tor-commits April 2014

tor-commits@lists.torproject.org

22 participants
2020 discussions

[torsocks/master] Fix: socks5 connect use connection domain and correct len
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit 1e3c81ef2471bf3bfde2701107f9c099c08f1dbf Author: David Goulet <dgoulet(a)ev0ke.net> Date: Sat Feb 8 15:15:43 2014 -0500 Fix: socks5 connect use connection domain and correct len The connection we are trying to do tells us if we need to connect to Tor in ipv6 or ipv4 since the socket that we send back needs to be connected with the right socket family. Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/socks5.c | 12 ++++++++++--… [View More] src/lib/torsocks.c | 2 ++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/common/socks5.c b/src/common/socks5.c index ede3594..81806c6 100644 --- a/src/common/socks5.c +++ b/src/common/socks5.c @@ -123,17 +123,25 @@ ATTR_HIDDEN int socks5_connect(struct connection *conn) { int ret; + socklen_t len; struct sockaddr *socks5_addr = NULL; assert(conn); assert(conn->fd >= 0); - switch (tsocks_config.socks5_addr.domain) { + /* + * We use the connection domain here since the connect() call MUST match + * the right socket family. Thus, trying to establish a connection to a + * remote IPv6, we have to connect to the Tor daemon in v6. + */ + switch (conn->dest_addr.domain) { case CONNECTION_DOMAIN_INET: socks5_addr = (struct sockaddr *) &tsocks_config.socks5_addr.u.sin; + len = sizeof(tsocks_config.socks5_addr.u.sin); break; case CONNECTION_DOMAIN_INET6: socks5_addr = (struct sockaddr *) &tsocks_config.socks5_addr.u.sin6; + len = sizeof(tsocks_config.socks5_addr.u.sin6); break; default: ERR("Socks5 connect domain unknown %d", @@ -145,7 +153,7 @@ int socks5_connect(struct connection *conn) do { /* Use the original libc connect() to the Tor. */ - ret = tsocks_libc_connect(conn->fd, socks5_addr, sizeof(*socks5_addr)); + ret = tsocks_libc_connect(conn->fd, socks5_addr, len); } while (ret < 0 && (errno == EINTR || errno == EINPROGRESS || errno == EALREADY)); if (ret < 0) { diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c index fbb091e..8d83bcd 100644 --- a/src/lib/torsocks.c +++ b/src/lib/torsocks.c @@ -398,6 +398,7 @@ int tsocks_tor_resolve(const char *hostname, uint32_t *ip_addr) ret = -errno; goto error; } + conn.dest_addr.domain = CONNECTION_DOMAIN_INET; ret = setup_tor_connection(&conn); if (ret < 0) { @@ -446,6 +447,7 @@ int tsocks_tor_resolve_ptr(const char *addr, char **ip, int af) ret = -errno; goto error; } + conn.dest_addr.domain = CONNECTION_DOMAIN_INET; ret = setup_tor_connection(&conn); if (ret < 0) { [View Less]

1 0

[torsocks/master] Fix: assert conn->fd typo
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit 2da4625bd2b0dfdee4e7595e2c360690f6ef9790 Author: Luke Gallagher <luke(a)hypergeometric.net> Date: Sat Feb 15 16:32:16 2014 +1100 Fix: assert conn->fd typo Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/socks5.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/socks5.c b/src/common/socks5.c index 81806c6..16bf585 100644 --- a/src/common/socks5.c +++ b/src/common/socks5.c @@ -523,7 +523,7 @@ int … [View More]

1 0

[torsocks/master] Fix: return right value with localhost resolve
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit 3227c6c4e8f4f04bfc2c90ff406b82635331ad51 Author: David Goulet <dgoulet(a)ev0ke.net> Date: Mon Feb 10 22:47:21 2014 -0500 Fix: return right value with localhost resolve Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/lib/torsocks.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c index b98e0ed..4bbe072 100644 --- a/src/lib/torsocks.c +++ b/src/lib/torsocks.c @@ -371,6 +371,7 @@ int tsocks_tor_resolve(… [View More]

1 0

[torsocks/master] Fix: IPv6 typo in socks5_send_resolve_ptr_request
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit fbb2a9c78f0929d4335ce38d10b01ab9831d9dd1 Author: Luke Gallagher <luke(a)hypergeometric.net> Date: Sun Feb 16 14:46:42 2014 +1100 Fix: IPv6 typo in socks5_send_resolve_ptr_request Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/socks5.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/socks5.c b/src/common/socks5.c index 16bf585..edf5c2e 100644 --- a/src/common/socks5.c +++ b/src/common/socks5.c @@ -612,7 +612,… [View More]

1 0

[torsocks/master] Fix: remove all variables with double underscore
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit 13c7235b018c40bf5c042d1e3aac294dccf225df Author: David Goulet <dgoulet(a)ev0ke.net> Date: Tue Feb 18 17:51:59 2014 +0000 Fix: remove all variables with double underscore Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/lib/close.c | 6 ++-- src/lib/connect.c | 19 +++++----- src/lib/getaddrinfo.c | 22 ++++++------ src/lib/gethostbyname.c | 92 +++++++++++++++++++++++------------------------ src/lib/getpeername.c | 4 +-- … [View More] src/lib/recv.c | 16 ++++----- src/lib/socket.c | 10 +++--- src/lib/socketpair.c | 8 ++--- src/lib/syscall.c | 20 +++++------ src/lib/torsocks.h | 92 +++++++++++++++++++++++------------------------ 10 files changed, 144 insertions(+), 145 deletions(-) diff --git a/src/lib/close.c b/src/lib/close.c index b8a6364..d774c85 100644 --- a/src/lib/close.c +++ b/src/lib/close.c @@ -30,10 +30,10 @@ LIBC_CLOSE_RET_TYPE tsocks_close(LIBC_CLOSE_SIG) { struct connection *conn; - DBG("Close catched for fd %d", __fd); + DBG("Close catched for fd %d", fd); connection_registry_lock(); - conn = connection_find(__fd); + conn = connection_find(fd); if (conn) { /* * Remove from the registry so it's not visible anymore and thus using @@ -53,7 +53,7 @@ LIBC_CLOSE_RET_TYPE tsocks_close(LIBC_CLOSE_SIG) } /* Return the original libc close. */ - return tsocks_libc_close(__fd); + return tsocks_libc_close(fd); } /* diff --git a/src/lib/connect.c b/src/lib/connect.c index 8f34e37..bb15882 100644 --- a/src/lib/connect.c +++ b/src/lib/connect.c @@ -40,18 +40,17 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) struct onion_entry *on_entry; struct sockaddr_in *inet_addr; - DBG("Connect catched on fd %d", __sockfd); + DBG("Connect catched on fd %d", sockfd); optlen = sizeof(sock_type); - ret = getsockopt(__sockfd, SOL_SOCKET, SO_TYPE, &sock_type, &optlen); + ret = getsockopt(sockfd, SOL_SOCKET, SO_TYPE, &sock_type, &optlen); if (ret < 0) { /* Use the getsockopt() errno value. */ goto error; } /* We can't handle a non inet socket. */ - if (__addr->sa_family != AF_INET && - __addr->sa_family != AF_INET6) { + if (addr->sa_family != AF_INET && addr->sa_family != AF_INET6) { DBG("[conect] Connection is not IPv4/v6. Ignoring."); goto libc_connect; } @@ -67,9 +66,9 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) } DBG("[connect] Socket family %s and type %d", - __addr->sa_family == AF_INET ? "AF_INET" : "AF_INET6", sock_type); + addr->sa_family == AF_INET ? "AF_INET" : "AF_INET6", sock_type); - inet_addr = (struct sockaddr_in *) __addr; + inet_addr = (struct sockaddr_in *) addr; /* * Lock registry to get the connection reference if one. In this code path, @@ -78,7 +77,7 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) * quickly unlocked and no reference is needed. */ connection_registry_lock(); - new_conn = connection_find(__sockfd); + new_conn = connection_find(sockfd); connection_registry_unlock(); if (new_conn) { /* Double connect() for the same fd. */ @@ -99,7 +98,7 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) * Create a connection without a destination address since we will set * the onion address name found before. */ - new_conn = connection_create(__sockfd, NULL); + new_conn = connection_create(sockfd, NULL); if (!new_conn) { errno = ENOMEM; goto error; @@ -112,7 +111,7 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) * Check if address is localhost. At this point, we are sure it's not a * .onion cookie address that is by default in the loopback network. */ - if (utils_sockaddr_is_localhost(__addr)) { + if (utils_sockaddr_is_localhost(addr)) { WARN("[connect] Connection to a local address are denied since it " "might be a TCP DNS query to a local DNS server. " "Rejecting it for safety reasons."); @@ -120,7 +119,7 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) goto error; } - new_conn = connection_create(__sockfd, __addr); + new_conn = connection_create(sockfd, addr); if (!new_conn) { errno = ENOMEM; goto error; diff --git a/src/lib/getaddrinfo.c b/src/lib/getaddrinfo.c index c93cd42..a0f5595 100644 --- a/src/lib/getaddrinfo.c +++ b/src/lib/getaddrinfo.c @@ -39,17 +39,17 @@ LIBC_GETADDRINFO_RET_TYPE tsocks_getaddrinfo(LIBC_GETADDRINFO_SIG) void *addr; char *ip_str, ipv4[INET_ADDRSTRLEN], ipv6[INET6_ADDRSTRLEN]; socklen_t ip_str_size; - const char *node; + const char *tmp_node; - DBG("[getaddrinfo] Requesting %s hostname", __node); + DBG("[getaddrinfo] Requesting %s hostname", node); - if (!__node) { + if (!node) { ret = EAI_NONAME; goto error; } /* Use right domain for the next step. */ - switch (__hints->ai_family) { + switch (hints->ai_family) { default: /* Default value is to use IPv4. */ case AF_INET: @@ -66,24 +66,24 @@ LIBC_GETADDRINFO_RET_TYPE tsocks_getaddrinfo(LIBC_GETADDRINFO_SIG) break; } - ret = inet_pton(af, __node, addr); + ret = inet_pton(af, node, addr); if (ret == 0) { /* The node most probably is a DNS name. */ - ret = tsocks_tor_resolve(__node, (uint32_t *) addr); + ret = tsocks_tor_resolve(node, (uint32_t *) addr); if (ret < 0) { ret = EAI_FAIL; goto error; } (void) inet_ntop(af, addr, ip_str, ip_str_size); - node = ip_str; - DBG("[getaddrinfo] Node %s resolved to %s", __node, node); + tmp_node = ip_str; + DBG("[getaddrinfo] Node %s resolved to %s", node,tmp_node); } else { - node = __node; - DBG("[getaddrinfo] Node %s will be passed to the libc call", node); + tmp_node = node; + DBG("[getaddrinfo] Node %s will be passed to the libc call", tmp_node); } - ret = tsocks_libc_getaddrinfo(node, __service, __hints, __res); + ret = tsocks_libc_getaddrinfo(tmp_node, service, hints, res); if (ret) { goto error; } diff --git a/src/lib/gethostbyname.c b/src/lib/gethostbyname.c index 9ba5cee..1b9d00e 100644 --- a/src/lib/gethostbyname.c +++ b/src/lib/gethostbyname.c @@ -64,15 +64,15 @@ LIBC_GETHOSTBYNAME_RET_TYPE tsocks_gethostbyname(LIBC_GETHOSTBYNAME_SIG) int ret; uint32_t ip; - DBG("[gethostbyname] Requesting %s hostname", __name); + DBG("[gethostbyname] Requesting %s hostname", name); - if (!__name) { + if (!name) { h_errno = HOST_NOT_FOUND; goto error; } /* Resolve the given hostname through Tor. */ - ret = tsocks_tor_resolve(__name, &ip); + ret = tsocks_tor_resolve(name, &ip); if (ret < 0) { goto error; } @@ -88,13 +88,13 @@ LIBC_GETHOSTBYNAME_RET_TYPE tsocks_gethostbyname(LIBC_GETHOSTBYNAME_SIG) tsocks_he_addr_list[0] = tsocks_he_addr; tsocks_he_addr_list[1] = NULL; - tsocks_he.h_name = (char *) __name; + tsocks_he.h_name = (char *) name; tsocks_he.h_aliases = NULL; tsocks_he.h_length = sizeof(in_addr_t); tsocks_he.h_addrtype = AF_INET; tsocks_he.h_addr_list = tsocks_he_addr_list; - DBG("Hostname %s resolved to %s", __name, + DBG("Hostname %s resolved to %s", name, inet_ntoa(*((struct in_addr *) &ip))); errno = 0; @@ -124,12 +124,12 @@ LIBC_GETHOSTBYNAME2_RET_TYPE tsocks_gethostbyname2(LIBC_GETHOSTBYNAME2_SIG) * For now, there is no way of resolving a domain name to IPv6 through Tor * so only accept INET request thus using the original gethostbyname(). */ - if (__af != AF_INET) { + if (af != AF_INET) { h_errno = HOST_NOT_FOUND; return NULL; } - return tsocks_gethostbyname(__name); + return tsocks_gethostbyname(name); } /* @@ -155,24 +155,24 @@ LIBC_GETHOSTBYADDR_RET_TYPE tsocks_gethostbyaddr(LIBC_GETHOSTBYADDR_SIG) * Tor does not allow to resolve to an IPv6 pointer so only accept inet * return address. */ - if (!__addr || __type != AF_INET) { + if (!addr || type != AF_INET) { h_errno = HOST_NOT_FOUND; goto error; } DBG("[gethostbyaddr] Requesting address %s of len %d and type %d", - inet_ntoa(*((struct in_addr *) __addr)), __len, __type); + inet_ntoa(*((struct in_addr *) addr)), len, type); /* Reset static host entry of tsocks. */ memset(&tsocks_he, 0, sizeof(tsocks_he)); memset(tsocks_he_addr_list, 0, sizeof(tsocks_he_addr_list)); memset(tsocks_he_name, 0, sizeof(tsocks_he_name)); - ret = tsocks_tor_resolve_ptr(__addr, &hostname, __type); + ret = tsocks_tor_resolve_ptr(addr, &hostname, type); if (ret < 0) { const char *ret_str; - ret_str = inet_ntop(__type, __addr, tsocks_he_name, + ret_str = inet_ntop(type, addr, tsocks_he_name, sizeof(tsocks_he_name)); if (!ret_str) { h_errno = HOST_NOT_FOUND; @@ -181,13 +181,13 @@ LIBC_GETHOSTBYADDR_RET_TYPE tsocks_gethostbyaddr(LIBC_GETHOSTBYADDR_SIG) } else { memcpy(tsocks_he_name, hostname, sizeof(tsocks_he_name)); free(hostname); - tsocks_he_addr_list[0] = (char *) __addr; + tsocks_he_addr_list[0] = (char *) addr; } tsocks_he.h_name = tsocks_he_name; tsocks_he.h_aliases = NULL; tsocks_he.h_length = strlen(tsocks_he_name); - tsocks_he.h_addrtype = __type; + tsocks_he.h_addrtype = type; tsocks_he.h_addr_list = tsocks_he_addr_list; errno = 0; @@ -221,53 +221,53 @@ LIBC_GETHOSTBYADDR_R_RET_TYPE tsocks_gethostbyaddr_r(LIBC_GETHOSTBYADDR_R_SIG) char padding[]; } *data; - if (__buflen < sizeof(struct data)) { + if (buflen < sizeof(struct data)) { ret = ERANGE; goto error; } - data = (struct data *) __buf; + data = (struct data *) buf; memset(data, 0, sizeof(*data)); /* * Tor does not allow to resolve to an IPv6 pointer so only accept inet * return address. */ - if (!__addr || __type != AF_INET) { + if (!addr || type != AF_INET) { ret = HOST_NOT_FOUND; - if (__h_errnop) { - *__h_errnop = HOST_NOT_FOUND; + if (h_errnop) { + *h_errnop = HOST_NOT_FOUND; } goto error; } DBG("[gethostbyaddr_r] Requesting address %s of len %d and type %d", - inet_ntoa(*((struct in_addr *) __addr)), __len, __type); + inet_ntoa(*((struct in_addr *) addr)), len, type); /* This call allocates hostname. On error, it's untouched. */ - ret = tsocks_tor_resolve_ptr(__addr, &data->hostname, __type); + ret = tsocks_tor_resolve_ptr(addr, &data->hostname, type); if (ret < 0) { const char *ret_str; - ret_str = inet_ntop(__type, __addr, __buf, __buflen); + ret_str = inet_ntop(type, addr, buf, buflen); if (!ret_str) { ret = HOST_NOT_FOUND; if (errno == ENOSPC) { ret = ERANGE; } - if (__h_errnop) { - *__h_errnop = HOST_NOT_FOUND; + if (h_errnop) { + *h_errnop = HOST_NOT_FOUND; } goto error; } } /* Ease our life a bit. */ - he = __ret; + he = hret; if (!he) { ret = NO_RECOVERY; - if (__h_errnop) { - *__h_errnop = NO_RECOVERY; + if (h_errnop) { + *h_errnop = NO_RECOVERY; } goto error; } @@ -276,8 +276,8 @@ LIBC_GETHOSTBYADDR_R_RET_TYPE tsocks_gethostbyaddr_r(LIBC_GETHOSTBYADDR_R_SIG) he->h_name = data->hostname; } else { ret = NO_RECOVERY; - if (__h_errnop) { - *__h_errnop = NO_RECOVERY; + if (h_errnop) { + *h_errnop = NO_RECOVERY; } goto error; } @@ -285,12 +285,12 @@ LIBC_GETHOSTBYADDR_R_RET_TYPE tsocks_gethostbyaddr_r(LIBC_GETHOSTBYADDR_R_SIG) he->h_aliases = NULL; he->h_length = strlen(he->h_name); /* Assign the address list within the data of the given buffer. */ - data->addr_list[0] = (char *) __addr; + data->addr_list[0] = (char *) addr; data->addr_list[1] = NULL; he->h_addr_list = data->addr_list; - if (__result) { - *__result = he; + if (result) { + *result = he; } /* Everything went good. */ @@ -327,34 +327,34 @@ LIBC_GETHOSTBYNAME_R_RET_TYPE tsocks_gethostbyname_r(LIBC_GETHOSTBYNAME_R_SIG) char padding[]; } *data; - DBG("[gethostbyname_r] Requesting %s hostname", __name); + DBG("[gethostbyname_r] Requesting %s hostname", name); - if (!__name) { - *__h_errnop = HOST_NOT_FOUND; + if (!name) { + *h_errnop = HOST_NOT_FOUND; ret = -1; goto error; } - if (__buflen < sizeof(*data)) { + if (buflen < sizeof(*data)) { ret = ERANGE; goto error; } /* Resolve the given hostname through Tor. */ - ret = tsocks_tor_resolve(__name, &ip); + ret = tsocks_tor_resolve(name, &ip); if (ret < 0) { goto error; } - data = (struct data *) __buf; + data = (struct data *) buf; memset(data, 0, sizeof(*data)); /* Ease our life a bit. */ - he = __ret; + he = hret; ret_str = inet_ntop(AF_INET, &ip, data->addr, sizeof(data->addr)); if (!ret_str) { PERROR("inet_ntop"); - *__h_errnop = NO_ADDRESS; + *h_errnop = NO_ADDRESS; goto error; } @@ -363,12 +363,12 @@ LIBC_GETHOSTBYNAME_R_RET_TYPE tsocks_gethostbyname_r(LIBC_GETHOSTBYNAME_R_SIG) data->addr_list[1] = NULL; he->h_addr_list = data->addr_list; - he->h_name = (char *) __name; + he->h_name = (char *) name; he->h_aliases = NULL; he->h_length = sizeof(in_addr_t); he->h_addrtype = AF_INET; - DBG("[gethostbyname_r] Hostname %s resolved to %s", __name, + DBG("[gethostbyname_r] Hostname %s resolved to %s", name, inet_ntoa(*((struct in_addr *) &ip))); error: @@ -390,19 +390,19 @@ LIBC_GETHOSTBYNAME_R_DECL */ LIBC_GETHOSTBYNAME2_R_RET_TYPE tsocks_gethostbyname2_r(LIBC_GETHOSTBYNAME2_R_SIG) { - DBG("[gethostbyname2_r] Requesting %s hostname", __name); + DBG("[gethostbyname2_r] Requesting %s hostname", name); /* * For now, there is no way of resolving a domain name to IPv6 through Tor * so only accept INET request thus using the original gethostbyname(). */ - if (__af != AF_INET) { - *__h_errnop = HOST_NOT_FOUND; + if (af != AF_INET) { + *h_errnop = HOST_NOT_FOUND; return -1; } - return tsocks_gethostbyname_r(__name, __ret, __buf, __buflen, __result, - __h_errnop); + return tsocks_gethostbyname_r(name, hret, buf, buflen, result, + h_errnop); } /* diff --git a/src/lib/getpeername.c b/src/lib/getpeername.c index 0b0ad9b..607c1b1 100644 --- a/src/lib/getpeername.c +++ b/src/lib/getpeername.c @@ -34,10 +34,10 @@ LIBC_GETPEERNAME_RET_TYPE tsocks_getpeername(LIBC_GETPEERNAME_SIG) int ret = 0; struct connection *conn; - DBG("[getpeername] Requesting address on socket %d", __sockfd); + DBG("[getpeername] Requesting address on socket %d", sockfd); connection_registry_lock(); - conn = connection_find(__sockfd); + conn = connection_find(sockfd); if (!conn) { errno = ENOTCONN; ret = -1; diff --git a/src/lib/recv.c b/src/lib/recv.c index 11b2e7b..b041f6d 100644 --- a/src/lib/recv.c +++ b/src/lib/recv.c @@ -39,24 +39,24 @@ LIBC_RECVMSG_RET_TYPE tsocks_recvmsg(LIBC_RECVMSG_SIG) char dummy, recv_fd[CMSG_SPACE(sizeof(fd))]; struct iovec iov[1]; struct cmsghdr *cmsg; - struct msghdr msg; + struct msghdr msg_hdr; - memset(&msg, 0, sizeof(msg)); + memset(&msg_hdr, 0, sizeof(msg_hdr)); /* Prepare to receive the structures */ iov[0].iov_base = &dummy; iov[0].iov_len = 1; - msg.msg_iov = iov; - msg.msg_iovlen = 1; - msg.msg_control = recv_fd; - msg.msg_controllen = sizeof(recv_fd); + msg_hdr.msg_iov = iov; + msg_hdr.msg_iovlen = 1; + msg_hdr.msg_control = recv_fd; + msg_hdr.msg_controllen = sizeof(recv_fd); do { /* Just peek the data to inspect the payload for fd. */ - ret = tsocks_libc_recvmsg(__sockfd, &msg, MSG_PEEK); + ret = tsocks_libc_recvmsg(sockfd, &msg_hdr, MSG_PEEK); } while (ret < 0 && errno == EINTR); - cmsg = CMSG_FIRSTHDR(&msg); + cmsg = CMSG_FIRSTHDR(&msg_hdr); if (!cmsg) { goto end; } diff --git a/src/lib/socket.c b/src/lib/socket.c index 2a50c3e..cae47ec 100644 --- a/src/lib/socket.c +++ b/src/lib/socket.c @@ -30,11 +30,11 @@ TSOCKS_LIBC_DECL(socket, LIBC_SOCKET_RET_TYPE, LIBC_SOCKET_SIG) LIBC_SOCKET_RET_TYPE tsocks_socket(LIBC_SOCKET_SIG) { DBG("[socket] Creating socket with domain %d, type %d and protocol %d", - __domain, __type, __protocol); + domain, type, protocol); - switch (__type) { + switch (type) { case SOCK_STREAM: - if (__domain == AF_INET6) { + if (domain == AF_INET6) { /* Tor does not handle IPv6 at the moment. Reject it. */ ERR("Socket is IPv6. Tor does not handle AF_INET6 connection."); errno = EINVAL; @@ -42,7 +42,7 @@ LIBC_SOCKET_RET_TYPE tsocks_socket(LIBC_SOCKET_SIG) } break; default: - if (__domain == AF_INET || __domain == AF_INET6) { + if (domain == AF_INET || domain == AF_INET6) { /* * Print this message only in debug mode. Very often, applications * uses the libc to do DNS resolution which first tries with UDP @@ -60,7 +60,7 @@ LIBC_SOCKET_RET_TYPE tsocks_socket(LIBC_SOCKET_SIG) } /* Stream socket for INET/INET6 is good so open it. */ - return tsocks_libc_socket(__domain, __type, __protocol); + return tsocks_libc_socket(domain, type, protocol); } /* diff --git a/src/lib/socketpair.c b/src/lib/socketpair.c index 8889410..a358124 100644 --- a/src/lib/socketpair.c +++ b/src/lib/socketpair.c @@ -30,13 +30,13 @@ TSOCKS_LIBC_DECL(socketpair, LIBC_SOCKETPAIR_RET_TYPE, LIBC_SOCKETPAIR_SIG) LIBC_SOCKETPAIR_RET_TYPE tsocks_socketpair(LIBC_SOCKETPAIR_SIG) { DBG("[socketpair] Creating socket with domain %d, type %d and protocol %d", - __domain, __type, __protocol); + domain, type, protocol); - switch (__type) { + switch (type) { case SOCK_STREAM: break; default: - if (__domain == AF_INET || __domain == AF_INET6) { + if (domain == AF_INET || domain == AF_INET6) { ERR("Non TCP socketpair denied. Tor network can't handle it. " "Stopping everything!"); errno = EINVAL; @@ -46,7 +46,7 @@ LIBC_SOCKETPAIR_RET_TYPE tsocks_socketpair(LIBC_SOCKETPAIR_SIG) } /* Stream socket for INET/INET6 is good so open it. */ - return tsocks_libc_socketpair(__domain, __type, __protocol, __sv); + return tsocks_libc_socketpair(domain, type, protocol, sv); } /* diff --git a/src/lib/syscall.c b/src/lib/syscall.c index adc433b..2539855 100644 --- a/src/lib/syscall.c +++ b/src/lib/syscall.c @@ -107,11 +107,11 @@ static LIBC_SYSCALL_RET_TYPE handle_munmap(va_list args) /* * Torsocks call for syscall(2) */ -LIBC_SYSCALL_RET_TYPE tsocks_syscall(long int __number, va_list args) +LIBC_SYSCALL_RET_TYPE tsocks_syscall(long int number, va_list args) { LIBC_SYSCALL_RET_TYPE ret; - switch (__number) { + switch (number) { case TSOCKS_NR_SOCKET: ret = handle_socket(args); break; @@ -162,7 +162,7 @@ LIBC_SYSCALL_RET_TYPE tsocks_syscall(long int __number, va_list args) * off the Tor network. */ WARN("[syscall] Unsupported syscall number %ld. Denying the call", - __number); + number); ret = -1; errno = ENOSYS; break; @@ -179,8 +179,8 @@ LIBC_SYSCALL_DECL LIBC_SYSCALL_RET_TYPE ret; va_list args; - va_start(args, __number); - ret = tsocks_syscall(__number, args); + va_start(args, number); + ret = tsocks_syscall(number, args); va_end(args); return ret; @@ -212,11 +212,11 @@ static LIBC___SYSCALL_RET_TYPE handle_bsd_mmap(va_list args) return (LIBC___SYSCALL_RET_TYPE) mmap(addr, len, prot, flags, fd, offset); } -LIBC___SYSCALL_RET_TYPE tsocks___syscall(quad_t __number, va_list args) +LIBC___SYSCALL_RET_TYPE tsocks___syscall(quad_t number, va_list args) { LIBC_SYSCALL_RET_TYPE ret; - switch (__number) { + switch (number) { case TSOCKS_NR_MMAP: /* * Please see the mmap comment in the syscall() function to understand @@ -230,7 +230,7 @@ LIBC___SYSCALL_RET_TYPE tsocks___syscall(quad_t __number, va_list args) * off the Tor network. */ WARN("[syscall] Unsupported __syscall number %ld. Denying the call", - __number); + number); ret = -1; errno = ENOSYS; break; @@ -244,8 +244,8 @@ LIBC___SYSCALL_DECL LIBC___SYSCALL_RET_TYPE ret; va_list args; - va_start(args, __number); - ret = tsocks___syscall(__number, args); + va_start(args, number); + ret = tsocks___syscall(number, args); va_end(args); return ret; diff --git a/src/lib/torsocks.h b/src/lib/torsocks.h index 3e82a94..454ad1c 100644 --- a/src/lib/torsocks.h +++ b/src/lib/torsocks.h @@ -43,27 +43,27 @@ #define LIBC_CONNECT_NAME_STR XSTR(LIBC_CONNECT_NAME) #define LIBC_CONNECT_RET_TYPE int #define LIBC_CONNECT_SIG \ - int __sockfd, const struct sockaddr *__addr, socklen_t __addrlen + int sockfd, const struct sockaddr *addr, socklen_t addrlen #define LIBC_CONNECT_ARGS \ - __sockfd, __addr, __addrlen + sockfd, addr, addrlen /* socket(2) */ #define LIBC_SOCKET_NAME socket #define LIBC_SOCKET_NAME_STR XSTR(LIBC_SOCKET_NAME) #define LIBC_SOCKET_RET_TYPE int #define LIBC_SOCKET_SIG \ - int __domain, int __type, int __protocol + int domain, int type, int protocol #define LIBC_SOCKET_ARGS \ - __domain, __type, __protocol + domain, type, protocol /* socketpair(2) */ #define LIBC_SOCKETPAIR_NAME socketpair #define LIBC_SOCKETPAIR_NAME_STR XSTR(LIBC_SOCKETPAIR_NAME) #define LIBC_SOCKETPAIR_RET_TYPE int #define LIBC_SOCKETPAIR_SIG \ - int __domain, int __type, int __protocol, int __sv[2] + int domain, int type, int protocol, int sv[2] #define LIBC_SOCKETPAIR_ARGS \ - __domain, __type, __protocol, __sv + domain, type, protocol, sv /* close(2) */ #include <unistd.h> @@ -71,8 +71,8 @@ #define LIBC_CLOSE_NAME close #define LIBC_CLOSE_NAME_STR XSTR(LIBC_CLOSE_NAME) #define LIBC_CLOSE_RET_TYPE int -#define LIBC_CLOSE_SIG int __fd -#define LIBC_CLOSE_ARGS __fd +#define LIBC_CLOSE_SIG int fd +#define LIBC_CLOSE_ARGS fd /* gethostbyname(3) - DEPRECATED in glibc. */ #include <netdb.h> @@ -91,35 +91,35 @@ extern char tsocks_he_name[255]; #define LIBC_GETHOSTBYNAME_NAME gethostbyname #define LIBC_GETHOSTBYNAME_NAME_STR XSTR(LIBC_GETHOSTBYNAME_NAME) #define LIBC_GETHOSTBYNAME_RET_TYPE struct hostent * -#define LIBC_GETHOSTBYNAME_SIG const char *__name -#define LIBC_GETHOSTBYNAME_ARGS __name +#define LIBC_GETHOSTBYNAME_SIG const char *name +#define LIBC_GETHOSTBYNAME_ARGS name /* gethostbyname2(3) - GNU extension to avoid static data. */ #define LIBC_GETHOSTBYNAME2_NAME gethostbyname2 #define LIBC_GETHOSTBYNAME2_NAME_STR XSTR(LIBC_GETHOSTBYNAME2_NAME) #define LIBC_GETHOSTBYNAME2_RET_TYPE struct hostent * -#define LIBC_GETHOSTBYNAME2_SIG const char *__name, int __af -#define LIBC_GETHOSTBYNAME2_ARGS __name, __af +#define LIBC_GETHOSTBYNAME2_SIG const char *name, int af +#define LIBC_GETHOSTBYNAME2_ARGS name, af /* GNU extension. Reentrant version. */ #define LIBC_GETHOSTBYNAME_R_NAME gethostbyname_r #define LIBC_GETHOSTBYNAME_R_NAME_STR XSTR(LIBC_GETHOSTBYNAME_R_NAME) #define LIBC_GETHOSTBYNAME_R_RET_TYPE int -#define LIBC_GETHOSTBYNAME_R_SIG const char *__name, \ - struct hostent *__ret, char *__buf, size_t __buflen, \ - struct hostent **__result, int *__h_errnop -#define LIBC_GETHOSTBYNAME_R_ARGS __name, __ret, __buf, \ - __buflen, __result, __h_errnop +#define LIBC_GETHOSTBYNAME_R_SIG const char *name, \ + struct hostent *hret, char *buf, size_t buflen, \ + struct hostent **result, int *h_errnop +#define LIBC_GETHOSTBYNAME_R_ARGS name, hret, buf, \ + buflen, result, h_errnop /* GNU extension. Reentrant version 2. */ #define LIBC_GETHOSTBYNAME2_R_NAME gethostbyname2_r #define LIBC_GETHOSTBYNAME2_R_NAME_STR XSTR(LIBC_GETHOSTBYNAME2_R_NAME) #define LIBC_GETHOSTBYNAME2_R_RET_TYPE int -#define LIBC_GETHOSTBYNAME2_R_SIG const char *__name, int __af, \ - struct hostent *__ret, char *__buf, size_t __buflen, \ -struct hostent **__result, int *__h_errnop -#define LIBC_GETHOSTBYNAME2_R_ARGS __name, __af, __ret, __buf, \ - __buflen, __result, __h_errnop +#define LIBC_GETHOSTBYNAME2_R_SIG const char *name, int af, \ + struct hostent *hret, char *buf, size_t buflen, \ +struct hostent **result, int *h_errnop +#define LIBC_GETHOSTBYNAME2_R_ARGS name, af, hret, buf, \ + buflen, result, h_errnop /* gethostbyaddr(3) - DEPRECATED in glibc. */ #include <sys/socket.h> @@ -127,18 +127,18 @@ struct hostent **__result, int *__h_errnop #define LIBC_GETHOSTBYADDR_NAME gethostbyaddr #define LIBC_GETHOSTBYADDR_NAME_STR XSTR(LIBC_GETHOSTBYADDR_NAME) #define LIBC_GETHOSTBYADDR_RET_TYPE struct hostent * -#define LIBC_GETHOSTBYADDR_SIG const void *__addr, socklen_t __len, int __type -#define LIBC_GETHOSTBYADDR_ARGS __addr, __len, __type +#define LIBC_GETHOSTBYADDR_SIG const void *addr, socklen_t len, int type +#define LIBC_GETHOSTBYADDR_ARGS addr, len, type /* GNU extension. Reentrant version. */ #define LIBC_GETHOSTBYADDR_R_NAME gethostbyaddr_r #define LIBC_GETHOSTBYADDR_R_NAME_STR XSTR(LIBC_GETHOSTBYADDR_R_NAME) #define LIBC_GETHOSTBYADDR_R_RET_TYPE int -#define LIBC_GETHOSTBYADDR_R_SIG const void *__addr, socklen_t __len, int __type, \ - struct hostent *__ret, char *__buf, size_t __buflen, \ - struct hostent **__result, int *__h_errnop -#define LIBC_GETHOSTBYADDR_R_ARGS __addr, __len, __type, __ret, __buf, \ - __buflen, __result, __h_errnop +#define LIBC_GETHOSTBYADDR_R_SIG const void *addr, socklen_t len, int type, \ + struct hostent *hret, char *buf, size_t buflen, \ + struct hostent **result, int *h_errnop +#define LIBC_GETHOSTBYADDR_R_ARGS addr, len, type, hret, buf, \ + buflen, result, h_errnop /* getaddrinfo(3) */ #include <netdb.h> @@ -147,9 +147,9 @@ struct hostent **__result, int *__h_errnop #define LIBC_GETADDRINFO_NAME_STR XSTR(LIBC_GETADDRINFO_NAME) #define LIBC_GETADDRINFO_RET_TYPE int #define LIBC_GETADDRINFO_SIG \ - const char *__node, const char *__service, const struct addrinfo *__hints,\ - struct addrinfo **__res -#define LIBC_GETADDRINFO_ARGS __node, __service, __hints, __res + const char *node, const char *service, const struct addrinfo *hints,\ + struct addrinfo **res +#define LIBC_GETADDRINFO_ARGS node, service, hints, res /* getpeername(2) */ #include <sys/socket.h> @@ -158,16 +158,16 @@ struct hostent **__result, int *__h_errnop #define LIBC_GETPEERNAME_NAME_STR XSTR(LIBC_GETPEERNAME_NAME) #define LIBC_GETPEERNAME_RET_TYPE int #define LIBC_GETPEERNAME_SIG \ - int __sockfd, struct sockaddr *__addr, socklen_t *__addrlen -#define LIBC_GETPEERNAME_ARGS __sockfd, __addr, __addrlen + int sockfd, struct sockaddr *addr, socklen_t *addrlen +#define LIBC_GETPEERNAME_ARGS sockfd, addr, addrlen #define LIBC_RECVMSG_NAME recvmsg #define LIBC_RECVMSG_NAME_STR XSTR(LIBC_RECVMSG_NAME) #define LIBC_RECVMSG_RET_TYPE ssize_t #define LIBC_RECVMSG_SIG \ - int __sockfd, struct msghdr *__msg, int __flags + int sockfd, struct msghdr *msg, int flags #define LIBC_RECVMSG_ARGS \ - __sockfd, __msg, __flags + sockfd, msg, flags #else #error "OS not supported." @@ -181,8 +181,8 @@ struct hostent **__result, int *__h_errnop #define LIBC_SYSCALL_NAME syscall #define LIBC_SYSCALL_NAME_STR XSTR(LIBC_SYSCALL_NAME) #define LIBC_SYSCALL_RET_TYPE long int -#define LIBC_SYSCALL_SIG long int __number, ... -#define LIBC_SYSCALL_ARGS __number +#define LIBC_SYSCALL_SIG long int number, ... +#define LIBC_SYSCALL_ARGS number #endif /* __linux__ */ @@ -192,8 +192,8 @@ struct hostent **__result, int *__h_errnop #define LIBC_SYSCALL_NAME syscall #define LIBC_SYSCALL_NAME_STR XSTR(LIBC_SYSCALL_NAME) #define LIBC_SYSCALL_RET_TYPE int -#define LIBC_SYSCALL_SIG int __number, ... -#define LIBC_SYSCALL_ARGS __number +#define LIBC_SYSCALL_SIG int number, ... +#define LIBC_SYSCALL_ARGS number #endif /* __FreeBSD__, __darwin__, __NetBSD__ */ @@ -203,8 +203,8 @@ struct hostent **__result, int *__h_errnop #define LIBC_SYSCALL_NAME syscall #define LIBC_SYSCALL_NAME_STR XSTR(LIBC_SYSCALL_NAME) #define LIBC_SYSCALL_RET_TYPE long int -#define LIBC_SYSCALL_SIG long int __number, ... -#define LIBC_SYSCALL_ARGS __number +#define LIBC_SYSCALL_SIG long int number, ... +#define LIBC_SYSCALL_ARGS number #endif /* __GLIBC__ && __FreeBSD_kernel__ */ @@ -214,16 +214,16 @@ struct hostent **__result, int *__h_errnop #define LIBC___SYSCALL_NAME __syscall #define LIBC___SYSCALL_NAME_STR XSTR(LIBC___SYSCALL_NAME) #define LIBC___SYSCALL_RET_TYPE off_t -#define LIBC___SYSCALL_SIG quad_t __number, ... -#define LIBC___SYSCALL_ARGS __number +#define LIBC___SYSCALL_SIG quad_t number, ... +#define LIBC___SYSCALL_ARGS number #elif defined(__NetBSD__) #define LIBC___SYSCALL_NAME __syscall #define LIBC___SYSCALL_NAME_STR XSTR(LIBC___SYSCALL_NAME) #define LIBC___SYSCALL_RET_TYPE quad_t -#define LIBC___SYSCALL_SIG quad_t __number, ... -#define LIBC___SYSCALL_ARGS __number +#define LIBC___SYSCALL_SIG quad_t number, ... +#define LIBC___SYSCALL_ARGS number #endif /* __FreeBSD__, __NetBSD__ */ [View Less]

1 0

[torsocks/master] Fix: change socks5_send_ptr_request to use address type
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit 6c003efb7af3158b41396193de49621ea795007d Author: Luke Gallagher <luke(a)hypergeometric.net> Date: Mon Feb 17 10:08:00 2014 +1100 Fix: change socks5_send_ptr_request to use address type inet_ntop returns a pointer to the destination string, so an IPv6 address would always be converted as if it were an IPv4 address (AF_INET). Add the address family as a third parameter to socks5_send_ptr_request to reliably determine the address type to request. … [View More]The order of parameters to socks5_send_ptr_request has also been changed. Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/socks5.c | 12 +++++++----- src/common/socks5.h | 2 +- src/lib/torsocks.c | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/common/socks5.c b/src/common/socks5.c index edf5c2e..fb0dc9c 100644 --- a/src/common/socks5.c +++ b/src/common/socks5.c @@ -585,11 +585,10 @@ error: * Return 0 on success or else a negative value. */ ATTR_HIDDEN -int socks5_send_resolve_ptr_request(const void *ip, struct connection *conn) +int socks5_send_resolve_ptr_request(struct connection *conn, const void *ip, int af) { int ret, ret_send; char buffer[20]; /* Can't go higher than that (with IPv6). */ - char ip_str[INET6_ADDRSTRLEN]; size_t msg_len, data_len; struct socks5_request msg; struct socks5_request_resolve_ptr req; @@ -607,13 +606,16 @@ int socks5_send_resolve_ptr_request(const void *ip, struct connection *conn) /* Always zeroed. */ msg.rsv = 0; - if (inet_ntop(AF_INET, ip, ip_str, sizeof(ip_str))) { + switch (af) { + case AF_INET: msg.atyp = SOCKS5_ATYP_IPV4; memcpy(req.addr.ipv4, ip, 4); - } else if (inet_ntop(AF_INET6, ip, ip_str, sizeof(ip_str))) { + break; + case AF_INET6: msg.atyp = SOCKS5_ATYP_IPV6; memcpy(req.addr.ipv6, ip, 16); - } else { + break; + default: ERR("Unknown address domain of %d", ip); ret = -EINVAL; goto error; diff --git a/src/common/socks5.h b/src/common/socks5.h index 2699357..67da3aa 100644 --- a/src/common/socks5.h +++ b/src/common/socks5.h @@ -133,6 +133,6 @@ int socks5_send_resolve_request(const char *hostname, struct connection *conn); int socks5_recv_resolve_reply(struct connection *conn, void *addr, size_t addrlent); int socks5_recv_resolve_ptr_reply(struct connection *conn, char **_hostname); -int socks5_send_resolve_ptr_request(const void *ip, struct connection *conn); +int socks5_send_resolve_ptr_request(struct connection *conn, const void *ip, int af); #endif /* TORSOCKS_SOCKS_H */ diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c index 4bbe072..ba7142d 100644 --- a/src/lib/torsocks.c +++ b/src/lib/torsocks.c @@ -454,7 +454,7 @@ int tsocks_tor_resolve_ptr(const char *addr, char **ip, int af) goto end_close; } - ret = socks5_send_resolve_ptr_request(addr, &conn); + ret = socks5_send_resolve_ptr_request(&conn, addr, af); if (ret < 0) { goto end_close; } [View Less]

1 0

[torsocks/master] Fix: check strdup return value
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit c54460b94e2a552a9e1fbe65c9f34210d4d1277a Author: David Goulet <dgoulet(a)ev0ke.net> Date: Thu Feb 20 11:05:57 2014 +0000 Fix: check strdup return value Reported-by: Nick Mathewson <nickm(a)torproject.org> Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/utils.c | 8 ++++++++ src/lib/connect.c | 6 +++++- src/lib/torsocks.c | 4 ++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/src/common/utils.c b/src/… [View More]

1 0

[torsocks/master] Fix: better document connection registry mutex
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit 151f49cd7ddd0ab54cdb0f033a34340289600fe4 Author: David Goulet <dgoulet(a)ev0ke.net> Date: Thu Feb 20 11:10:14 2014 +0000 Fix: better document connection registry mutex Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/connection.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/common/connection.c b/src/common/connection.c index ab065b1..89f991b 100644 --- a/src/common/connection.c +++ b/src/common/connection.… [View More]

1 0

[torsocks/master] Fix: handle socket creation with multiple types
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit b6d1e19c1bcf14c5c0521d8d431fe09489d03a47 Author: David Goulet <dgoulet(a)ev0ke.net> Date: Thu Feb 20 11:23:12 2014 +0000 Fix: handle socket creation with multiple types The switch case failed to handle extra type such as SOCK_NONBLOCK or/and SOCK_CLOEXEC that are possible on Linux. This patch changes the code to use a if/else statement to handle multiple flags. Reported-by: Nick Mathewson <nickm(a)torproject.org> Signed-off-by: David … [View More]

1 0

[torsocks/master] Fix: deny connection to ANY address
by dgoulet＠torproject.org 04 Apr '14

04 Apr '14

commit ebbcae0c5f6ad4772e459a80e6d99cacb731fb1f Author: David Goulet <dgoulet(a)ev0ke.net> Date: Thu Feb 20 10:59:10 2014 +0000 Fix: deny connection to ANY address It's possible to connect to 0.0.0.0/:: which are addresses that Tor can't of course handle thus deny the call and send back EINVAL. Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/compat.h | 2 ++ src/common/utils.c | 30 ++++++++++++++++++++++++++++++ src/… [View More]common/utils.h | 1 + src/lib/connect.c | 9 +++++++++ tests/unit/test_utils.c | 38 +++++++++++++++++++++++++++++++++++++- 5 files changed, 79 insertions(+), 1 deletion(-) diff --git a/src/common/compat.h b/src/common/compat.h index ee8263f..e977b41 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -104,5 +104,7 @@ void tsocks_mutex_unlock(tsocks_mutex_t *m); /* Loopback address in network byte order. */ #define TSOCKS_LOOPBACK 0x0100007f #define TSOCKS_LOOPBACK6 { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1 } +#define TSOCKS_ANY ((unsigned long int) 0x00000000) +#define TSOCKS_ANY6 { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 } #endif /* TORSOCKS_COMPAT_H */ diff --git a/src/common/utils.c b/src/common/utils.c index e526ce7..578d290 100644 --- a/src/common/utils.c +++ b/src/common/utils.c @@ -306,3 +306,33 @@ match: error: return -EINVAL; } + +/* + * For a given sockaddr, check if the IP address is ANY which is 0.0.0.0 for + * IPv4 and :: for IPv6. + * + * Return 1 if it is else 0. + */ +ATTR_HIDDEN +int utils_is_addr_any(const struct sockaddr *sa) +{ + int ret; + + assert(sa); + + if (sa->sa_family == AF_INET) { + const struct sockaddr_in *sin = (const struct sockaddr_in *) sa; + ret = (sin->sin_addr.s_addr == TSOCKS_ANY); + } else if (sa->sa_family == AF_INET6) { + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *) sa; + const uint8_t addr[] = TSOCKS_ANY6; + ret = !memcmp(sin6->sin6_addr.s6_addr, addr, + sizeof(sin6->sin6_addr.s6_addr)); + } else { + ret = 0; + goto end; + } + +end: + return ret; +} diff --git a/src/common/utils.h b/src/common/utils.h index b0281eb..2f950aa 100644 --- a/src/common/utils.h +++ b/src/common/utils.h @@ -32,5 +32,6 @@ int utils_is_address_ipv4(const char *ip); int utils_is_address_ipv6(const char *ip); int utils_sockaddr_is_localhost(const struct sockaddr *sa); int utils_localhost_resolve(const char *name, int af, void *buf, size_t len); +int utils_is_addr_any(const struct sockaddr *sa); #endif /* TORSOCKS_UTILS_H */ diff --git a/src/lib/connect.c b/src/lib/connect.c index bb15882..e47ab38 100644 --- a/src/lib/connect.c +++ b/src/lib/connect.c @@ -65,6 +65,15 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) goto error; } + /* + * Trying to connect to ANY address will evidently not work for Tor thus we + * deny the call. + */ + if (utils_is_addr_any(addr)) { + errno = EINVAL; + goto error; + } + DBG("[connect] Socket family %s and type %d", addr->sa_family == AF_INET ? "AF_INET" : "AF_INET6", sock_type); diff --git a/tests/unit/test_utils.c b/tests/unit/test_utils.c index 2db255b..8efa19a 100644 --- a/tests/unit/test_utils.c +++ b/tests/unit/test_utils.c @@ -24,7 +24,7 @@ #include <tap/tap.h> -#define NUM_TESTS 26 +#define NUM_TESTS 30 static void test_is_address_ipv4(void) { @@ -178,6 +178,41 @@ static void test_utils_tokenize_ignore_comments(void) ok(nb_token == 0, "Returns 0 tokens for comment"); } +static void test_is_addr_any(void) +{ + int ret; + struct sockaddr_in sin; + struct sockaddr_in6 sin6; + + sin.sin_family = AF_INET; + sin.sin_port = htons(42); + inet_pton(sin.sin_family, "0.0.0.0", &sin.sin_addr); + + ret = utils_is_addr_any((const struct sockaddr *) &sin); + ok(ret == 1, "This address is 0.0.0.0"); + + sin.sin_family = AF_INET; + sin.sin_port = htons(42); + inet_pton(sin.sin_family, "1.0.0.0", &sin.sin_addr); + + ret = utils_is_addr_any((const struct sockaddr *) &sin); + ok(ret == 0, "This address is NOT 0.0.0.0"); + + sin6.sin6_family = AF_INET6; + sin6.sin6_port = htons(42); + inet_pton(sin6.sin6_family, "::", &sin6.sin6_addr); + + ret = utils_is_addr_any((const struct sockaddr *) &sin6); + ok(ret == 1, "This address is ::"); + + sin6.sin6_family = AF_INET6; + sin6.sin6_port = htons(42); + inet_pton(sin6.sin6_family, "fe80::1", &sin6.sin6_addr); + + ret = utils_is_addr_any((const struct sockaddr *) &sin6); + ok(ret == 0, "This address is NOT ::"); +} + int main(int argc, char **argv) { /* Libtap call for the number of tests planned. */ @@ -188,6 +223,7 @@ int main(int argc, char **argv) test_localhost_resolve(); test_sockaddr_is_localhost(); test_utils_tokenize_ignore_comments(); + test_is_addr_any(); return exit_status(); } [View Less]

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits April 2014