LIB_NAME}.${SHLIB_EXT}" +# Ensure libtorsocks exists, +if [ ! -f $SHLIB ]; then + echo "$0: $SHLIB does not exist! Try re-installing torsocks." + exit +fi + case "$1" in on) if [ -z "$@LDPRELOAD@" ]

1 0

[torsocks/osx] Fix compile warning in test_torsocks.c
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 90f3cc0b3f08b965ec999fbcecbc9f9ff4f5dbf4 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Feb 20 14:00:07 2011 +0000 Fix compile warning in test_torsocks.c --- test/test_torsocks.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/test/test_torsocks.c b/test/test_torsocks.c index e67de0a..a262303 100644 --- a/test/test_torsocks.c +++ b/test/test_torsocks.c @@ -69,7 +69,7 @@ static int icmp_test() struct sockaddr_in dest; struct ip *iphdr=(struct ip *) datagram; struct icmphdr *icmphdr=(struct icmphdr *)(iphdr +1); - char *buff=(icmphdr +1); + char *buff=(char *)(icmphdr +1); printf("\n----------------icmp() TEST----------------------------\n\n"); if((sockfd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0)

1 0

[torsocks/osx] Compile and run tests on FreeBSD
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 9de888be00f23ba1cfe1b172de61a59da6ae0ecd Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Feb 20 15:36:50 2011 +0000 Compile and run tests on FreeBSD --- configure.in | 3 +++ test/test_torsocks.c | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/configure.in b/configure.in index f238caa..3366420 100644 --- a/configure.in +++ b/configure.in @@ -572,6 +572,9 @@ case $host in AC_SEARCH_LIBS(pthread_create, [pthread]) AC_SEARCH_LIBS(pthread_detach, [pthread]) ;; +*-*-freebsd*) + AC_DEFINE(FREEBSD, 1, "Define to handle FreeBSD") + ;; esac AC_SUBST(SHLIB_EXT) diff --git a/test/test_torsocks.c b/test/test_torsocks.c index 902a216..6e8933b 100644 --- a/test/test_torsocks.c +++ b/test/test_torsocks.c @@ -80,7 +80,7 @@ static int icmp_test() char datagram[400]; struct sockaddr_in dest; struct ip *iphdr=(struct ip *) datagram; -#ifdef OPENBSD +#if defined(OPENBSD) || defined(FREEBSD) struct icmp *icmphdr=(struct icmp *)(iphdr +1); #else struct icmphdr *icmphdr=(struct icmphdr *)(iphdr +1); @@ -112,7 +112,7 @@ static int icmp_test() iphdr->ip_dst.s_addr=dest.sin_addr.s_addr; iphdr->ip_sum=csum((unsigned short *)datagram,iphdr->ip_len >> 1); -#ifdef OPENBSD +#if defined(OPENBSD) || defined(FREEBSD) icmphdr->icmp_type=130; icmphdr->icmp_code=0; icmphdr->icmp_cksum=htons(0xc3b0);

1 0

[torsocks/osx] Make tests compile and run on OpenBSD
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 6bec541ad5398625f14757199df26ce5a4755f9c Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Feb 20 11:04:54 2011 +0000 Make tests compile and run on OpenBSD --- test/Makefile.am | 2 - test/test_torsocks.c | 74 ++++++++++++++++++++++++++++++++++++------------- 2 files changed, 54 insertions(+), 22 deletions(-) diff --git a/test/Makefile.am b/test/Makefile.am index c03c387..84e4859 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -1,6 +1,4 @@ noinst_PROGRAMS= test_torsocks -LIBS = -lresolv - test_torsocks_SOURCES= test_torsocks.c CLEANFILES= test_torsocks diff --git a/test/test_torsocks.c b/test/test_torsocks.c index a262303..902a216 100644 --- a/test/test_torsocks.c +++ b/test/test_torsocks.c @@ -19,13 +19,24 @@ * Free Software Foundation, Inc., * * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ***************************************************************************/ +/* PreProcessor Defines */ +#include <config.h> -#include <arpa/inet.h> -#include <arpa/nameser.h> #include <errno.h> #include <fcntl.h> #include <netdb.h> +#ifdef OPENBSD +#include <netinet/in_systm.h> +#endif +#include <sys/types.h> +#include <sys/socket.h> +#ifndef HAVE_NETINET_IN_H #include <netinet/in.h> +#endif +#ifndef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#include <arpa/nameser.h> #include <netinet/ip.h> #include <netinet/ip_icmp.h> #include <pthread.h> @@ -33,9 +44,10 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <sys/socket.h> #include <sys/time.h> -#include <sys/types.h> +#ifdef OPENBSD +#include <sys/uio.h> +#endif #include <sys/un.h> #include <sysexits.h> #include <syslog.h> @@ -68,7 +80,11 @@ static int icmp_test() char datagram[400]; struct sockaddr_in dest; struct ip *iphdr=(struct ip *) datagram; +#ifdef OPENBSD + struct icmp *icmphdr=(struct icmp *)(iphdr +1); +#else struct icmphdr *icmphdr=(struct icmphdr *)(iphdr +1); +#endif char *buff=(char *)(icmphdr +1); printf("\n----------------icmp() TEST----------------------------\n\n"); @@ -96,16 +112,21 @@ static int icmp_test() iphdr->ip_dst.s_addr=dest.sin_addr.s_addr; iphdr->ip_sum=csum((unsigned short *)datagram,iphdr->ip_len >> 1); +#ifdef OPENBSD + icmphdr->icmp_type=130; + icmphdr->icmp_code=0; + icmphdr->icmp_cksum=htons(0xc3b0); +#else icmphdr->type=130; icmphdr->code=0; icmphdr->checksum=htons(0xc3b0); icmphdr->un.echo.sequence=0; icmphdr->un.echo.id=0; - - int one=1; - int *val=&one; - if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,val,sizeof(one))<0) - printf("cannot set HDRINCL!\n"); +#endif + int one=1; + int *val=&one; + if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,val,sizeof(one))<0) + printf("cannot set HDRINCL!\n"); if(sendto(sockfd,datagram,35,0,(struct sockaddr *)&dest,sizeof(dest))<0) @@ -228,7 +249,6 @@ static int res_tests(char *ip, char *test) { return -1; } - inet_ntop(AF_INET, &_res.nsaddr_list[0].sin_addr.s_addr, buf, sizeof(buf)); addr.sin_family=AF_INET; addr.sin_port=htons(53); @@ -240,29 +260,43 @@ static int res_tests(char *ip, char *test) { inet_ntop(AF_INET, &_res.nsaddr_list[0].sin_addr.s_addr, buf, sizeof(buf)); printf("nameserver for test: %s\n", buf); + /* Modifying _res directly doesn't work, so we have to use res_n* where available. + See: http://sourceware.org/ml/libc-help/2009-11/msg00013.html */ printf("\n---------------------- %s res_query() TEST----------------------\n\n", test); snprintf((char *)host, 127, "www.google.com"); - ret = res_nquery( &_res, (char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); -// printf("RES_QUERY results: %s.\n", dnsreply); +#ifndef OPENBSD + ret = res_nquery(&_res, (char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); +#else + ret = res_query((char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); +#endif printf("return code: %i\n", ret); printf("\n---------------------- %s res_search() TEST----------------------\n\n", test); memset( dnsreply, '\0', sizeof( dnsreply )); - ret = res_nsearch( &_res, (char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); -// printf("RES_SEARCH results: %s.\n", dnsreply); +#ifndef OPENBSD + ret = res_nsearch(&_res, (char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); +#else + ret = res_search((char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); +#endif printf("return code: %i\n", ret); printf("\n--------------- %s res_querydomain() TEST----------------------\n\n", test); memset( dnsreply, '\0', sizeof( dnsreply )); - ret = res_nquerydomain( &_res, "www.google.com", "google.com", C_IN, T_TXT, dnsreply, sizeof( dnsreply )); -// printf("RES_QUERYDOMAIN results: %s.\n", dnsreply); +#ifndef OPENBSD + ret = res_nquerydomain(&_res, "www.google.com", "google.com", C_IN, T_TXT, dnsreply, sizeof( dnsreply )); +#else + ret = res_querydomain("www.google.com", "google.com", C_IN, T_TXT, dnsreply, sizeof( dnsreply )); +#endif printf("return code: %i\n", ret); printf("\n---------------------- %s res_send() TEST----------------------\n\n", test); memset( dnsreply, '\0', sizeof( dnsreply )); - ret = res_nsend( &_res, host, 32, dnsreply, sizeof( dnsreply )); -// printf("RES_SEND results: %s.\n", dnsreply); - printf("return code: %i\n", ret); +#ifndef OPENBSD + ret = res_nsend(&_res, host, 32, dnsreply, sizeof( dnsreply )); +#else + ret = res_send(host, 32, dnsreply, sizeof( dnsreply )); +#endif +printf("return code: %i\n", ret); return ret; } @@ -353,7 +387,7 @@ static int gethostbyaddr_test() { printf("\n----------------------gethostbyaddr() TEST-----------------\n\n"); - inet_aton("38.229.70.16",&bar); + inet_aton("38.229.70.16", &bar); foo=gethostbyaddr(&bar,4,AF_INET); if (foo) { int i;

1 0

[torsocks/osx] Make tests compile and run on OSX
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit f2c80d809a23c0fe6c82c589cc28940cb1e6ee9d Author: Robert Hogan <robert(a)roberthogan.net> Date: Sun Feb 20 19:28:36 2011 +0000 Make tests compile and run on OSX --- configure.in | 17 ++++++++++++++++- test/test_torsocks.c | 15 +++++++++------ 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/configure.in b/configure.in index 3366420..69d2efb 100644 --- a/configure.in +++ b/configure.in @@ -521,6 +521,8 @@ LIBS=${SIMPLELIBS} AC_SEARCH_LIBS(dlopen, [dl]) AC_SEARCH_LIBS(res_query, [resolv]) +TESTLDFLAGS="$LDFLAGS" + dnl Linker checks for Mac OSX, which uses DYLD_INSERT_LIBRARIES dnl instead of LD_PRELOAD case "$host_os" in @@ -575,6 +577,16 @@ case $host in *-*-freebsd*) AC_DEFINE(FREEBSD, 1, "Define to handle FreeBSD") ;; +*-*-darwin*) + dnl Needed to compile tests. + dnl See https://bugs.g10code.com/gnupg/issue1292: + dnl "On OS X (at least in 10.6 and I believe starting at 10.3) the DNS resolution + dnl services fail to compile. This is a result of the addition of BIND9 compatible + dnl resolution libraries on OS X that are being picked up by the configure script + dnl instead of -lresolv causing the tests for useable resolution services to fail + dnl thus disabling features like pka auto lookup." + LIBS="-lresolv $LIBS" + ;; esac AC_SUBST(SHLIB_EXT) @@ -615,5 +627,8 @@ AC_ENABLE_STATIC AC_CONFIG_FILES([src/usewithtor src/torsocks src/torsocks.conf.5 src/torsocks.8 src/usewithtor.1 src/torsocks.1]) -AC_OUTPUT(Makefile src/Makefile test/Makefile) +AC_OUTPUT(Makefile src/Makefile) +dnl Dump any LDFLAGS that were only required for linking libtorsocks, such as -dynamiclib on OSX. +LDFLAGS="$TESTLDFLAGS" +AC_OUTPUT(test/Makefile) diff --git a/test/test_torsocks.c b/test/test_torsocks.c index 6e8933b..60d78c8 100644 --- a/test/test_torsocks.c +++ b/test/test_torsocks.c @@ -37,6 +37,9 @@ #include <arpa/inet.h> #endif #include <arpa/nameser.h> +#if defined(__APPLE__) || defined(__darwin__) +#include <arpa/nameser_compat.h> +#endif #include <netinet/ip.h> #include <netinet/ip_icmp.h> #include <pthread.h> @@ -80,7 +83,7 @@ static int icmp_test() char datagram[400]; struct sockaddr_in dest; struct ip *iphdr=(struct ip *) datagram; -#if defined(OPENBSD) || defined(FREEBSD) +#if defined(OPENBSD) || defined(FREEBSD) ||defined(__APPLE__) || defined(__darwin__) struct icmp *icmphdr=(struct icmp *)(iphdr +1); #else struct icmphdr *icmphdr=(struct icmphdr *)(iphdr +1); @@ -112,7 +115,7 @@ static int icmp_test() iphdr->ip_dst.s_addr=dest.sin_addr.s_addr; iphdr->ip_sum=csum((unsigned short *)datagram,iphdr->ip_len >> 1); -#if defined(OPENBSD) || defined(FREEBSD) +#if defined(OPENBSD) || defined(FREEBSD) ||defined(__APPLE__) || defined(__darwin__) icmphdr->icmp_type=130; icmphdr->icmp_code=0; icmphdr->icmp_cksum=htons(0xc3b0); @@ -264,7 +267,7 @@ static int res_tests(char *ip, char *test) { See: http://sourceware.org/ml/libc-help/2009-11/msg00013.html */ printf("\n---------------------- %s res_query() TEST----------------------\n\n", test); snprintf((char *)host, 127, "www.google.com"); -#ifndef OPENBSD +#if !defined(OPENBSD) && !defined(__APPLE__) && !defined(__darwin__) ret = res_nquery(&_res, (char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); #else ret = res_query((char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); @@ -273,7 +276,7 @@ static int res_tests(char *ip, char *test) { printf("\n---------------------- %s res_search() TEST----------------------\n\n", test); memset( dnsreply, '\0', sizeof( dnsreply )); -#ifndef OPENBSD +#if !defined(OPENBSD) && !defined(__APPLE__) && !defined(__darwin__) ret = res_nsearch(&_res, (char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); #else ret = res_search((char *) host, C_IN, T_TXT, dnsreply, sizeof( dnsreply )); @@ -282,7 +285,7 @@ static int res_tests(char *ip, char *test) { printf("\n--------------- %s res_querydomain() TEST----------------------\n\n", test); memset( dnsreply, '\0', sizeof( dnsreply )); -#ifndef OPENBSD +#if !defined(OPENBSD) && !defined(__APPLE__) && !defined(__darwin__) ret = res_nquerydomain(&_res, "www.google.com", "google.com", C_IN, T_TXT, dnsreply, sizeof( dnsreply )); #else ret = res_querydomain("www.google.com", "google.com", C_IN, T_TXT, dnsreply, sizeof( dnsreply )); @@ -291,7 +294,7 @@ static int res_tests(char *ip, char *test) { printf("\n---------------------- %s res_send() TEST----------------------\n\n", test); memset( dnsreply, '\0', sizeof( dnsreply )); -#ifndef OPENBSD +#if !defined(OPENBSD) && !defined(__APPLE__) && !defined(__darwin__) ret = res_nsend(&_res, host, 32, dnsreply, sizeof( dnsreply )); #else ret = res_send(host, 32, dnsreply, sizeof( dnsreply ));

1 0

[torsocks/osx] Compile and (apparently) work on OpenBSD
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 75b9f9880737197b8c00c897e04c1c4116ee3de0 Author: Robert Hogan <robert(a)roberthogan.net> Date: Mon Feb 14 22:51:40 2011 +0000 Compile and (apparently) work on OpenBSD Need more testing to be sure, but it looks like it works OK. --- configure.in | 12 ++++++++++++ src/Makefile.am | 1 - src/dead_pool.c | 5 +++++ src/torsocks.c | 2 +- 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/configure.in b/configure.in index ca5af2a..cdb99e7 100644 --- a/configure.in +++ b/configure.in @@ -518,6 +518,9 @@ SPECIALLIBS=${LIBS} AC_SUBST(SPECIALLIBS) LIBS=${SIMPLELIBS} +AC_SEARCH_LIBS(dlopen, [dl]) +AC_SEARCH_LIBS(inet_aton, [resolv]) + dnl Linker checks for Mac OSX, which uses DYLD_INSERT_LIBRARIES dnl instead of LD_PRELOAD case "$host_os" in @@ -562,6 +565,15 @@ darwin*) ;; esac +dnl OpenBSD needs -lpthread. It also doesn't support AI_V4MAPPED. +case $host in +*-*-openbsd*) + AC_DEFINE(OPENBSD, 1, "Define to handle OpenBSD") + AC_SEARCH_LIBS(pthread_create, [pthread]) + AC_SEARCH_LIBS(pthread_detach, [pthread]) + ;; +esac + AC_SUBST(SHLIB_EXT) AC_SUBST(LD_PRELOAD) diff --git a/src/Makefile.am b/src/Makefile.am index 134dc42..cce43f2 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,6 +1,5 @@ # Makefile used by configure to create real Makefile -LIBS = -ldl -lc -lresolv libdir = @libdir@/torsocks # Install configuration file diff --git a/src/dead_pool.c b/src/dead_pool.c index bba90d3..6f4043a 100644 --- a/src/dead_pool.c +++ b/src/dead_pool.c @@ -752,6 +752,10 @@ our_getipnodebyname(dead_pool *pool, const char *name, int af, int flags, /* Caller has requested an AF_INET6 address, and is not prepared to accept IPv4-mapped IPV6 addresses. There's nothing we can do to service their request. */ +#ifdef OPENBSD + /* OpenBSD doesn't support the AI_V4MAPPED flag, so just return. */ + return NULL; +#else if((flags & AI_V4MAPPED) == 0) { show_msg(MSGWARN, "getipnodebyname: asked for V6 addresses only, " "but torsocks can't handle that\n"); @@ -760,6 +764,7 @@ our_getipnodebyname(dead_pool *pool, const char *name, int af, int flags, } else { want_4in6 = 1; } +#endif } pos = store_pool_entry(pool, (char *)name, &pool_addr); diff --git a/src/torsocks.c b/src/torsocks.c index 579751e..4239ced 100644 --- a/src/torsocks.c +++ b/src/torsocks.c @@ -147,7 +147,7 @@ static pthread_mutex_t torsocks_init_mutex = PTHREAD_MUTEX_INITIALIZER; void torsocks_init(void) { #define LOAD_ERROR(s,l) { \ - char *error; \ + const char *error; \ error = dlerror(); \ show_msg(l, "The symbol %s() was not found in any shared " \ "library. The error reported was: %s!\n", s, \

1 0

[torsocks/osx] Fix -lresolv on linux builds again
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit cc8e7e0ae59def5da94b576ed19e9412e517ad7b Author: Robert Hogan <robert(a)roberthogan.net> Date: Fri Feb 18 22:11:40 2011 +0000 Fix -lresolv on linux builds again --- configure.in | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/configure.in b/configure.in index cdb99e7..614f34e 100644 --- a/configure.in +++ b/configure.in @@ -519,7 +519,7 @@ AC_SUBST(SPECIALLIBS) LIBS=${SIMPLELIBS} AC_SEARCH_LIBS(dlopen, [dl]) -AC_SEARCH_LIBS(inet_aton, [resolv]) +AC_SEARCH_LIBS(res_query, [resolv]) dnl Linker checks for Mac OSX, which uses DYLD_INSERT_LIBRARIES dnl instead of LD_PRELOAD

1 0

[torsocks/osx] Split SOCKS functions into separate file
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 91046642c2efa6bed622f524b95919563d2a40a5 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sat Feb 19 13:20:21 2011 +0000 Split SOCKS functions into separate file --- src/Makefile.am | 4 +- src/socks.c | 629 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/socks.h | 116 ++++++++++ src/torsocks.c | 572 +-------------------------------------------------- src/torsocks.h | 104 --------- 5 files changed, 748 insertions(+), 677 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index cce43f2..cb69714 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -25,11 +25,11 @@ torsocksconfmanpage_DATA = torsocks.conf.5 # Install main library to $(prefix)/lib/tor (must match torsocks.in) lib_LTLIBRARIES = libtorsocks.la -libtorsocks_la_SOURCES = torsocks.c common.c parser.c dead_pool.c darwin_warts.c +libtorsocks_la_SOURCES = torsocks.c common.c parser.c dead_pool.c darwin_warts.c socks.c libtorsocks_la_LDFLAGS = -version-info 1:0:0 #libtorsocks_la_CFLAGS = -nostartfiles -DISTCLEANFILES=parser.lo dead_pool.lo common.lo libtorsocks.lo tsocks.lo \ +DISTCLEANFILES=parser.lo dead_pool.lo common.lo libtorsocks.lo torsocks.lo darwin_warts.lo socks.lo\ config.cache config.log config.h Makefile \ aclocal.m4 config.status usewithtor torsocks \ autom4te.cache .libs .deps diff --git a/src/socks.c b/src/socks.c new file mode 100644 index 0000000..37b97f5 --- /dev/null +++ b/src/socks.c @@ -0,0 +1,629 @@ +/*************************************************************************** + * * + * Copyright (C) 2000-2008 Shaun Clowes <delius(a)progsoc.org> * + * Copyright (C) 2008-2011 Robert Hogan <robert(a)roberthogan.net> * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ +/* PreProcessor Defines */ +#include <config.h> + +/*Defining _NONSTD_SOURCE causes library and kernel calls to behave as closely +to Mac OS X 10.3's library and kernel calls as possible.*/ +#if defined(__APPLE__) || defined(__darwin__) +/* +From 'man compat' in OSX: +64-BIT COMPILATION + When compiling for 64-bit architectures, the __LP64__ macro will be defined to 1, and UNIX conformance + is always on (the _DARWIN_FEATURE_UNIX_CONFORMANCE macro will also be defined to the SUS conformance + level). Defining _NONSTD_SOURCE will cause a compilation error. +*/ +#if !defined(__LP64__) +#define _NONSTD_SOURCE 1 +#endif +#include <sys/socket.h> +#endif + + +#ifdef USE_GNU_SOURCE +#define _GNU_SOURCE +#endif + +/* Header Files */ +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <dlfcn.h> +#include <sys/types.h> +#include <string.h> +#include <strings.h> +#include <netinet/in.h> +#include <arpa/inet.h> +#include <sys/poll.h> +#include <sys/time.h> +#include <pwd.h> +#include <errno.h> +#include <fcntl.h> +#include <common.h> +#include <pthread.h> +#include <stdarg.h> +#if !defined(__APPLE__) && !defined(__darwin__) +#include <sys/socket.h> +#endif +#include <resolv.h> + +#include "parser.h" +#include "socks.h" +#include "dead_pool.h" + +static int connect_server(struct connreq *conn); +static int send_socks_request(struct connreq *conn); +static int send_socksv4_request(struct connreq *conn); +static int send_socksv5_method(struct connreq *conn); +static int send_socksv5_connect(struct connreq *conn); +static int send_buffer(struct connreq *conn); +static int recv_buffer(struct connreq *conn); +static int read_socksv5_method(struct connreq *conn); +static int read_socksv4_req(struct connreq *conn); +static int read_socksv5_connect(struct connreq *conn); +static int read_socksv5_auth(struct connreq *conn); +static int send_socksv4a_request(struct connreq *conn, const char *onion_host); + +struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr, + struct sockaddr_in *serveraddr, + struct serverent *path) +{ + struct connreq *newconn; + + if ((newconn = malloc(sizeof(*newconn))) == NULL) { + /* Could not malloc, we're stuffed */ + show_msg(MSGERR, "Could not allocate memory for new socks request\n"); + return(NULL); + } + + /* Add this connection to be proxied to the list */ + memset(newconn, 0x0, sizeof(*newconn)); + newconn->sockid = sockid; + newconn->state = UNSTARTED; + newconn->path = path; + memcpy(&(newconn->connaddr), connaddr, sizeof(newconn->connaddr)); + memcpy(&(newconn->serveraddr), serveraddr, sizeof(newconn->serveraddr)); + newconn->next = requests; + requests = newconn; + + return(newconn); +} + +void kill_socks_request(struct connreq *conn) +{ + struct connreq *connnode; + + if (requests == conn) + requests = conn->next; + else { + for (connnode = requests; connnode != NULL; connnode = connnode->next) { + if (connnode->next == conn) { + connnode->next = conn->next; + break; + } + } + } + + free(conn); +} + +struct connreq *find_socks_request(int sockid, int includefinished) +{ + struct connreq *connnode; + + for (connnode = requests; connnode != NULL; connnode = connnode->next) { + if (connnode->sockid == sockid) { + if (((connnode->state == FAILED) || (connnode->state == DONE)) && + !includefinished) + break; + else + return(connnode); + } + } + + return(NULL); +} + +int handle_request(struct connreq *conn) +{ + int rc = 0; + int i = 0; + + show_msg(MSGDEBUG, "Beginning handle loop for socket %d\n", conn->sockid); + + while ((rc == 0) && + (conn->state != FAILED) && + (conn->state != DONE) && + (i++ < 20)) { + show_msg(MSGDEBUG, "In request handle loop for socket %d, " + "current state of request is %d\n", conn->sockid, + conn->state); + switch(conn->state) { + case UNSTARTED: + case CONNECTING: + rc = connect_server(conn); + break; + case CONNECTED: + rc = send_socks_request(conn); + break; + case SENDING: + rc = send_buffer(conn); + break; + case RECEIVING: + rc = recv_buffer(conn); + break; + case SENTV4REQ: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V4 connect request\n"); + conn->datalen = sizeof(struct sockrep); + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV4REQ; + break; + case GOTV4REQ: + rc = read_socksv4_req(conn); + break; + case SENTV5METHOD: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 method negotiation\n"); + conn->datalen = 2; + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV5METHOD; + break; + case GOTV5METHOD: + rc = read_socksv5_method(conn); + break; + case SENTV5AUTH: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 authentication negotiation\n"); + conn->datalen = 2; + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV5AUTH; + break; + case GOTV5AUTH: + rc = read_socksv5_auth(conn); + break; + case SENTV5CONNECT: + show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 connect request\n"); + conn->datalen = 10; + conn->datadone = 0; + conn->state = RECEIVING; + conn->nextstate = GOTV5CONNECT; + break; + case GOTV5CONNECT: + rc = read_socksv5_connect(conn); + break; + } + conn->err = errno; + } + + if (i == 20) + show_msg(MSGERR, "Ooops, state loop while handling request %d\n", + conn->sockid); + + show_msg(MSGDEBUG, "Handle loop completed for socket %d in state %d, " + "returning %d\n", conn->sockid, conn->state, rc); + return(rc); +} + +static int connect_server(struct connreq *conn) +{ + int rc; + + /* Connect this socket to the socks server */ + show_msg(MSGDEBUG, "Connecting to %s port %d\n", + inet_ntoa(conn->serveraddr.sin_addr), ntohs(conn->serveraddr.sin_port)); + + rc = realconnect(conn->sockid, (CONNECT_SOCKARG) &(conn->serveraddr), + sizeof(conn->serveraddr)); + + show_msg(MSGDEBUG, "Connect returned %d, errno is %d\n", rc, errno); + if (rc && errno == EISCONN) { + rc = 0; + show_msg(MSGDEBUG, "Socket %d already connected to SOCKS server\n", conn->sockid); + conn->state = CONNECTED; + } else if (rc) { + if (errno != EINPROGRESS) { + show_msg(MSGERR, "Error %d attempting to connect to SOCKS " + "server (%s)\n", errno, strerror(errno)); + conn->state = FAILED; + } else { + show_msg(MSGDEBUG, "Connection in progress\n"); + conn->state = CONNECTING; + } + } else { + show_msg(MSGDEBUG, "Socket %d connected to SOCKS server\n", conn->sockid); + conn->state = CONNECTED; + } + + return((rc ? errno : 0)); +} + +static int send_socks_request(struct connreq *conn) +{ + int rc = 0; + + if (conn->path->type == 4) { + char *name = get_pool_entry(pool, &(conn->connaddr.sin_addr)); + if(name != NULL) + rc = send_socksv4a_request(conn,name); + else + rc = send_socksv4_request(conn); + } else + rc = send_socksv5_method(conn); + return(rc); +} + +static int send_socksv4a_request(struct connreq *conn,const char *onion_host) +{ + struct passwd *user; + struct sockreq *thisreq; + int endOfUser; + /* Determine the current username */ + user = getpwuid(getuid()); + + thisreq = (struct sockreq *) conn->buffer; + endOfUser=sizeof(struct sockreq) + + (user == NULL ? 0 : strlen(user->pw_name)) + 1; + + /* Check the buffer has enough space for the request */ + /* and the user name */ + conn->datalen = endOfUser+ + (onion_host == NULL ? 0 : strlen(onion_host)) + 1; + if (sizeof(conn->buffer) < conn->datalen) { + show_msg(MSGERR, "The SOCKS username is too long"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + /* Create the request */ + thisreq->version = 4; + thisreq->command = 1; + thisreq->dstport = conn->connaddr.sin_port; + thisreq->dstip = htonl(1); + + /* Copy the username */ + strcpy((char *) thisreq + sizeof(struct sockreq), + (user == NULL ? "" : user->pw_name)); + + /* Copy the onion host */ + strcpy((char *) thisreq + endOfUser, + (onion_host == NULL ? "" : onion_host)); + + conn->datadone = 0; + conn->state = SENDING; + conn->nextstate = SENTV4REQ; + + return(0); +} + +static int send_socksv4_request(struct connreq *conn) +{ + struct passwd *user; + struct sockreq *thisreq; + + /* Determine the current username */ + user = getpwuid(getuid()); + + thisreq = (struct sockreq *) conn->buffer; + + /* Check the buffer has enough space for the request */ + /* and the user name */ + conn->datalen = sizeof(struct sockreq) + + (user == NULL ? 0 : strlen(user->pw_name)) + 1; + if (sizeof(conn->buffer) < conn->datalen) { + show_msg(MSGERR, "The SOCKS username is too long"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + /* Create the request */ + thisreq->version = 4; + thisreq->command = 1; + thisreq->dstport = conn->connaddr.sin_port; + thisreq->dstip = conn->connaddr.sin_addr.s_addr; + + /* Copy the username */ + strcpy((char *) thisreq + sizeof(struct sockreq), + (user == NULL ? "" : user->pw_name)); + + conn->datadone = 0; + conn->state = SENDING; + conn->nextstate = SENTV4REQ; + + return(0); +} + +static int send_socksv5_method(struct connreq *conn) +{ + char verstring[] = { 0x05, /* Version 5 SOCKS */ + 0x02, /* No. Methods */ + 0x00, /* Null Auth */ + 0x02 }; /* User/Pass Auth */ + + show_msg(MSGDEBUG, "Constructing V5 method negotiation\n"); + conn->state = SENDING; + conn->nextstate = SENTV5METHOD; + memcpy(conn->buffer, verstring, sizeof(verstring)); + conn->datalen = sizeof(verstring); + conn->datadone = 0; + + return(0); +} + +static int send_socksv5_connect(struct connreq *conn) +{ + int namelen = 0; + char *name = NULL; + char constring[] = { 0x05, /* Version 5 SOCKS */ + 0x01, /* Connect request */ + 0x00, /* Reserved */ + 0x01 }; /* IP Version 4 */ + + show_msg(MSGDEBUG, "Constructing V5 connect request\n"); + conn->datadone = 0; + conn->state = SENDING; + conn->nextstate = SENTV5CONNECT; + memcpy(conn->buffer, constring, sizeof(constring)); + conn->datalen = sizeof(constring); + + show_msg(MSGDEBUG, "send_socksv5_connect: looking for: %s\n", + inet_ntoa(conn->connaddr.sin_addr)); + + name = get_pool_entry(pool, &(conn->connaddr.sin_addr)); + if(name != NULL) { + namelen = strlen(name); + if(namelen > 255) /* "Can't happen" */ + name = NULL; + } + if(name != NULL) { + show_msg(MSGDEBUG, "send_socksv5_connect: found it!\n"); + /* Substitute the domain name from the pool into the SOCKS request. */ + conn->buffer[3] = 0x03; /* Change the ATYP field */ + conn->buffer[4] = namelen; /* Length of name */ + conn->datalen++; + memcpy(&conn->buffer[conn->datalen], name, namelen); + conn->datalen += namelen; + } else { + show_msg(MSGDEBUG, "send_socksv5_connect: ip address not found\n"); + /* Use the raw IP address */ + memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_addr.s_addr), + sizeof(conn->connaddr.sin_addr.s_addr)); + conn->datalen += sizeof(conn->connaddr.sin_addr.s_addr); + } + memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_port), + sizeof(conn->connaddr.sin_port)); + conn->datalen += sizeof(conn->connaddr.sin_port); + + return(0); +} + +static int send_buffer(struct connreq *conn) +{ + int rc = 0; + + show_msg(MSGDEBUG, "Writing to server (sending %d bytes)\n", conn->datalen); + while ((rc == 0) && (conn->datadone != conn->datalen)) { + rc = send(conn->sockid, conn->buffer + conn->datadone, + conn->datalen - conn->datadone, 0); + if (rc > 0) { + conn->datadone += rc; + rc = 0; + } else { + if (errno != EWOULDBLOCK) + show_msg(MSGDEBUG, "Write failed, %s\n", strerror(errno)); + rc = errno; + } + } + + if (conn->datadone == conn->datalen) + conn->state = conn->nextstate; + + show_msg(MSGDEBUG, "Sent %d bytes of %d bytes in buffer, return code is %d\n", + conn->datadone, conn->datalen, rc); + return(rc); +} + +static int recv_buffer(struct connreq *conn) +{ + int rc = 0; + + show_msg(MSGDEBUG, "Reading from server (expecting %d bytes)\n", conn->datalen); + while ((rc == 0) && (conn->datadone != conn->datalen)) { + rc = recv(conn->sockid, conn->buffer + conn->datadone, + conn->datalen - conn->datadone, 0); + if (rc > 0) { + conn->datadone += rc; + rc = 0; + } else if (rc == 0) { + show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n", + conn->datadone, conn->datalen); + rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */ + } else { + if (errno != EWOULDBLOCK) + show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno)); + rc = errno; + } + } + + if (conn->datadone == conn->datalen) + conn->state = conn->nextstate; + + show_msg(MSGDEBUG, "Received %d bytes of %d bytes expected, return code is %d\n", + conn->datadone, conn->datalen, rc); + return(rc); +} + +static int read_socksv5_method(struct connreq *conn) +{ + struct passwd *nixuser; + char *uname, *upass; + + /* See if we offered an acceptable method */ + if (conn->buffer[1] == '\xff') { + show_msg(MSGERR, "SOCKS V5 server refused authentication methods\n"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + /* If the socks server chose username/password authentication */ + /* (method 2) then do that */ + if ((unsigned short int) conn->buffer[1] == 2) { + show_msg(MSGDEBUG, "SOCKS V5 server chose username/password authentication\n"); + + /* Determine the current *nix username */ + nixuser = getpwuid(getuid()); + + if (((uname = conn->path->defuser) == NULL) && + ((uname = getenv("TORSOCKS_USERNAME")) == NULL) && + ((uname = (nixuser == NULL ? NULL : nixuser->pw_name)) == NULL)) { + show_msg(MSGERR, "Could not get SOCKS username from " + "local passwd file, torsocks.conf " + "or $TORSOCKS_USERNAME to authenticate " + "with"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + if (((upass = getenv("TORSOCKS_PASSWORD")) == NULL) && + ((upass = conn->path->defpass) == NULL)) { + show_msg(MSGERR, "Need a password in torsocks.conf or " + "$TORSOCKS_PASSWORD to authenticate with"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + /* Check that the username / pass specified will */ + /* fit into the buffer */ + if ((3 + strlen(uname) + strlen(upass)) >= sizeof(conn->buffer)) { + show_msg(MSGERR, "The supplied socks username or " + "password is too long"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + conn->datalen = 0; + conn->buffer[conn->datalen] = '\x01'; + conn->datalen++; + conn->buffer[conn->datalen] = (int8_t) strlen(uname); + conn->datalen++; + memcpy(&(conn->buffer[conn->datalen]), uname, strlen(uname)); + conn->datalen = conn->datalen + strlen(uname); + conn->buffer[conn->datalen] = (int8_t) strlen(upass); + conn->datalen++; + memcpy(&(conn->buffer[conn->datalen]), upass, strlen(upass)); + conn->datalen = conn->datalen + strlen(upass); + + conn->state = SENDING; + conn->nextstate = SENTV5AUTH; + conn->datadone = 0; + } else + return(send_socksv5_connect(conn)); + + return(0); +} + +static int read_socksv5_auth(struct connreq *conn) +{ + + if (conn->buffer[1] != '\x00') { + show_msg(MSGERR, "SOCKS authentication failed, check username and password\n"); + conn->state = FAILED; + return(ECONNREFUSED); + } + + /* Ok, we authenticated ok, send the connection request */ + return(send_socksv5_connect(conn)); +} + +static int read_socksv5_connect(struct connreq *conn) +{ + + /* See if the connection succeeded */ + if (conn->buffer[1] != '\x00') { + show_msg(MSGERR, "SOCKS V5 connect failed: "); + conn->state = FAILED; + switch ((int8_t) conn->buffer[1]) { + case 1: + show_msg(MSGERR, "General SOCKS server failure\n"); + return(ECONNABORTED); + case 2: + show_msg(MSGERR, "Connection denied by rule\n"); + return(ECONNABORTED); + case 3: + show_msg(MSGERR, "Network unreachable\n"); + return(ENETUNREACH); + case 4: + show_msg(MSGERR, "Host unreachable\n"); + return(EHOSTUNREACH); + case 5: + show_msg(MSGERR, "Connection refused\n"); + return(ECONNREFUSED); + case 6: + show_msg(MSGERR, "TTL Expired\n"); + return(ETIMEDOUT); + case 7: + show_msg(MSGERR, "Command not supported\n"); + return(ECONNABORTED); + case 8: + show_msg(MSGERR, "Address type not supported\n"); + return(ECONNABORTED); + default: + show_msg(MSGERR, "Unknown error\n"); + return(ECONNABORTED); + } + } + conn->state = DONE; + + return(0); +} + +static int read_socksv4_req(struct connreq *conn) +{ + struct sockrep *thisrep; + + thisrep = (struct sockrep *) conn->buffer; + + if (thisrep->result != 90) { + show_msg(MSGERR, "SOCKS V4 connect rejected:\n"); + conn->state = FAILED; + switch(thisrep->result) { + case 91: + show_msg(MSGERR, "SOCKS server refused connection\n"); + return(ECONNREFUSED); + case 92: + show_msg(MSGERR, "SOCKS server refused connection " + "because of failed connect to identd " + "on this machine\n"); + return(ECONNREFUSED); + case 93: + show_msg(MSGERR, "SOCKS server refused connection " + "because identd and this library " + "reported different user-ids\n"); + return(ECONNREFUSED); + default: + show_msg(MSGERR, "Unknown reason\n"); + return(ECONNREFUSED); + } + } + conn->state = DONE; + + return(0); +} diff --git a/src/socks.h b/src/socks.h new file mode 100644 index 0000000..af26fa6 --- /dev/null +++ b/src/socks.h @@ -0,0 +1,116 @@ +/*************************************************************************** + * * + * Copyright (C) 2000-2008 Shaun Clowes <delius(a)progsoc.org> * + * Copyright (C) 2008-2011 Robert Hogan <robert(a)roberthogan.net> * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ +/* socks.h - Structures used by torsocks to form SOCKS requests */ + +#ifndef _SOCKS_H + +#define _SOCKS_H 1 + +#include "parser.h" +#include "dead_pool.h" + +/* Structure representing a socks connection request */ +struct sockreq { + int8_t version; + int8_t command; + int16_t dstport; + int32_t dstip; + /* A null terminated username goes here */ +}; + +/* Structure representing a socks connection request response */ +struct sockrep { + int8_t version; + int8_t result; + int16_t ignore1; + int32_t ignore2; +}; + +/* Structure representing a socket which we are currently proxying */ +struct connreq { + /* Information about the socket and target */ + int sockid; + struct sockaddr_in connaddr; + struct sockaddr_in serveraddr; + + /* Pointer to the config entry for the socks server */ + struct serverent *path; + + /* Current state of this proxied socket */ + int state; + + /* Next state to go to when the send or receive is finished */ + int nextstate; + + /* When connections fail but an error number cannot be reported + * because the socket is non blocking we keep the connreq struct until + * the status is queried with connect() again, we then return + * this value */ + int err; + + /* Events that were set for this socket upon call to select() or + * poll() */ + int selectevents; + + /* Buffer for sending and receiving on the socket */ + unsigned int datalen; + unsigned int datadone; + char buffer[2048]; + + struct connreq *next; +}; + +/* Connection statuses */ +#define UNSTARTED 0 +#define CONNECTING 1 +#define CONNECTED 2 +#define SENDING 3 +#define RECEIVING 4 +#define SENTV4REQ 5 +#define GOTV4REQ 6 +#define SENTV5METHOD 7 +#define GOTV5METHOD 8 +#define SENTV5AUTH 9 +#define GOTV5AUTH 10 +#define SENTV5CONNECT 11 +#define GOTV5CONNECT 12 +#define DONE 13 +#define FAILED 14 + +/* Flags to indicate what events a socket was select()ed for */ +#define READ (1<<0) +#define WRITE (1<<1) +#define EXCEPT (1<<2) +#define READWRITE (READ|WRITE) +#define READWRITEEXCEPT (READ|WRITE|EXCEPT) + +/* Global Declarations */ +static dead_pool *pool = NULL; +static struct connreq *requests = NULL; + +struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr, + struct sockaddr_in *serveraddr, + struct serverent *path); +void kill_socks_request(struct connreq *conn); +struct connreq *find_socks_request(int sockid, int includefailed); +int handle_request(struct connreq *conn); + +#endif diff --git a/src/torsocks.c b/src/torsocks.c index 4239ced..98af4b0 100644 --- a/src/torsocks.c +++ b/src/torsocks.c @@ -71,7 +71,7 @@ const char *torsocks_progname = "libtorsocks"; /* Name used in err msgs #include <resolv.h> #include "parser.h" -#include "torsocks.h" +#include "socks.h" #include "dead_pool.h" /* Some function names are macroized on Darwin. Allow those names @@ -79,9 +79,6 @@ const char *torsocks_progname = "libtorsocks"; /* Name used in err msgs #define EXPAND_GUTS(x) torsocks_##x##_guts #define EXPAND_GUTS_NAME(x) EXPAND_GUTS(x) -/* Global Declarations */ -static dead_pool *pool = NULL; - /* Function prototypes for original functions that we patch */ #ifdef SUPPORT_RES_API int (*realres_init)(void); @@ -92,7 +89,6 @@ int (*realres_init)(void); #undef DARWIN_EXPANSION static struct parsedfile config; -static struct connreq *requests = NULL; static int suid = 0; static char *conffile = NULL; static volatile int torsocks_init_complete = 0; @@ -120,27 +116,7 @@ int res_init(void); static int get_config(); static int get_environment(); -static int connect_server(struct connreq *conn); -static int send_socks_request(struct connreq *conn); -static struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr, - struct sockaddr_in *serveraddr, - struct serverent *path); -static void kill_socks_request(struct connreq *conn); -static int handle_request(struct connreq *conn); -static struct connreq *find_socks_request(int sockid, int includefailed); -static int connect_server(struct connreq *conn); -static int send_socks_request(struct connreq *conn); -static int send_socksv4_request(struct connreq *conn); -static int send_socksv5_method(struct connreq *conn); -static int send_socksv5_connect(struct connreq *conn); -static int send_buffer(struct connreq *conn); -static int recv_buffer(struct connreq *conn); -static int read_socksv5_method(struct connreq *conn); -static int read_socksv4_req(struct connreq *conn); -static int read_socksv5_connect(struct connreq *conn); -static int read_socksv5_auth(struct connreq *conn); static int deadpool_init(void); -static int send_socksv4a_request(struct connreq *conn, const char *onion_host); static pthread_mutex_t torsocks_init_mutex = PTHREAD_MUTEX_INITIALIZER; @@ -898,552 +874,6 @@ int torsocks_getpeername_guts(GETPEERNAME_SIGNATURE, return rc; } -static struct connreq *new_socks_request(int sockid, struct sockaddr_in *connaddr, - struct sockaddr_in *serveraddr, - struct serverent *path) -{ - struct connreq *newconn; - - if ((newconn = malloc(sizeof(*newconn))) == NULL) { - /* Could not malloc, we're stuffed */ - show_msg(MSGERR, "Could not allocate memory for new socks request\n"); - return(NULL); - } - - /* Add this connection to be proxied to the list */ - memset(newconn, 0x0, sizeof(*newconn)); - newconn->sockid = sockid; - newconn->state = UNSTARTED; - newconn->path = path; - memcpy(&(newconn->connaddr), connaddr, sizeof(newconn->connaddr)); - memcpy(&(newconn->serveraddr), serveraddr, sizeof(newconn->serveraddr)); - newconn->next = requests; - requests = newconn; - - return(newconn); -} - -static void kill_socks_request(struct connreq *conn) -{ - struct connreq *connnode; - - if (requests == conn) - requests = conn->next; - else { - for (connnode = requests; connnode != NULL; connnode = connnode->next) { - if (connnode->next == conn) { - connnode->next = conn->next; - break; - } - } - } - - free(conn); -} - -static struct connreq *find_socks_request(int sockid, int includefinished) -{ - struct connreq *connnode; - - for (connnode = requests; connnode != NULL; connnode = connnode->next) { - if (connnode->sockid == sockid) { - if (((connnode->state == FAILED) || (connnode->state == DONE)) && - !includefinished) - break; - else - return(connnode); - } - } - - return(NULL); -} - -static int handle_request(struct connreq *conn) -{ - int rc = 0; - int i = 0; - - show_msg(MSGDEBUG, "Beginning handle loop for socket %d\n", conn->sockid); - - while ((rc == 0) && - (conn->state != FAILED) && - (conn->state != DONE) && - (i++ < 20)) { - show_msg(MSGDEBUG, "In request handle loop for socket %d, " - "current state of request is %d\n", conn->sockid, - conn->state); - switch(conn->state) { - case UNSTARTED: - case CONNECTING: - rc = connect_server(conn); - break; - case CONNECTED: - rc = send_socks_request(conn); - break; - case SENDING: - rc = send_buffer(conn); - break; - case RECEIVING: - rc = recv_buffer(conn); - break; - case SENTV4REQ: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V4 connect request\n"); - conn->datalen = sizeof(struct sockrep); - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV4REQ; - break; - case GOTV4REQ: - rc = read_socksv4_req(conn); - break; - case SENTV5METHOD: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 method negotiation\n"); - conn->datalen = 2; - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV5METHOD; - break; - case GOTV5METHOD: - rc = read_socksv5_method(conn); - break; - case SENTV5AUTH: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 authentication negotiation\n"); - conn->datalen = 2; - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV5AUTH; - break; - case GOTV5AUTH: - rc = read_socksv5_auth(conn); - break; - case SENTV5CONNECT: - show_msg(MSGDEBUG, "Receiving reply to SOCKS V5 connect request\n"); - conn->datalen = 10; - conn->datadone = 0; - conn->state = RECEIVING; - conn->nextstate = GOTV5CONNECT; - break; - case GOTV5CONNECT: - rc = read_socksv5_connect(conn); - break; - } - conn->err = errno; - } - - if (i == 20) - show_msg(MSGERR, "Ooops, state loop while handling request %d\n", - conn->sockid); - - show_msg(MSGDEBUG, "Handle loop completed for socket %d in state %d, " - "returning %d\n", conn->sockid, conn->state, rc); - return(rc); -} - -static int connect_server(struct connreq *conn) -{ - int rc; - - /* Connect this socket to the socks server */ - show_msg(MSGDEBUG, "Connecting to %s port %d\n", - inet_ntoa(conn->serveraddr.sin_addr), ntohs(conn->serveraddr.sin_port)); - - rc = realconnect(conn->sockid, (CONNECT_SOCKARG) &(conn->serveraddr), - sizeof(conn->serveraddr)); - - show_msg(MSGDEBUG, "Connect returned %d, errno is %d\n", rc, errno); - if (rc && errno == EISCONN) { - rc = 0; - show_msg(MSGDEBUG, "Socket %d already connected to SOCKS server\n", conn->sockid); - conn->state = CONNECTED; - } else if (rc) { - if (errno != EINPROGRESS) { - show_msg(MSGERR, "Error %d attempting to connect to SOCKS " - "server (%s)\n", errno, strerror(errno)); - conn->state = FAILED; - } else { - show_msg(MSGDEBUG, "Connection in progress\n"); - conn->state = CONNECTING; - } - } else { - show_msg(MSGDEBUG, "Socket %d connected to SOCKS server\n", conn->sockid); - conn->state = CONNECTED; - } - - return((rc ? errno : 0)); -} - -static int send_socks_request(struct connreq *conn) -{ - int rc = 0; - - if (conn->path->type == 4) { - char *name = get_pool_entry(pool, &(conn->connaddr.sin_addr)); - if(name != NULL) - rc = send_socksv4a_request(conn,name); - else - rc = send_socksv4_request(conn); - } else - rc = send_socksv5_method(conn); - return(rc); -} - -static int send_socksv4a_request(struct connreq *conn,const char *onion_host) -{ - struct passwd *user; - struct sockreq *thisreq; - int endOfUser; - /* Determine the current username */ - user = getpwuid(getuid()); - - thisreq = (struct sockreq *) conn->buffer; - endOfUser=sizeof(struct sockreq) + - (user == NULL ? 0 : strlen(user->pw_name)) + 1; - - /* Check the buffer has enough space for the request */ - /* and the user name */ - conn->datalen = endOfUser+ - (onion_host == NULL ? 0 : strlen(onion_host)) + 1; - if (sizeof(conn->buffer) < conn->datalen) { - show_msg(MSGERR, "The SOCKS username is too long"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - /* Create the request */ - thisreq->version = 4; - thisreq->command = 1; - thisreq->dstport = conn->connaddr.sin_port; - thisreq->dstip = htonl(1); - - /* Copy the username */ - strcpy((char *) thisreq + sizeof(struct sockreq), - (user == NULL ? "" : user->pw_name)); - - /* Copy the onion host */ - strcpy((char *) thisreq + endOfUser, - (onion_host == NULL ? "" : onion_host)); - - conn->datadone = 0; - conn->state = SENDING; - conn->nextstate = SENTV4REQ; - - return(0); -} - -static int send_socksv4_request(struct connreq *conn) -{ - struct passwd *user; - struct sockreq *thisreq; - - /* Determine the current username */ - user = getpwuid(getuid()); - - thisreq = (struct sockreq *) conn->buffer; - - /* Check the buffer has enough space for the request */ - /* and the user name */ - conn->datalen = sizeof(struct sockreq) + - (user == NULL ? 0 : strlen(user->pw_name)) + 1; - if (sizeof(conn->buffer) < conn->datalen) { - show_msg(MSGERR, "The SOCKS username is too long"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - /* Create the request */ - thisreq->version = 4; - thisreq->command = 1; - thisreq->dstport = conn->connaddr.sin_port; - thisreq->dstip = conn->connaddr.sin_addr.s_addr; - - /* Copy the username */ - strcpy((char *) thisreq + sizeof(struct sockreq), - (user == NULL ? "" : user->pw_name)); - - conn->datadone = 0; - conn->state = SENDING; - conn->nextstate = SENTV4REQ; - - return(0); -} - -static int send_socksv5_method(struct connreq *conn) -{ - char verstring[] = { 0x05, /* Version 5 SOCKS */ - 0x02, /* No. Methods */ - 0x00, /* Null Auth */ - 0x02 }; /* User/Pass Auth */ - - show_msg(MSGDEBUG, "Constructing V5 method negotiation\n"); - conn->state = SENDING; - conn->nextstate = SENTV5METHOD; - memcpy(conn->buffer, verstring, sizeof(verstring)); - conn->datalen = sizeof(verstring); - conn->datadone = 0; - - return(0); -} - -static int send_socksv5_connect(struct connreq *conn) -{ - int namelen = 0; - char *name = NULL; - char constring[] = { 0x05, /* Version 5 SOCKS */ - 0x01, /* Connect request */ - 0x00, /* Reserved */ - 0x01 }; /* IP Version 4 */ - - show_msg(MSGDEBUG, "Constructing V5 connect request\n"); - conn->datadone = 0; - conn->state = SENDING; - conn->nextstate = SENTV5CONNECT; - memcpy(conn->buffer, constring, sizeof(constring)); - conn->datalen = sizeof(constring); - - show_msg(MSGDEBUG, "send_socksv5_connect: looking for: %s\n", - inet_ntoa(conn->connaddr.sin_addr)); - - name = get_pool_entry(pool, &(conn->connaddr.sin_addr)); - if(name != NULL) { - namelen = strlen(name); - if(namelen > 255) /* "Can't happen" */ - name = NULL; - } - if(name != NULL) { - show_msg(MSGDEBUG, "send_socksv5_connect: found it!\n"); - /* Substitute the domain name from the pool into the SOCKS request. */ - conn->buffer[3] = 0x03; /* Change the ATYP field */ - conn->buffer[4] = namelen; /* Length of name */ - conn->datalen++; - memcpy(&conn->buffer[conn->datalen], name, namelen); - conn->datalen += namelen; - } else { - show_msg(MSGDEBUG, "send_socksv5_connect: ip address not found\n"); - /* Use the raw IP address */ - memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_addr.s_addr), - sizeof(conn->connaddr.sin_addr.s_addr)); - conn->datalen += sizeof(conn->connaddr.sin_addr.s_addr); - } - memcpy(&conn->buffer[conn->datalen], &(conn->connaddr.sin_port), - sizeof(conn->connaddr.sin_port)); - conn->datalen += sizeof(conn->connaddr.sin_port); - - return(0); -} - -static int send_buffer(struct connreq *conn) -{ - int rc = 0; - - show_msg(MSGDEBUG, "Writing to server (sending %d bytes)\n", conn->datalen); - while ((rc == 0) && (conn->datadone != conn->datalen)) { - rc = send(conn->sockid, conn->buffer + conn->datadone, - conn->datalen - conn->datadone, 0); - if (rc > 0) { - conn->datadone += rc; - rc = 0; - } else { - if (errno != EWOULDBLOCK) - show_msg(MSGDEBUG, "Write failed, %s\n", strerror(errno)); - rc = errno; - } - } - - if (conn->datadone == conn->datalen) - conn->state = conn->nextstate; - - show_msg(MSGDEBUG, "Sent %d bytes of %d bytes in buffer, return code is %d\n", - conn->datadone, conn->datalen, rc); - return(rc); -} - -static int recv_buffer(struct connreq *conn) -{ - int rc = 0; - - show_msg(MSGDEBUG, "Reading from server (expecting %d bytes)\n", conn->datalen); - while ((rc == 0) && (conn->datadone != conn->datalen)) { - rc = recv(conn->sockid, conn->buffer + conn->datadone, - conn->datalen - conn->datadone, 0); - if (rc > 0) { - conn->datadone += rc; - rc = 0; - } else if (rc == 0) { - show_msg(MSGDEBUG, "Peer has shutdown but we only read %d of %d bytes.\n", - conn->datadone, conn->datalen); - rc = ENOTCONN; /* ENOTCONN seems like the most fitting error message */ - } else { - if (errno != EWOULDBLOCK) - show_msg(MSGDEBUG, "Read failed, %s\n", strerror(errno)); - rc = errno; - } - } - - if (conn->datadone == conn->datalen) - conn->state = conn->nextstate; - - show_msg(MSGDEBUG, "Received %d bytes of %d bytes expected, return code is %d\n", - conn->datadone, conn->datalen, rc); - return(rc); -} - -static int read_socksv5_method(struct connreq *conn) -{ - struct passwd *nixuser; - char *uname, *upass; - - /* See if we offered an acceptable method */ - if (conn->buffer[1] == '\xff') { - show_msg(MSGERR, "SOCKS V5 server refused authentication methods\n"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - /* If the socks server chose username/password authentication */ - /* (method 2) then do that */ - if ((unsigned short int) conn->buffer[1] == 2) { - show_msg(MSGDEBUG, "SOCKS V5 server chose username/password authentication\n"); - - /* Determine the current *nix username */ - nixuser = getpwuid(getuid()); - - if (((uname = conn->path->defuser) == NULL) && - ((uname = getenv("TORSOCKS_USERNAME")) == NULL) && - ((uname = (nixuser == NULL ? NULL : nixuser->pw_name)) == NULL)) { - show_msg(MSGERR, "Could not get SOCKS username from " - "local passwd file, torsocks.conf " - "or $TORSOCKS_USERNAME to authenticate " - "with"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - if (((upass = getenv("TORSOCKS_PASSWORD")) == NULL) && - ((upass = conn->path->defpass) == NULL)) { - show_msg(MSGERR, "Need a password in torsocks.conf or " - "$TORSOCKS_PASSWORD to authenticate with"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - /* Check that the username / pass specified will */ - /* fit into the buffer */ - if ((3 + strlen(uname) + strlen(upass)) >= sizeof(conn->buffer)) { - show_msg(MSGERR, "The supplied socks username or " - "password is too long"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - conn->datalen = 0; - conn->buffer[conn->datalen] = '\x01'; - conn->datalen++; - conn->buffer[conn->datalen] = (int8_t) strlen(uname); - conn->datalen++; - memcpy(&(conn->buffer[conn->datalen]), uname, strlen(uname)); - conn->datalen = conn->datalen + strlen(uname); - conn->buffer[conn->datalen] = (int8_t) strlen(upass); - conn->datalen++; - memcpy(&(conn->buffer[conn->datalen]), upass, strlen(upass)); - conn->datalen = conn->datalen + strlen(upass); - - conn->state = SENDING; - conn->nextstate = SENTV5AUTH; - conn->datadone = 0; - } else - return(send_socksv5_connect(conn)); - - return(0); -} - -static int read_socksv5_auth(struct connreq *conn) -{ - - if (conn->buffer[1] != '\x00') { - show_msg(MSGERR, "SOCKS authentication failed, check username and password\n"); - conn->state = FAILED; - return(ECONNREFUSED); - } - - /* Ok, we authenticated ok, send the connection request */ - return(send_socksv5_connect(conn)); -} - -static int read_socksv5_connect(struct connreq *conn) -{ - - /* See if the connection succeeded */ - if (conn->buffer[1] != '\x00') { - show_msg(MSGERR, "SOCKS V5 connect failed: "); - conn->state = FAILED; - switch ((int8_t) conn->buffer[1]) { - case 1: - show_msg(MSGERR, "General SOCKS server failure\n"); - return(ECONNABORTED); - case 2: - show_msg(MSGERR, "Connection denied by rule\n"); - return(ECONNABORTED); - case 3: - show_msg(MSGERR, "Network unreachable\n"); - return(ENETUNREACH); - case 4: - show_msg(MSGERR, "Host unreachable\n"); - return(EHOSTUNREACH); - case 5: - show_msg(MSGERR, "Connection refused\n"); - return(ECONNREFUSED); - case 6: - show_msg(MSGERR, "TTL Expired\n"); - return(ETIMEDOUT); - case 7: - show_msg(MSGERR, "Command not supported\n"); - return(ECONNABORTED); - case 8: - show_msg(MSGERR, "Address type not supported\n"); - return(ECONNABORTED); - default: - show_msg(MSGERR, "Unknown error\n"); - return(ECONNABORTED); - } - } - conn->state = DONE; - - return(0); -} - -static int read_socksv4_req(struct connreq *conn) -{ - struct sockrep *thisrep; - - thisrep = (struct sockrep *) conn->buffer; - - if (thisrep->result != 90) { - show_msg(MSGERR, "SOCKS V4 connect rejected:\n"); - conn->state = FAILED; - switch(thisrep->result) { - case 91: - show_msg(MSGERR, "SOCKS server refused connection\n"); - return(ECONNREFUSED); - case 92: - show_msg(MSGERR, "SOCKS server refused connection " - "because of failed connect to identd " - "on this machine\n"); - return(ECONNREFUSED); - case 93: - show_msg(MSGERR, "SOCKS server refused connection " - "because identd and this library " - "reported different user-ids\n"); - return(ECONNREFUSED); - default: - show_msg(MSGERR, "Unknown reason\n"); - return(ECONNREFUSED); - } - } - conn->state = DONE; - - return(0); -} - #ifdef SUPPORT_RES_API int res_init(void) { diff --git a/src/torsocks.h b/src/torsocks.h deleted file mode 100644 index 396aa5e..0000000 --- a/src/torsocks.h +++ /dev/null @@ -1,104 +0,0 @@ -/*************************************************************************** - * * - * Copyright (C) 2000-2008 Shaun Clowes <delius(a)progsoc.org> * - * Copyright (C) 2008-2011 Robert Hogan <robert(a)roberthogan.net> * - * * - * This program is free software; you can redistribute it and/or modify * - * it under the terms of the GNU General Public License as published by * - * the Free Software Foundation; either version 2 of the License, or * - * (at your option) any later version. * - * * - * This program is distributed in the hope that it will be useful, * - * but WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * - * GNU General Public License for more details. * - * * - * You should have received a copy of the GNU General Public License * - * along with this program; if not, write to the * - * Free Software Foundation, Inc., * - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * - ***************************************************************************/ -/* torsocks.h - Structures used by torsocks to form SOCKS requests */ - -#ifndef _TORSOCKS_H - -#define _TORSOCKS_H 1 - -#include "parser.h" - -/* Structure representing a socks connection request */ -struct sockreq { - int8_t version; - int8_t command; - int16_t dstport; - int32_t dstip; - /* A null terminated username goes here */ -}; - -/* Structure representing a socks connection request response */ -struct sockrep { - int8_t version; - int8_t result; - int16_t ignore1; - int32_t ignore2; -}; - -/* Structure representing a socket which we are currently proxying */ -struct connreq { - /* Information about the socket and target */ - int sockid; - struct sockaddr_in connaddr; - struct sockaddr_in serveraddr; - - /* Pointer to the config entry for the socks server */ - struct serverent *path; - - /* Current state of this proxied socket */ - int state; - - /* Next state to go to when the send or receive is finished */ - int nextstate; - - /* When connections fail but an error number cannot be reported - * because the socket is non blocking we keep the connreq struct until - * the status is queried with connect() again, we then return - * this value */ - int err; - - /* Events that were set for this socket upon call to select() or - * poll() */ - int selectevents; - - /* Buffer for sending and receiving on the socket */ - unsigned int datalen; - unsigned int datadone; - char buffer[2048]; - - struct connreq *next; -}; - -/* Connection statuses */ -#define UNSTARTED 0 -#define CONNECTING 1 -#define CONNECTED 2 -#define SENDING 3 -#define RECEIVING 4 -#define SENTV4REQ 5 -#define GOTV4REQ 6 -#define SENTV5METHOD 7 -#define GOTV5METHOD 8 -#define SENTV5AUTH 9 -#define GOTV5AUTH 10 -#define SENTV5CONNECT 11 -#define GOTV5CONNECT 12 -#define DONE 13 -#define FAILED 14 - -/* Flags to indicate what events a socket was select()ed for */ -#define READ (1<<0) -#define WRITE (1<<1) -#define EXCEPT (1<<2) -#define READWRITE (READ|WRITE) -#define READWRITEEXCEPT (READ|WRITE|EXCEPT) - -#endif

1 0

[torsocks/osx] Fix typo in test/Makefile.am
by hoganrobert＠torproject.org 23 Oct '11

23 Oct '11

commit 0817b3a86108a428c39b2965c579e848ade73199 Author: Robert Hogan <robert(a)roberthogan.net> Date: Sat Feb 19 18:08:17 2011 +0000 Fix typo in test/Makefile.am --- test/Makefile.am | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/test/Makefile.am b/test/Makefile.am index 47b78f3..c03c387 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -2,5 +2,5 @@ noinst_PROGRAMS= test_torsocks LIBS = -lresolv -torsocks_test_SOURCES= test_torsocks.c +test_torsocks_SOURCES= test_torsocks.c CLEANFILES= test_torsocks

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits October 2011