commit b92860d5979de1902707b638933d315e3313848f Author: David Goulet dgoulet@ev0ke.net Date: Tue Oct 18 12:25:58 2016 -0400

Remove TODO as we use the bugtracker for those

Signed-off-by: David Goulet dgoulet@ev0ke.net --- TODO | 94 -------------------------------------------------------------------- 1 file changed, 94 deletions(-)

diff --git a/TODO b/TODO deleted file mode 100644 index ab593f4..0000000 --- a/TODO +++ /dev/null @@ -1,94 +0,0 @@ -Version 2.0 ------------ -* Support res_* API -* Check recvmmsg() FD passing on Unix socket and for TCP socket, clean exit -* Support the complete list of dangerous syscall numbers with syscall() -* Clean configure.ac - DONE -* Create new updated torsocks shell script - DONE -* Rename torsocks to something more meaningful -* Add tests and a bunch load of them! - -Version 1.0 ------------ - -- is_local is fishy. investigate. -- Resolve race condition where hooks are called before dlsym'd. - DONE -- Need to ensure even locally destined dns requests are caught and handled - appropriately. - Do we need to detect TCP dns requests in connect() to ensure - they are rejected/re-routed? - Where do such requests come from? res_*? - How can we re-route them to Tor? DNSPort? -- kill ICMP as well. - -Version 1.1 ------------ -* What about the isc library calls like res_init and so on? How widely are - they use? Does this present a more elegant way to implement this stuff? - -* It should be possible to make this thread-safe with --enable-threads. - -* Add stdout and stderr messages that enable a parent program (such as TorK) - to monitor torsocks for errors. - -* Merge dsocks so we support BSD (http://monkey.org/~dugsong/dsocks/) - --------------------------------------------------------------------------- - -DONE: - -* In fact, one could modify tsocks further to play nicely with tor. For - example, you could prevent nonlocal UDP traffic from being sent at all, - and so on. - DONE - - - Addressed in connect(), sendto() and sendmsg(). - - Don't need to handle send(), since that is handled in connect(). - - ------------------------------------------------------------------------- -Original TODO: - -- Update FAQ to include information about the install location of the - tsocks library - -- Install the saveme and validateconf binaries, presumably with new names - - -TODO ----- - -* Think about how local names get resolved. Is it important? For example, - if I 'telnet localhost' which using tordns, what should happen? Should - we search through /etc/hosts ourselves or what? - -* What about the isc library calls like res_init and so on? How widely are - they use? Does this present a more elegant way to implement this stuff? - -* Perhaps intercept res_query etc and try to do something appropriate. - -* It should be possible to make this thread-safe with --enable-threads. - -* validateconf needs to be updated to understand (and show information about) - the tordns configuration options. - -* Perhaps intercept reverse name lookups? - DONE - getaddrbyhost (RH) - -* In fact, one could modify tsocks further to play nicely with tor. For - example, you could prevent nonlocal UDP traffic from being sent at all, - and so on. - -The 'tordns' feature for tsocks only works with applications using the -standard c library name lookup mechanisms. - -Some programs roll their own name lookup functions, for example, 'curl' -uses the 'adns' library, not the standard c library name lookup calls. -In this case, you'll still be leaking DNS requests. - -However, it seems that most programs which go to the trouble of implementing -asynchronous DNS requests or doing other tricky things have native SOCKS or -HTTP proxy support. - -Requests for reverse name lookups are not intercepted. - -Finally, the tsocks library is NOT thread-safe, with or without this patch. -You should not 'torify' multithreaded applications.