[torsocks/master] Add socket(2) support - tor-commits

4 Apr 2014

commit fe4e8981364ebb1d677cbdcc0302bafbce345d3b
Author: David Goulet dgoulet@ev0ke.net
Date:   Wed Aug 7 06:07:11 2013 -0400
Add socket(2) support
Deny every non TCP socket that are inet/inet6 domain because we can't
    pipe that data to the Tor network.
Signed-off-by: David Goulet dgoulet@ev0ke.net
---
 src/lib/Makefile.am |    2 +-
 src/lib/socket.c    |   55 +++++++++++++++++++++++++++++++++++++++++++++++++++
 src/lib/torsocks.c  |    6 ++++--
 src/lib/torsocks.h  |   14 +++++++++++++
 4 files changed, 74 insertions(+), 3 deletions(-)

diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
index f27db5c..d107fc8 100644
--- a/src/lib/Makefile.am
+++ b/src/lib/Makefile.am
@@ -12,7 +12,7 @@ lib_LTLIBRARIES = libtorsocks.la
libtorsocks_la_SOURCES = torsocks.c torsocks.h \
                          connect.c gethostbyname.c getaddrinfo.c close.c \
-                         getpeername.c
+                         getpeername.c socket.c
libtorsocks_la_LIBADD = \
    	$(top_builddir)/src/common/libcommon.la \
diff --git a/src/lib/socket.c b/src/lib/socket.c
new file mode 100644
index 0000000..69d28e6
--- /dev/null
+++ b/src/lib/socket.c
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2013 - David Goulet dgoulet@ev0ke.net
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License, version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include <assert.h>
+
+#include <common/log.h>
+
+#include "torsocks.h"
+
+/*
+ * Torsocks call for socket(2)
+ */
+LIBC_SOCKET_RET_TYPE tsocks_socket(LIBC_SOCKET_SIG)
+{
+	switch (__type) {
+	case SOCK_STREAM:
+		break;
+	default:
+		if (__domain == AF_INET || __domain == AF_INET6) {
+			ERR("Non TCP socket denied. Tor network can't handle it. "
+					"Stopping everything!");
+			errno = EINVAL;
+			return -1;
+		}
+		break;
+	}
+
+	/* Stream socket for INET/INET6 is good so open it. */
+	return tsocks_libc_socket(__domain, __type, __protocol);
+}
+
+/*
+ * Libc hijacked symbol socket(2).
+ */
+LIBC_SOCKET_DECL
+{
+	/* Find symbol if not already set. Exit if not found. */
+	tsocks_libc_socket = tsocks_find_libc_symbol(LIBC_SOCKET_NAME_STR,
+			TSOCKS_SYM_EXIT_NOT_FOUND);
+	return tsocks_socket(LIBC_SOCKET_ARGS);
+}
diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c
index cf287d9..833a472 100644
--- a/src/lib/torsocks.c
+++ b/src/lib/torsocks.c
@@ -123,6 +123,8 @@ static void init_libc_symbols(void)
    		TSOCKS_SYM_EXIT_NOT_FOUND);
    tsocks_libc_close = tsocks_find_libc_symbol(LIBC_CLOSE_NAME_STR,
    		TSOCKS_SYM_EXIT_NOT_FOUND);
+	tsocks_libc_socket = tsocks_find_libc_symbol(LIBC_SOCKET_NAME_STR,
+			TSOCKS_SYM_EXIT_NOT_FOUND);
 }
/*
@@ -358,7 +360,7 @@ int tsocks_tor_resolve(const char *hostname, uint32_t *ip_addr)
    	}
    }
-	conn.fd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+	conn.fd = tsocks_libc_socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (conn.fd < 0) {
    	PERROR("socket");
    	ret = -errno;
@@ -406,7 +408,7 @@ int tsocks_tor_resolve_ptr(const char *addr, char **ip, int af)
DBG("Resolving %" PRIu32 " on the Tor network", addr);
-	conn.fd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+	conn.fd = tsocks_libc_socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (conn.fd < 0) {
    	PERROR("socket");
    	ret = -errno;
diff --git a/src/lib/torsocks.h b/src/lib/torsocks.h
index f1a93ef..b8da8ca 100644
--- a/src/lib/torsocks.h
+++ b/src/lib/torsocks.h
@@ -45,6 +45,15 @@
 #define LIBC_CONNECT_ARGS \
    __sockfd, __addr, __addrlen
+/* socket(2) */
+#define LIBC_SOCKET_NAME socket
+#define LIBC_SOCKET_NAME_STR XSTR(LIBC_SOCKET_NAME)
+#define LIBC_SOCKET_RET_TYPE int
+#define LIBC_SOCKET_SIG \
+	int __domain, int __type, int __protocol
+#define LIBC_SOCKET_ARGS \
+	__domain, __type, __protocol
+
 /* close(2) */
 #include <unistd.h>
@@ -155,6 +164,11 @@ TSOCKS_LIBC_DECL(connect, LIBC_CONNECT_RET_TYPE, LIBC_CONNECT_SIG)
 #define LIBC_CONNECT_DECL \
    LIBC_CONNECT_RET_TYPE LIBC_CONNECT_NAME(LIBC_CONNECT_SIG)
+/* socket(2) */
+TSOCKS_LIBC_DECL(socket, LIBC_SOCKET_RET_TYPE, LIBC_SOCKET_SIG)
+#define LIBC_SOCKET_DECL \
+		LIBC_SOCKET_RET_TYPE LIBC_SOCKET_NAME(LIBC_SOCKET_SIG)
+
 /* close(2) */
 TSOCKS_LIBC_DECL(close, LIBC_CLOSE_RET_TYPE, LIBC_CLOSE_SIG)
 #define LIBC_CLOSE_DECL \

    