[tor-bugs] #34135 [Internal Services]: Feature suggestion: SOCKS5 internal DNS resolver.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu May 7 03:09:54 UTC 2020
#34135: Feature suggestion: SOCKS5 internal DNS resolver.
-------------------------+-----------------------------------
Reporter: pcr | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Component: Internal Services
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------+-----------------------------------
There are many programs that forward DNS request over SOCKS5 proxies, to
work with tor the most of them send the queries in TCP format.
But they cannot use the DNS of Tor relays, they can only send to an
external DNS server, so disabling access to .onion sites.
That's why a virtual DNS server in the TOR SOCKS5 server would be useful,
so these programs can use relays DNS and handle .onion queries.
Another case are transparent forwarders that use a upstream SOCKS5
address, DNS should be provided by a kind of program like above or a DNS
over TCP scheme (available in the Linux GLIBC since 2015, see
https://web.archive.org/web/20150518063349/http://man7.org:80/linux/man-
pages/man5/resolv.conf.5.html).
By adding the option "use-vc" in the Linux /etc/resolv.conf file, DNS
queries can be done over the transparent proxy using external DNS servers,
BUT NOT DNS of Tor relays and it cannot resolves .onion sites.
For these cases a virtual DNS resolver in the TOR SOCKS port would be
useful, it can be only TCP (not UDP).
This is for DNS forwarders that use SOCKS proxies, and provide DNS in TCP
mode to environments over transparent proxies.
The virtual addresses could be 224.0.0.1 for IPv4 and [2001:db8::1] for
IPv6.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34135>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list