[tor-bugs] #5751 [Company]: Standardize SOCKS extensions to support proxied DNS queries

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu May 3 02:21:31 UTC 2012 

#5751: Standardize SOCKS extensions to support proxied DNS queries
---------------------+------------------------------------------------------
 Reporter:  rransom  |          Owner:          
     Type:  project  |         Status:  assigned
 Priority:  normal   |      Milestone:          
Component:  Company  |        Version:          
 Keywords:           |         Parent:          
   Points:           |   Actualpoints:          
---------------------+------------------------------------------------------
Changes (by rransom):

  * status:  new => assigned
  * owner:  phobos =>


Comment:

 Replying to [comment:1 nickm]:
 > Interesting idea.  What working group has SOCKS under its purview?

 I have no idea.  There may not be one currently.

 > One other possibility is that this will be attacked, on the theory that
 "that's not what SOCKS is for".  So we'll need to make the argument that
 proxying a DNS request is something that SOCKS ought to be handling.

 Local SOCKS proxies have become a popular way to direct an application's
 outgoing connections through another computer without altering system-wide
 network configuration.  Some applications (such as XMPP clients) need to
 perform custom DNS queries before they can decide what address and/or port
 to connect to.  If the local computer's DNS resolver is misconfigured or
 broken, applications should be able to ask a proxy to handle DNS queries
 for them.

 (And I've already given an example that Tor doesn't support yet...)

 Some applications need to find out what IP address their proxy will
 connect them to when given a particular hostname.

 > You're right about how we'll get opposed because our current thing
 doesn't support all of DNS. One challenge there is that if we support all
 of DNS, we might as well just open a DNS port.  If we do all of DNS over
 socks, applications would need to implement their own DNS resolvers, and
 DNS is an annoyingly easy format to get wrong.

 Even if Tor supports all of DNS over SOCKS, that's better for XMPP clients
 and web browsers that are configured to use Tor as their SOCKS proxy than
 a separate DNS port (which would need to be configured as the system
 resolver in order to make applications use it).

 I don't know which DNS queries (or replies) would be most useful in a DNS
 subset yet.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5751#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list