tor-commits May 2015

tor-commits@lists.torproject.org

22 participants
990 discussions

[translation/torbutton-torbuttonproperties] Update translations for torbutton-torbuttonproperties
by translation＠torproject.org 12 May '15

12 May '15

commit b3df61deef3783a2815afb7534e2d1a88d9ec884 Author: Translation commit bot <translation(a)torproject.org> Date: Tue May 12 16:46:06 2015 +0000 Update translations for torbutton-torbuttonproperties --- en_GB/torbutton.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/en_GB/torbutton.properties b/en_GB/torbutton.properties index 2defd9b..5f9f872 100644 --- a/en_GB/torbutton.properties +++ b/en_GB/torbutton.properties @@ -59,7 +59,7 @@ torbutton.popup.confirm_newnym = Tor Browser will close all windows and tabs. Al torbutton.slider_notification = The green onion menu now has a security slider which lets you adjust your security level. Check it out! torbutton.slider_notification_button = Open security settings -torbutton.maximize_warning = Maximizing Tor Browser can allow websites to determine your monitor size, which can be used to track you. We recommend that you leave Tor Browser windows in their original default size. +torbutton.maximize_warning = Maximising Tor Browser can allow websites to determine your monitor size, which can be used to track you. We recommend that you leave Tor Browser windows in their original default size. # Canvas permission prompt. Strings are kept here for ease of translation. canvas.siteprompt=This website (%S) attempted to extract HTML5 canvas image data, which may be used to uniquely identify your computer.\n\nShould Tor Browser allow this website to extract HTML5 canvas image data?

1 0

[translation/tails-misc_completed] Update translations for tails-misc_completed
by translation＠torproject.org 12 May '15

12 May '15

commit 2da938d25e925c37fc4ccf1e26514babd7c2c357 Author: Translation commit bot <translation(a)torproject.org> Date: Tue May 12 16:45:52 2015 +0000 Update translations for tails-misc_completed --- en_GB.po | 72 +++++++++++++++++++++++++++++++++----------------------------- 1 file changed, 38 insertions(+), 34 deletions(-) diff --git a/en_GB.po b/en_GB.po index 87c0376..9b3fb70 100644 --- a/en_GB.po +++ b/en_GB.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-23 16:25+0100\n" -"PO-Revision-Date: 2015-03-21 20:37+0000\n" +"POT-Creation-Date: 2015-05-02 23:47+0200\n" +"PO-Revision-Date: 2015-05-12 16:33+0000\n" "Last-Translator: Andi Chandler <andi(a)gowling.com>\n" "Language-Team: English (United Kingdom) (http://www.transifex.com/projects/p/torproject/language/en_GB/)\n" "MIME-Version: 1.0\n" @@ -20,11 +20,11 @@ msgstr "" "Language: en_GB\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -#: config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-tor-ready-notification.sh:42 +#: config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-tor-ready.sh:43 msgid "Tor is ready" msgstr "Tor is ready." -#: config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-tor-ready-notification.sh:43 +#: config/chroot_local-includes/etc/NetworkManager/dispatcher.d/60-tor-ready.sh:44 msgid "You can now access the Internet." msgstr "You can now access the Internet" @@ -98,128 +98,132 @@ msgstr "_Decrypt/Verify Clipboard" msgid "_Manage Keys" msgstr "_Manage Keys" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:244 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:208 +msgid "_Open Text Editor" +msgstr "_Open Text Editor" + +#: config/chroot_local-includes/usr/local/bin/gpgApplet:252 msgid "The clipboard does not contain valid input data." msgstr "The clipboard does not contain valid input data." -#: config/chroot_local-includes/usr/local/bin/gpgApplet:295 -#: config/chroot_local-includes/usr/local/bin/gpgApplet:297 -#: config/chroot_local-includes/usr/local/bin/gpgApplet:299 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:303 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:305 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:307 msgid "Unknown Trust" msgstr "Unknown Trust" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:301 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:309 msgid "Marginal Trust" msgstr "Marginal Trust" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:303 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:311 msgid "Full Trust" msgstr "Full Trust" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:305 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:313 msgid "Ultimate Trust" msgstr "Ultimate Trust" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:358 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:366 msgid "Name" msgstr "Name" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:359 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:367 msgid "Key ID" msgstr "Key ID" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:360 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:368 msgid "Status" msgstr "Status" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:392 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:400 msgid "Fingerprint:" msgstr "Fingerprint:" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:395 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:403 msgid "User ID:" msgid_plural "User IDs:" msgstr[0] "User ID:" msgstr[1] "User IDs:" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:425 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:433 msgid "None (Don't sign)" msgstr "None (Don't sign)" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:488 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:496 msgid "Select recipients:" msgstr "Select recipients:" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:496 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:504 msgid "Hide recipients" msgstr "Hide recipients" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:499 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:507 msgid "" "Hide the user IDs of all recipients of an encrypted message. Otherwise " "anyone that sees the encrypted message can see who the recipients are." msgstr "Hide the user IDs of all recipients of an encrypted message. Otherwise anyone that sees the encrypted message can see who the recipients are." -#: config/chroot_local-includes/usr/local/bin/gpgApplet:505 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:513 msgid "Sign message as:" msgstr "Sign message as:" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:509 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:517 msgid "Choose keys" msgstr "Choose keys" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:549 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:557 msgid "Do you trust these keys?" msgstr "Do you trust these keys?" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:552 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:560 msgid "The following selected key is not fully trusted:" msgid_plural "The following selected keys are not fully trusted:" msgstr[0] "The following selected key is not fully trusted:" msgstr[1] "The following selected keys are not fully trusted:" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:570 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:578 msgid "Do you trust this key enough to use it anyway?" msgid_plural "Do you trust these keys enough to use them anyway?" msgstr[0] "Do you trust this key enough to use it anyway?" msgstr[1] "Do you trust these keys enough to use them anyway?" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:583 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:591 msgid "No keys selected" msgstr "No keys selected" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:585 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:593 msgid "" "You must select a private key to sign the message, or some public keys to " "encrypt the message, or both." msgstr "You must select a private key to sign the message, or some public keys to encrypt the message, or both." -#: config/chroot_local-includes/usr/local/bin/gpgApplet:613 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:621 msgid "No keys available" msgstr "No keys available" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:615 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:623 msgid "" "You need a private key to sign messages or a public key to encrypt messages." msgstr "You need a private key to sign messages or a public key to encrypt messages." -#: config/chroot_local-includes/usr/local/bin/gpgApplet:743 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:751 msgid "GnuPG error" msgstr "GnuPG error" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:764 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:772 msgid "Therefore the operation cannot be performed." msgstr "Therefore the operation cannot be performed." -#: config/chroot_local-includes/usr/local/bin/gpgApplet:814 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:822 msgid "GnuPG results" msgstr "GnuPG results" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:820 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:828 msgid "Output of GnuPG:" msgstr "Output of GnuPG:" -#: config/chroot_local-includes/usr/local/bin/gpgApplet:845 +#: config/chroot_local-includes/usr/local/bin/gpgApplet:853 msgid "Other messages provided by GnuPG:" msgstr "Other messages provided by GnuPG:"

1 0

[translation/tails-misc] Update translations for tails-misc
by translation＠torproject.org 12 May '15

12 May '15

commit 4fa07a44fe53edab76d3629cd4a9acb73b27d172 Author: Translation commit bot <translation(a)torproject.org> Date: Tue May 12 16:45:48 2015 +0000 Update translations for tails-misc --- en_GB.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/en_GB.po b/en_GB.po index bf44339..9b3fb70 100644 --- a/en_GB.po +++ b/en_GB.po @@ -11,8 +11,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2015-05-02 23:47+0200\n" -"PO-Revision-Date: 2015-05-03 08:25+0000\n" -"Last-Translator: runasand <runa.sandvik(a)gmail.com>\n" +"PO-Revision-Date: 2015-05-12 16:33+0000\n" +"Last-Translator: Andi Chandler <andi(a)gowling.com>\n" "Language-Team: English (United Kingdom) (http://www.transifex.com/projects/p/torproject/language/en_GB/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -100,7 +100,7 @@ msgstr "_Manage Keys" #: config/chroot_local-includes/usr/local/bin/gpgApplet:208 msgid "_Open Text Editor" -msgstr "" +msgstr "_Open Text Editor" #: config/chroot_local-includes/usr/local/bin/gpgApplet:252 msgid "The clipboard does not contain valid input data."

1 0

[translation/bridgedb_completed] Update translations for bridgedb_completed
by translation＠torproject.org 12 May '15

12 May '15

commit b149339b3d21af612f50df99b02d8a9cdccc7289 Author: Translation commit bot <translation(a)torproject.org> Date: Tue May 12 16:45:08 2015 +0000 Update translations for bridgedb_completed --- en_GB/LC_MESSAGES/bridgedb.po | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/en_GB/LC_MESSAGES/bridgedb.po b/en_GB/LC_MESSAGES/bridgedb.po index d932f1e..48fec07 100644 --- a/en_GB/LC_MESSAGES/bridgedb.po +++ b/en_GB/LC_MESSAGES/bridgedb.po @@ -9,9 +9,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" -"Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'\n" -"POT-Creation-Date: 2015-02-03 03:24+0000\n" -"PO-Revision-Date: 2015-03-21 20:31+0000\n" +"Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'POT-Creation-Date: 2015-03-19 22:13+0000\n" +"PO-Revision-Date: 2015-05-12 16:33+0000\n" "Last-Translator: Andi Chandler <andi(a)gowling.com>\n" "Language-Team: English (United Kingdom) (http://www.transifex.com/projects/p/torproject/language/en_GB/)\n" "MIME-Version: 1.0\n" @@ -32,7 +31,7 @@ msgstr "" #. "fteproxy" #. "Tor" #. "Tor Browser" -#: lib/bridgedb/HTTPServer.py:122 +#: lib/bridgedb/HTTPServer.py:107 msgid "Sorry! Something went wrong with your request." msgstr "Sorry! Something went wrong with your request." @@ -203,26 +202,27 @@ msgstr "How to start using your bridges" #: lib/bridgedb/strings.py:121 #, python-format msgid "" -"To enter bridges into Tor Browser, follow the instructions on the %s Tor\n" -"Browser download page %s to start Tor Browser." -msgstr "To enter bridges into Tor Browser, follow the instructions on the %s Tor\nBrowser download page %s to start Tor Browser." +"To enter bridges into Tor Browser, first go to the %s Tor Browser download\n" +"page %s and then follow the instructions there for downloading and starting\n" +"Tor Browser." +msgstr "To enter bridges into Tor Browser, first go to the %s Tor Browser download\npage %s and then follow the instructions there for downloading and starting\nTor Browser." #. TRANSLATORS: Please DO NOT translate "Tor". -#: lib/bridgedb/strings.py:125 +#: lib/bridgedb/strings.py:126 msgid "" "When the 'Tor Network Settings' dialogue pops up, click 'Configure' and follow\n" "the wizard until it asks:" msgstr "When the 'Tor Network Settings' dialogue pops up, click 'Configure' and follow\nthe wizard until it asks:" #. TRANSLATORS: Please DO NOT translate "Tor". -#: lib/bridgedb/strings.py:129 +#: lib/bridgedb/strings.py:130 msgid "" "Does your Internet Service Provider (ISP) block or otherwise censor connections\n" "to the Tor network?" msgstr "Does your Internet Service Provider (ISP) block or otherwise censor connections\nto the Tor network?" #. TRANSLATORS: Please DO NOT translate "Tor". -#: lib/bridgedb/strings.py:133 +#: lib/bridgedb/strings.py:134 msgid "" "Select 'Yes' and then click 'Next'. To configure your new bridges, copy and\n" "paste the bridge lines into the text input box. Finally, click 'Connect', and\n" @@ -230,29 +230,29 @@ msgid "" "button in the 'Tor Network Settings' wizard for further assistance." msgstr "Select 'Yes' and then click 'Next'. To configure your new bridges, copy and\npaste the bridge lines into the text input box. Finally, click 'Connect', and\nyou should be good to go! If you experience trouble, try clicking the 'Help'\nbutton in the 'Tor Network Settings' wizard for further assistance." -#: lib/bridgedb/strings.py:141 +#: lib/bridgedb/strings.py:142 msgid "Displays this message." msgstr "Displays this message." #. TRANSLATORS: Please try to make it clear that "vanilla" here refers to the #. same non-Pluggable Transport bridges described above as being #. "plain-ol'-vanilla" bridges. -#: lib/bridgedb/strings.py:145 +#: lib/bridgedb/strings.py:146 msgid "Request vanilla bridges." msgstr "Request vanilla bridges." -#: lib/bridgedb/strings.py:146 +#: lib/bridgedb/strings.py:147 msgid "Request IPv6 bridges." msgstr "Request IPv6 bridges." #. TRANSLATORS: Please DO NOT translate the word the word "TYPE". -#: lib/bridgedb/strings.py:148 +#: lib/bridgedb/strings.py:149 msgid "Request a Pluggable Transport by TYPE." msgstr "Request a Pluggable Transport by TYPE." #. TRANSLATORS: Please DO NOT translate "BridgeDB". #. TRANSLATORS: Please DO NOT translate "GnuPG". -#: lib/bridgedb/strings.py:151 +#: lib/bridgedb/strings.py:152 msgid "Get a copy of BridgeDB's public GnuPG key." msgstr "Get a copy of BridgeDB's public GnuPG key."

1 0

[translation/bridgedb] Update translations for bridgedb
by translation＠torproject.org 12 May '15

12 May '15

commit 494a098bd3cdcfc268de620c7ca963c1ff9e6ed2 Author: Translation commit bot <translation(a)torproject.org> Date: Tue May 12 16:45:03 2015 +0000 Update translations for bridgedb --- en_GB/LC_MESSAGES/bridgedb.po | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/en_GB/LC_MESSAGES/bridgedb.po b/en_GB/LC_MESSAGES/bridgedb.po index 61bd22a..48fec07 100644 --- a/en_GB/LC_MESSAGES/bridgedb.po +++ b/en_GB/LC_MESSAGES/bridgedb.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywo…'POT-Creation-Date: 2015-03-19 22:13+0000\n" -"PO-Revision-Date: 2015-04-19 08:23+0000\n" -"Last-Translator: runasand <runa.sandvik(a)gmail.com>\n" +"PO-Revision-Date: 2015-05-12 16:33+0000\n" +"Last-Translator: Andi Chandler <andi(a)gowling.com>\n" "Language-Team: English (United Kingdom) (http://www.transifex.com/projects/p/torproject/language/en_GB/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -205,7 +205,7 @@ msgid "" "To enter bridges into Tor Browser, first go to the %s Tor Browser download\n" "page %s and then follow the instructions there for downloading and starting\n" "Tor Browser." -msgstr "" +msgstr "To enter bridges into Tor Browser, first go to the %s Tor Browser download\npage %s and then follow the instructions there for downloading and starting\nTor Browser." #. TRANSLATORS: Please DO NOT translate "Tor". #: lib/bridgedb/strings.py:126

1 0

[torsocks/master] Change IsolatePID password from 42 to 0
by dgoulet＠torproject.org 12 May '15

12 May '15

commit 2b8c1b7718dc2ca80c1d7dbc5fb46dab782d45eb Author: David Goulet <dgoulet(a)ev0ke.net> Date: Tue May 12 12:12:25 2015 -0400 Change IsolatePID password from 42 to 0 Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/config-file.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/config-file.c b/src/common/config-file.c index 2f145fb..2147068 100644 --- a/src/common/config-file.c +++ b/src/common/config-file.c @@ -53,7 +53,7 @@ static unsigned int both_socks5_pass_user_set; */ static const char *isolate_username_fmt = "torsocks-%ld:%lld"; /* Default password for the IsolatePID option. */ -static const char *isolate_password = "42"; +static const char *isolate_password = "0"; /* * Set the onion pool address range in the configuration object using the value @@ -476,7 +476,7 @@ int conf_apply_socks_auth(struct configuration *config) /* PID based isolation requested. * Username: 'torsocks-' PID ':' TIME - * Password: '42' + * Password: '0' */ pid = getpid();

1 0

[torsocks/master] Add automatic per process isolation (IsolatePID)
by dgoulet＠torproject.org 12 May '15

12 May '15

commit 1875ef7416f9f6108e1bb2a2eea7d6e4a972a988 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Tue May 12 11:39:52 2015 +0000 Add automatic per process isolation (IsolatePID) IsolatePID will have torsocks automatically derive a unique SOCKS5 username/password pair of the form: 'torsocks-' PID ':' unixTime / '42' To provide automatic per-process isolation (Disabled by default). This behavior may be better for certain users/applications, and may also be controlled via the `TORSOCKS_ISOLATE_PID` env var. Option -i/--isolate to torsocks is added that automatically export the TORSOCKS_ISOLATE_PID variable. Implements #16006. Signed-off-by: Yawning Angel <yawning(a)schwanenlied.me> Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- doc/torsocks.1 | 5 +++ doc/torsocks.8 | 6 +++ doc/torsocks.conf | 7 +++ doc/torsocks.conf.5 | 8 ++++ src/bin/torsocks.in | 4 ++ src/common/config-file.c | 107 ++++++++++++++++++++++++++++++++++++++++++++++ src/common/config-file.h | 10 +++++ src/common/defaults.h | 3 ++ src/lib/torsocks.c | 16 ++++++- 9 files changed, 165 insertions(+), 1 deletion(-) diff --git a/doc/torsocks.1 b/doc/torsocks.1 index 9fc4361..0e3c341 100644 --- a/doc/torsocks.1 +++ b/doc/torsocks.1 @@ -47,6 +47,11 @@ Set password for the SOCKS5 authentication. Use for circuit isolation in Tor. Note that you MUST have a username set either by the command line, environment variable or configuration file (torsocks.conf(5)). .TP +.BR "\-i, \-\-isolate" +Automatic tor isolation. Set the username and password for the SOCKS5 +authentication method to a PID/current time based value automatically. Username +and Password MUST NOT be set. +.TP .BR "\-d, \-\-debug" Activate the debug mode. Output will be written on stderr. .TP diff --git a/doc/torsocks.8 b/doc/torsocks.8 index 4a14703..ac3863a 100644 --- a/doc/torsocks.8 +++ b/doc/torsocks.8 @@ -99,6 +99,12 @@ also with the variable above. Allow inbound connections so the application can accept and listen for connections. +.PP +.IP TORSOCKS_ISOLATE_PID +Set the username and password for the SOCKS5 authentication method to a +PID/current time based value automatically. Username and Password MUST NOT +be set. + .SH KNOWN ISSUES .SS DNS diff --git a/doc/torsocks.conf b/doc/torsocks.conf index 7e82a27..5dd9df6 100644 --- a/doc/torsocks.conf +++ b/doc/torsocks.conf @@ -33,3 +33,10 @@ OnionAddrRange 127.42.42.0/24 # If set to 1, connect() will be allowed to be used to the loopback interface # bypassing Tor. This option should not be used by most users. (Default: 0) #AllowOutboundLocalhost 1 + +# Set Torsocks to use an automatically generated SOCKS5 username/password based +# on the process ID and current time, that makes the connections to Tor use a +# different circuit from other existing streams in Tor on a per-process basis. +# If set, the SOCKS5Username and SOCKS5Password options must not be set. +# (Default: 0) +#IsolatePID 1 diff --git a/doc/torsocks.conf.5 b/doc/torsocks.conf.5 index 13ac7b9..33fba3e 100644 --- a/doc/torsocks.conf.5 +++ b/doc/torsocks.conf.5 @@ -83,6 +83,14 @@ Allow outbound connections to the loopback interface meaning that connect() will be allowed to connect to localhost addresses bypassing Tor. This option should not be used by most users. (Default: 0) +.TP +.I IsolatePID 0|1 +Set Torsocks to use an automatically generated SOCKS5 username/password +based on the process ID and current time, that makes the connections to Tor +use a different circuit from other existing streams in Tor on a per-process +basis. If set, the SOCKS5Username and SOCKS5Password options must not be +set. (Default: 0) + .SH EXAMPLE $ export TORSOCKS_CONF_FILE=$PWD/torsocks.conf $ torsocks ssh account(a)sshserver.com diff --git a/src/bin/torsocks.in b/src/bin/torsocks.in index 7fd43d6..2a459b3 100644 --- a/src/bin/torsocks.in +++ b/src/bin/torsocks.in @@ -131,6 +131,7 @@ usage () echo " -d, --debug Set debug mode." echo " -u, --user NAME Username for the SOCKS5 authentication" echo " -p, --pass NAME Password for the SOCKS5 authentication" + echo " -i, --isolate Automatic tor isolation. Can't be used with -u/-p" echo " on, off Set/Unset your shell to use Torsocks by default" echo " Make sure to source the call when using this option. (See Examples)" echo " show, sh Show the current value of the LD_PRELOAD" @@ -214,6 +215,9 @@ do export TORSOCKS_PASSWORD=$2 shift ;; + -i|--isolate) + export TORSOCKS_ISOLATE_PID=1 + ;; -d|--debug) # Set full DEBUG with 5 being the highest possible level. export TORSOCKS_LOG_LEVEL=5 diff --git a/src/common/config-file.c b/src/common/config-file.c index 64b3d42..2f145fb 100644 --- a/src/common/config-file.c +++ b/src/common/config-file.c @@ -39,6 +39,7 @@ static const char *conf_socks5_user_str = "SOCKS5Username"; static const char *conf_socks5_pass_str = "SOCKS5Password"; static const char *conf_allow_inbound_str = "AllowInbound"; static const char *conf_allow_outbound_localhost_str = "AllowOutboundLocalhost"; +static const char *conf_isolate_pid_str = "IsolatePID"; /* * Once this value reaches 2, it means both user and password for a SOCKS5 @@ -47,6 +48,14 @@ static const char *conf_allow_outbound_localhost_str = "AllowOutboundLocalhost"; static unsigned int both_socks5_pass_user_set; /* + * Username format for the IsolatePID option. Format is: + * 'torsocks-' PID ':' TIME + */ +static const char *isolate_username_fmt = "torsocks-%ld:%lld"; +/* Default password for the IsolatePID option. */ +static const char *isolate_password = "42"; + +/* * Set the onion pool address range in the configuration object using the value * found in the conf file. * @@ -233,6 +242,11 @@ static int parse_config_line(const char *line, struct configuration *config) if (ret < 0) { goto error; } + } else if (!strcmp(tokens[0], conf_isolate_pid_str)) { + ret = conf_file_set_isolate_pid(tokens[1], config); + if (ret < 0) { + goto error; + } } else { WARN("Config file contains unknown value: %s", line); } @@ -402,6 +416,99 @@ int conf_file_set_allow_outbound_localhost(const char *val, } /* + * Set the isolate PID option for the given config. + * + * Return 0 if optiuon is off, 1 if on and negative value on error. + */ +ATTR_HIDDEN +int conf_file_set_isolate_pid(const char *val, struct configuration *config) +{ + int ret; + + assert(val); + assert(config); + + ret = atoi(val); + if (ret == 0) { + config->isolate_pid = 0; + DBG("[config] PID isolation disabled."); + } else if (ret == 1) { + config->isolate_pid = 1; + DBG("[config] PID isolation enabled."); + } else { + ERR("[config] Invalid %s value for %s", val, + conf_isolate_pid_str); + ret = -EINVAL; + } + + return ret; +} + +/* + * Applies the SOCKS authentication configuration and sets the final SOCKS + * username and password. + * + * Return 0 if successful, and negative value on error. + */ +ATTR_HIDDEN +int conf_apply_socks_auth(struct configuration *config) +{ + int ret; + pid_t pid; + time_t now; + + assert(config); + + if (!config->socks5_use_auth && !config->isolate_pid) { + /* No auth specified at all. */ + ret = 0; + goto end; + } else if (config->socks5_use_auth && !config->isolate_pid) { + /* SOCKS5 auth specified by user, already setup. */ + ret = 0; + goto end; + } else if (config->socks5_use_auth && config->isolate_pid) { + ERR("[config] %s and SOCKS5 auth both set.", conf_isolate_pid_str); + ret = -EINVAL; + goto end; + } + + + /* PID based isolation requested. + * Username: 'torsocks-' PID ':' TIME + * Password: '42' + */ + + pid = getpid(); + now = time(NULL); + + ret = snprintf(config->conf_file.socks5_username, + sizeof(config->conf_file.socks5_username), isolate_username_fmt, + (long) pid, (long long int) now); + if (ret < 0 || ret >= (int) sizeof(config->conf_file.socks5_username)) { + ret = -ENOBUFS; + goto end; + } + + ret = snprintf(config->conf_file.socks5_password, + sizeof(config->conf_file.socks5_password), "%s", isolate_password); + if (ret < 0 || ret >= (int) sizeof(config->conf_file.socks5_password)) { + ret = -ENOBUFS; + goto end; + } + + DBG("[config]: %s: '%s'/'%s'", conf_isolate_pid_str, + config->conf_file.socks5_username, + config->conf_file.socks5_password); + + config->socks5_use_auth = 1; + ret = 0; + +end: + return ret; +} + +/* * Read and populate the given config parsed data structure. * * Return 0 on success or else a negative value. diff --git a/src/common/config-file.h b/src/common/config-file.h index da3d507..23dd842 100644 --- a/src/common/config-file.h +++ b/src/common/config-file.h @@ -83,6 +83,13 @@ struct configuration { * Allow outbound connections to localhost that bypass Tor. */ unsigned int allow_outbound_localhost:1; + + /* + * Automatically set the SOCKS5 authentication to a unique per-process + * value. If this value is set, the user MUST NOT have provided a + * username or password. + */ + unsigned int isolate_pid:1; }; int config_file_read(const char *filename, struct configuration *config); @@ -94,5 +101,8 @@ int conf_file_set_socks5_user(const char *username, int conf_file_set_allow_inbound(const char *val, struct configuration *config); int conf_file_set_allow_outbound_localhost(const char *val, struct configuration *config); +int conf_file_set_isolate_pid(const char *val, struct configuration *config); + +int conf_apply_socks_auth(struct configuration *config); #endif /* CONFIG_FILE_H */ diff --git a/src/common/defaults.h b/src/common/defaults.h index 36c7bc0..ab51690 100644 --- a/src/common/defaults.h +++ b/src/common/defaults.h @@ -66,4 +66,7 @@ /* Control if torsocks allows inbound connection or not. */ #define DEFAULT_ALLOW_INBOUND_ENV "TORSOCKS_ALLOW_INBOUND" +/* Control if torsocks isolates based on PID or not. */ +#define DEFAULT_ISOLATE_PID_ENV "TORSOCKS_ISOLATE_PID" + #endif /* TORSOCKS_DEFAULTS_H */ diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c index 8f079fe..be00581 100644 --- a/src/lib/torsocks.c +++ b/src/lib/torsocks.c @@ -75,7 +75,7 @@ static void clean_exit(int status) static void read_env(void) { int ret; - const char *username, *password, *allow_in; + const char *username, *password, *allow_in, *isolate_pid; if (is_suid) { goto end; @@ -89,6 +89,14 @@ static void read_env(void) } } + isolate_pid = getenv(DEFAULT_ISOLATE_PID_ENV); + if (isolate_pid) { + ret = conf_file_set_isolate_pid(isolate_pid, &tsocks_config); + if (ret < 0) { + goto error; + } + } + username = getenv(DEFAULT_SOCKS5_USER_ENV); password = getenv(DEFAULT_SOCKS5_PASS_ENV); if (!username && !password) { @@ -181,6 +189,12 @@ static void init_config(void) /* Handle possible env. variables. */ read_env(); + + /* Finalize the SOCKS auth (Isolation) settings. */ + ret = conf_apply_socks_auth(&tsocks_config); + if (ret < 0) { + clean_exit(EXIT_FAILURE); + } } /*

1 0

[tor/master] Bump version to 0.2.7.1-alpha-dev
by nickm＠torproject.org 12 May '15

12 May '15

commit 95a9920461dd3322280a13c8d99e363c91028ab2 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue May 12 11:54:06 2015 -0400 Bump version to 0.2.7.1-alpha-dev --- ChangeLog | 6 +++++- configure.ac | 2 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index b17613a..c79a399 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,8 @@ -Changes in version 0.2.7.1-alpha - 2015-05-1? +Changes in version 0.2.7.2-alpha - 2015-0?-?? + + + +Changes in version 0.2.7.1-alpha - 2015-05-12 Tor 0.2.7.1-alpha is the first alpha release in its series. It includes numerous small features and bugfixes against previous Tor versions, and numerous small infrastructure improvements. The most diff --git a/configure.ac b/configure.ac index 2645ed9..a51c71e 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson dnl Copyright (c) 2007-2015, The Tor Project, Inc. dnl See LICENSE for licensing information -AC_INIT([tor],[0.2.7.1-alpha]) +AC_INIT([tor],[0.2.7.1-alpha-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index b3c8428..928aced 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.7.1-alpha" +!define VERSION "0.2.7.1-alpha-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 623f4bd..9c780e8 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -232,7 +232,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.7.1-alpha" +#define VERSION "0.2.7.1-alpha-dev"

1 0

[webwml/master] Release 0.2.7.1-alpha
by nickm＠torproject.org 12 May '15

12 May '15

commit 7aec2c9290901266d1b17416cf57154f5432570d Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue May 12 11:42:23 2015 -0400 Release 0.2.7.1-alpha --- Makefile | 4 ++-- include/versions.wmi | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 79d0b34..72c8a54 100644 --- a/Makefile +++ b/Makefile @@ -14,8 +14,8 @@ # branch to your personal webwml repository, open a trac ticket in the # website component, and set it to needs_review. -export STABLETAG=tor-0.2.5.12 -export DEVTAG=tor-0.2.6.7 +export STABLETAG=tor-0.2.6.7 +export DEVTAG=tor-0.2.7.1-alpha WMLBASE=. SUBDIRS=docs eff projects press about download getinvolved donate docs/torbutton diff --git a/include/versions.wmi b/include/versions.wmi index c83c573..5754926 100644 --- a/include/versions.wmi +++ b/include/versions.wmi @@ -1,5 +1,5 @@ <define-tag version-stable whitespace=delete>0.2.6.7</define-tag> -<define-tag version-alpha whitespace=delete>0.2.6.7</define-tag> +<define-tag version-alpha whitespace=delete>0.2.7.1-alpha</define-tag> <define-tag version-win32-stable whitespace=delete>0.2.6.7</define-tag> <define-tag version-win32-alpha whitespace=delete>0.2.5.10</define-tag>

1 0

[torsocks/master] Ensure that torsocks initializes itself in the presence of C++.
by dgoulet＠torproject.org 12 May '15

12 May '15

commit d45e4f2329e2630a9471ea72a48e9c77556100f1 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Sun Apr 5 06:55:11 2015 +0000 Ensure that torsocks initializes itself in the presence of C++. Fun fact, `__attribute__(constructor)` functions aren't guaranteed to be called before C++ static object constructors. This change ensures that initialization will always be called once (and only once), as needed even if C++ codebases chose to use hijacked symbols in ctors for static objects. Things that got changed: * Added `tsocks_once()` that is a functional replica of pthread_once, but doesn't require linking in a real pthread library if the application does not. * Changed the initialization/cleanup to use tsocks_once. * Call the initialization from within all of the hijacked libc calls. Fixes bug #15584. Signed-off-by: Yawning Angel <yawning(a)schwanenlied.me> Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/compat.c | 25 +++++++++++++++++++++++++ src/common/compat.h | 14 +++++++++++++- src/common/connection.c | 11 +---------- src/common/connection.h | 1 - src/lib/accept.c | 2 ++ src/lib/close.c | 3 +++ src/lib/connect.c | 2 ++ src/lib/fclose.c | 5 ++++- src/lib/getaddrinfo.c | 1 + src/lib/gethostbyname.c | 6 ++++++ src/lib/getpeername.c | 1 + src/lib/listen.c | 1 + src/lib/recv.c | 2 +- src/lib/sendto.c | 1 + src/lib/socket.c | 2 ++ src/lib/socketpair.c | 2 +- src/lib/syscall.c | 1 + src/lib/torsocks.c | 42 ++++++++++++++++++++++-------------------- src/lib/torsocks.h | 1 + 19 files changed, 88 insertions(+), 35 deletions(-) diff --git a/src/common/compat.c b/src/common/compat.c index 7d8431d..a861b3d 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -71,4 +71,29 @@ void tsocks_mutex_unlock(tsocks_mutex_t *m) assert(!ret); } +/* + * Call the given routine once, and only once. tsocks_once returning + * guarantees that the routine has succeded. + */ +void tsocks_once(tsocks_once_t *o, void (*init_routine)(void)) +{ + + /* Why, yes, pthread_once(3P) exists. Said routine requires linking in a + * real pthread library on Linux, while this does not and will do the right + * thing even with the stub implementation. */ + assert(o); + + /* This looks scary and incorrect, till you realize that the + * pthread_mutex routines include memory barriers. */ + if (!o->once) { + return; + } + tsocks_mutex_lock(&o->mutex); + if (o->once) { + init_routine(); + o->once = 0; + } + tsocks_mutex_unlock(&o->mutex); +} + #endif /* __GLIBC__, __darwin__, __FreeBSD__, __NetBSD__ */ diff --git a/src/common/compat.h b/src/common/compat.h index e7e5812..ce47129 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -33,14 +33,26 @@ typedef struct tsocks_mutex_t { } tsocks_mutex_t; /* Define a tsock mutex variable with the mutex statically initialized. */ +#define TSOCKS_MUTEX_INIT { .mutex = PTHREAD_MUTEX_INITIALIZER } #define TSOCKS_INIT_MUTEX(name) \ - tsocks_mutex_t name = { .mutex = PTHREAD_MUTEX_INITIALIZER } + tsocks_mutex_t name = TSOCKS_MUTEX_INIT void tsocks_mutex_init(tsocks_mutex_t *m); void tsocks_mutex_destroy(tsocks_mutex_t *m); void tsocks_mutex_lock(tsocks_mutex_t *m); void tsocks_mutex_unlock(tsocks_mutex_t *m); +typedef struct tsocks_once_t { + int once:1; + tsocks_mutex_t mutex; +} tsocks_once_t; + +/* Define a tsock once variable, statically initialized. */ +#define TSOCKS_INIT_ONCE(name) \ + tsocks_once_t name = { .once = 1, .mutex = TSOCKS_MUTEX_INIT } + +void tsocks_once(tsocks_once_t *o, void (*init_routine)(void)); + #else #error "OS not supported." #endif /* __GLIBC__, __darwin__, __FreeBSD__, __NetBSD__ */ diff --git a/src/common/connection.c b/src/common/connection.c index 4c75579..d4ae722 100644 --- a/src/common/connection.c +++ b/src/common/connection.c @@ -82,7 +82,7 @@ static inline unsigned int conn_hash_fct(struct connection *c) /* * Declare the connection registry. */ -static HT_HEAD(connection_registry, connection) connection_registry_root; +static HT_HEAD(connection_registry, connection) connection_registry_root = HT_INITIALIZER(); HT_PROTOTYPE(connection_registry, connection, node, conn_hash_fct, conn_equal_fct); HT_GENERATE(connection_registry, connection, node, conn_hash_fct, @@ -107,15 +107,6 @@ void connection_registry_unlock(void) } /* - * Initialize connection registry. - */ -ATTR_HIDDEN -void connection_registry_init(void) -{ - HT_INIT(connection_registry, &connection_registry_root); -} - -/* * Set an already allocated connection address using the given IPv4/6 address, * domain and port. * diff --git a/src/common/connection.h b/src/common/connection.h index 379f158..3c958b7 100644 --- a/src/common/connection.h +++ b/src/common/connection.h @@ -81,7 +81,6 @@ void connection_destroy(struct connection *conn); void connection_remove(struct connection *conn); void connection_insert(struct connection *conn); -void connection_registry_init(void); void connection_registry_lock(void); void connection_registry_unlock(void); diff --git a/src/lib/accept.c b/src/lib/accept.c index e9bc36c..21714cb 100644 --- a/src/lib/accept.c +++ b/src/lib/accept.c @@ -85,6 +85,7 @@ error: LIBC_ACCEPT_DECL { if (!tsocks_libc_accept) { + tsocks_initialize(); tsocks_libc_accept = tsocks_find_libc_symbol( LIBC_ACCEPT_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } @@ -158,6 +159,7 @@ error: LIBC_ACCEPT4_DECL { if (!tsocks_libc_accept4) { + tsocks_initialize(); tsocks_libc_accept4 = tsocks_find_libc_symbol( LIBC_ACCEPT4_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/close.c b/src/lib/close.c index d774c85..7fb9e53 100644 --- a/src/lib/close.c +++ b/src/lib/close.c @@ -61,5 +61,8 @@ LIBC_CLOSE_RET_TYPE tsocks_close(LIBC_CLOSE_SIG) */ LIBC_CLOSE_DECL { + if (!tsocks_libc_close) { + tsocks_initialize(); + } return tsocks_close(LIBC_CLOSE_ARGS); } diff --git a/src/lib/connect.c b/src/lib/connect.c index 1bf81ac..2480643 100644 --- a/src/lib/connect.c +++ b/src/lib/connect.c @@ -231,5 +231,7 @@ error: */ LIBC_CONNECT_DECL { + if (!tsocks_libc_connect) + tsocks_initialize(); return tsocks_connect(LIBC_CONNECT_ARGS); } diff --git a/src/lib/fclose.c b/src/lib/fclose.c index 8d371cd..b6f3251 100644 --- a/src/lib/fclose.c +++ b/src/lib/fclose.c @@ -76,10 +76,13 @@ error: */ LIBC_FCLOSE_DECL { + /* fclose(3) is unique in that it does not call torsocks_initialize(), as + * it is used from within the initialization routine to close the config + * file/log file. This would be a problem, except that all of the global + * state it depends on is statically initialized. */ if (!tsocks_libc_fclose) { tsocks_libc_fclose = tsocks_find_libc_symbol( LIBC_FCLOSE_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } - return tsocks_fclose(LIBC_FCLOSE_ARGS); } diff --git a/src/lib/getaddrinfo.c b/src/lib/getaddrinfo.c index 0f7fd4f..846eddb 100644 --- a/src/lib/getaddrinfo.c +++ b/src/lib/getaddrinfo.c @@ -128,6 +128,7 @@ error: LIBC_GETADDRINFO_DECL { if (!tsocks_libc_getaddrinfo) { + tsocks_initialize(); tsocks_libc_getaddrinfo = tsocks_find_libc_symbol( LIBC_GETADDRINFO_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/gethostbyname.c b/src/lib/gethostbyname.c index 322f398..93a3483 100644 --- a/src/lib/gethostbyname.c +++ b/src/lib/gethostbyname.c @@ -109,6 +109,7 @@ error: */ LIBC_GETHOSTBYNAME_DECL { + tsocks_initialize(); return tsocks_gethostbyname(LIBC_GETHOSTBYNAME_ARGS); } @@ -137,6 +138,7 @@ LIBC_GETHOSTBYNAME2_RET_TYPE tsocks_gethostbyname2(LIBC_GETHOSTBYNAME2_SIG) */ LIBC_GETHOSTBYNAME2_DECL { + tsocks_initialize(); return tsocks_gethostbyname2(LIBC_GETHOSTBYNAME2_ARGS); } @@ -202,6 +204,7 @@ error: */ LIBC_GETHOSTBYADDR_DECL { + tsocks_initialize(); return tsocks_gethostbyaddr(LIBC_GETHOSTBYADDR_ARGS); } @@ -305,6 +308,7 @@ error: */ LIBC_GETHOSTBYADDR_R_DECL { + tsocks_initialize(); return tsocks_gethostbyaddr_r(LIBC_GETHOSTBYADDR_R_ARGS); } @@ -380,6 +384,7 @@ error: */ LIBC_GETHOSTBYNAME_R_DECL { + tsocks_initialize(); return tsocks_gethostbyname_r(LIBC_GETHOSTBYNAME_R_ARGS); } @@ -410,5 +415,6 @@ LIBC_GETHOSTBYNAME2_R_RET_TYPE tsocks_gethostbyname2_r(LIBC_GETHOSTBYNAME2_R_SIG */ LIBC_GETHOSTBYNAME2_R_DECL { + tsocks_initialize(); return tsocks_gethostbyname2_r(LIBC_GETHOSTBYNAME2_R_ARGS); } diff --git a/src/lib/getpeername.c b/src/lib/getpeername.c index d8bf701..2f976a4 100644 --- a/src/lib/getpeername.c +++ b/src/lib/getpeername.c @@ -98,6 +98,7 @@ libc: LIBC_GETPEERNAME_DECL { if (!tsocks_libc_getpeername) { + tsocks_initialize(); tsocks_libc_getpeername = tsocks_find_libc_symbol( LIBC_GETPEERNAME_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/listen.c b/src/lib/listen.c index 38c37d8..5f675c4 100644 --- a/src/lib/listen.c +++ b/src/lib/listen.c @@ -80,6 +80,7 @@ error: LIBC_LISTEN_DECL { if (!tsocks_libc_listen) { + tsocks_initialize(); tsocks_libc_listen = tsocks_find_libc_symbol( LIBC_LISTEN_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/recv.c b/src/lib/recv.c index 6e8a20a..1ff1446 100644 --- a/src/lib/recv.c +++ b/src/lib/recv.c @@ -179,7 +179,7 @@ error: LIBC_RECVMSG_DECL { if (!tsocks_libc_recvmsg) { - /* Find symbol if not already set. Exit if not found. */ + tsocks_initialize(); tsocks_libc_recvmsg = tsocks_find_libc_symbol(LIBC_RECVMSG_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/sendto.c b/src/lib/sendto.c index 3362026..6b1d3ff 100644 --- a/src/lib/sendto.c +++ b/src/lib/sendto.c @@ -73,6 +73,7 @@ libc_sendto: LIBC_SENDTO_DECL { if (!tsocks_libc_sendto) { + tsocks_initialize(); tsocks_libc_sendto = tsocks_find_libc_symbol( LIBC_SENDTO_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/socket.c b/src/lib/socket.c index bdac610..edc24ab 100644 --- a/src/lib/socket.c +++ b/src/lib/socket.c @@ -72,5 +72,7 @@ end: */ LIBC_SOCKET_DECL { + if (!tsocks_libc_socket) + tsocks_initialize(); return tsocks_socket(LIBC_SOCKET_ARGS); } diff --git a/src/lib/socketpair.c b/src/lib/socketpair.c index c1c70f7..263e4d8 100644 --- a/src/lib/socketpair.c +++ b/src/lib/socketpair.c @@ -48,7 +48,7 @@ LIBC_SOCKETPAIR_RET_TYPE tsocks_socketpair(LIBC_SOCKETPAIR_SIG) LIBC_SOCKETPAIR_DECL { if (!tsocks_libc_socketpair) { - /* Find symbol if not already set. Exit if not found. */ + tsocks_initialize(); tsocks_libc_socketpair = tsocks_find_libc_symbol( LIBC_SOCKETPAIR_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/syscall.c b/src/lib/syscall.c index c3bbd56..8b24f4c 100644 --- a/src/lib/syscall.c +++ b/src/lib/syscall.c @@ -480,6 +480,7 @@ LIBC_SYSCALL_DECL va_list args; if (!tsocks_libc_syscall) { + tsocks_initialize(); tsocks_libc_syscall= tsocks_find_libc_symbol( LIBC_SYSCALL_NAME_STR, TSOCKS_SYM_EXIT_NOT_FOUND); } diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c index 5734af1..8f079fe 100644 --- a/src/lib/torsocks.c +++ b/src/lib/torsocks.c @@ -47,8 +47,11 @@ struct configuration tsocks_config; */ struct onion_pool tsocks_onion_pool; +/* Indicate if the library was initialized previously. */ +static TSOCKS_INIT_ONCE(init_once); + /* Indicate if the library was cleaned up previously. */ -unsigned int tsocks_cleaned_up = 0; +static TSOCKS_INIT_ONCE(term_once); /* * Set to 1 if the binary is set with suid or 0 if not. This is set once during @@ -273,7 +276,7 @@ static void init_logging(void) * Lib constructor. Initialize torsocks here before the main execution of the * binary we are preloading. */ -static void __attribute__((constructor)) tsocks_init(void) +static void tsocks_init(void) { int ret; @@ -293,9 +296,6 @@ static void __attribute__((constructor)) tsocks_init(void) */ init_config(); - /* Initialize connection reigstry. */ - connection_registry_init(); - /* * Initalized the onion pool which maps cookie address to hidden service * onion address. @@ -311,9 +311,14 @@ static void __attribute__((constructor)) tsocks_init(void) /* * Lib destructor. */ -static void __attribute__((destructor)) tsocks_exit(void) +static void tsocks_exit(void) { - tsocks_cleanup(); + /* Cleanup every entries in the onion pool. */ + onion_pool_destroy(&tsocks_onion_pool); + /* Cleanup allocated memory in the config file. */ + config_file_destroy(&tsocks_config.conf_file); + /* Clean up logging. */ + log_destroy(); } /* @@ -605,20 +610,17 @@ void *tsocks_find_libc_symbol(const char *symbol, } /* - * Cleanup torsocks library memory and open fd. + * Initialize torsocks library. */ -void tsocks_cleanup(void) +void __attribute__((constructor)) tsocks_initialize(void) { - if (tsocks_cleaned_up) { - return; - } - - /* Cleanup every entries in the onion pool. */ - onion_pool_destroy(&tsocks_onion_pool); - /* Cleanup allocated memory in the config file. */ - config_file_destroy(&tsocks_config.conf_file); - /* Clean up logging. */ - log_destroy(); + tsocks_once(&init_once, &tsocks_init); +} - tsocks_cleaned_up = 1; +/* + * Cleanup torsocks library memory and open fd. + */ +void __attribute__((destructor)) tsocks_cleanup(void) +{ + tsocks_once(&term_once, &tsocks_exit); } diff --git a/src/lib/torsocks.h b/src/lib/torsocks.h index 81073cf..076f3a5 100644 --- a/src/lib/torsocks.h +++ b/src/lib/torsocks.h @@ -422,6 +422,7 @@ void *tsocks_find_libc_symbol(const char *symbol, enum tsocks_sym_action action); int tsocks_tor_resolve(int af, const char *hostname, void *ip_addr); int tsocks_tor_resolve_ptr(const char *addr, char **ip, int af); +void tsocks_initialize(void); void tsocks_cleanup(void); #endif /* TORSOCKS_H */

1 0

← Newer
1
...
52
53
54
55
56
57
58
...
99
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits May 2015