[tor-bugs] #18079 [Stem]: Improve (IPv6) parsing of "connection resolvers"

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jan 27 17:21:33 UTC 2016 

#18079: Improve (IPv6) parsing of "connection resolvers"
--------------------+--------------------------
 Reporter:  toralf  |          Owner:  atagar
     Type:  defect  |         Status:  reopened
 Priority:  Medium  |      Milestone:
Component:  Stem    |        Version:
 Severity:  Normal  |     Resolution:
 Keywords:  ipv6    |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+--------------------------

Comment (by atagar):

 Damnit! I got truly excited this morning when I realized this might
 finally allow us to [https://trac.torproject.org/projects/tor/ticket/15259
 resolve connections despite tor's DisableDebuggerAttachment]. This change
 is in my [https://gitweb.torproject.org/user/atagar/stem.git/log/?h=proc
 proc branch]
 ([https://gitweb.torproject.org/user/atagar/stem.git/commit/?h=proc&id=02723814521e891260637764c236c9f9e5f429e2
 commit]).

 **Good news:** Resolving connections this way is faster, simpler, and
 avoids reading /proc/<pid>/fd which doesn't work unless
 'DisableDebuggerAttachment 0' is set.

 **Bad news:** Doesn't work.

 Currently proc connection resolution works as follows...

 * Read where links in /proc/<pid>/fd/* point to so we can get the inode
 from anything citing a socket...

 {{{
 % ls -l /proc/26257/fd
 lrwx------ 1 atagar atagar 64 Jan 27 08:56 0 -> /dev/pts/10
 lrwx------ 1 atagar atagar 64 Jan 27 08:56 1 -> /dev/pts/10
 lrwx------ 1 atagar atagar 64 Jan 27 08:56 10 -> socket:[15644314]
 lrwx------ 1 atagar atagar 64 Jan 27 08:56 11 -> socket:[15645635]
 }}}

 * One we have a list of socket inodes for the process we read
 /proc/net/tcp to get the connection information for them.

 Trouble is that /proc/<pid>/net/tcp **isn't** restricted to just that
 process. In fact it's merely a copy of /proc/net/tcp...

 {{{
 % sha1sum /proc/net/tcp /proc/26257/net/tcp
 500719688c09b0bf5397ee19d50739d52cc71dac  /proc/net/tcp
 500719688c09b0bf5397ee19d50739d52cc71dac  /proc/26257/net/tcp
 }}}

 I would be really delighted if we could get this working without reading
 /proc/<pid>/fd but I'm stumped. Anyone have any ideas?

 > However the /proc resolver returns all IPv6 connections and not only
 those related to the Tor process.

 For what it's worth I'm unsure how this could be. As mentioned above you
 should be restricted to the inodes of your process.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18079#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list