commit 44748d5103be53801212ed9feeffaddc30ea420a Author: David Goulet dgoulet@ev0ke.net Date: Mon Mar 31 15:58:15 2014 -0400
Fix: socketpair() denied for INET[6] socket
The SOCK_STREAM check was wrong since you could pass SOCK_DGRAM and match the check so the socketpair() now denies INET/INET6 socket.
Note that socketpair() only supports AF_UNIX and AF_LOCAL on most *nix system.
Signed-off-by: David Goulet dgoulet@ev0ke.net --- src/lib/socketpair.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-)
diff --git a/src/lib/socketpair.c b/src/lib/socketpair.c index a358124..c1c70f7 100644 --- a/src/lib/socketpair.c +++ b/src/lib/socketpair.c @@ -32,17 +32,10 @@ LIBC_SOCKETPAIR_RET_TYPE tsocks_socketpair(LIBC_SOCKETPAIR_SIG) DBG("[socketpair] Creating socket with domain %d, type %d and protocol %d", domain, type, protocol);
- switch (type) { - case SOCK_STREAM: - break; - default: - if (domain == AF_INET || domain == AF_INET6) { - ERR("Non TCP socketpair denied. Tor network can't handle it. " - "Stopping everything!"); - errno = EINVAL; - return -1; - } - break; + if (domain == AF_INET || domain == AF_INET6) { + DBG("Non TCP socketpair denied. Tor network can't handle it."); + errno = EPERM; + return -1; }
/* Stream socket for INET/INET6 is good so open it. */