[tor-commits] [torsocks/master] Deny libc function accept()/accept4()

dgoulet at torproject.org dgoulet at torproject.org
Fri Apr 4 22:40:27 UTC 2014 

commit 3c5ba7b51aafe3e590a4383116477d9b4d40875c
Author: David Goulet <dgoulet at ev0ke.net>
Date:   Thu Feb 20 12:00:19 2014 +0000

    Deny libc function accept()/accept4()
    
    Inbound connection to an application handled by torsocks should not be
    allowed since we can't make them nor make sure that it goes/come through
    the Tor network.
    
    Signed-off-by: David Goulet <dgoulet at ev0ke.net>
---
 src/lib/Makefile.am |    2 +-
 src/lib/accept.c    |   75 +++++++++++++++++++++++++++++++++++++++++++++++++++
 src/lib/torsocks.h  |   28 +++++++++++++++++++
 3 files changed, 104 insertions(+), 1 deletion(-)

diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
index ad25f8c..c508733 100644
--- a/src/lib/Makefile.am
+++ b/src/lib/Makefile.am
@@ -9,6 +9,6 @@ lib_LTLIBRARIES = libtorsocks.la
 libtorsocks_la_SOURCES = torsocks.c torsocks.h \
                          connect.c gethostbyname.c getaddrinfo.c close.c \
                          getpeername.c socket.c syscall.c socketpair.c recv.c \
-                         exit.c
+                         exit.c accept.c
 
 libtorsocks_la_LIBADD = $(top_builddir)/src/common/libcommon.la
diff --git a/src/lib/accept.c b/src/lib/accept.c
new file mode 100644
index 0000000..3dd7617
--- /dev/null
+++ b/src/lib/accept.c
@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2014 - David Goulet <dgoulet at ev0ke.net>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License, version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include <assert.h>
+
+#include "torsocks.h"
+
+TSOCKS_LIBC_DECL(accept, LIBC_ACCEPT_RET_TYPE, LIBC_ACCEPT_SIG)
+
+/*
+ * Torsocks call for accept(2).
+ */
+LIBC_ACCEPT_RET_TYPE tsocks_accept(LIBC_ACCEPT_SIG)
+{
+	DBG("[accept] Syscall denied since inbound connection are not allowed.");
+
+	/*
+	 * Accept is completely denied here since this means that the application
+	 * can accept inbound connections that are obviously NOT handled by the Tor
+	 * network thus reject this call.
+	 */
+	errno = EPERM;
+	return -1;
+}
+
+/*
+ * Libc hijacked symbol accept(2).
+ */
+LIBC_ACCEPT_DECL
+{
+	return tsocks_accept(LIBC_ACCEPT_ARGS);
+}
+
+#if (defined(__linux__))
+
+TSOCKS_LIBC_DECL(accept4, LIBC_ACCEPT4_RET_TYPE, LIBC_ACCEPT4_SIG)
+
+/*
+ * Torsocks call for accept4(2).
+ */
+LIBC_ACCEPT4_RET_TYPE tsocks_accept4(LIBC_ACCEPT4_SIG)
+{
+	DBG("[accept] Syscall denied since inbound connection are not allowed.");
+
+	/*
+	 * Accept is completely denied here since this means that the application
+	 * can accept inbound connections that are obviously NOT handled by the Tor
+	 * network thus reject this call.
+	 */
+	errno = EPERM;
+	return -1;
+}
+
+/*
+ * Libc hijacked symbol accept4(2).
+ */
+LIBC_ACCEPT4_DECL
+{
+	return tsocks_accept4(LIBC_ACCEPT4_ARGS);
+}
+#endif
diff --git a/src/lib/torsocks.h b/src/lib/torsocks.h
index 454ad1c..369652c 100644
--- a/src/lib/torsocks.h
+++ b/src/lib/torsocks.h
@@ -169,6 +169,14 @@ struct hostent **result, int *h_errnop
 #define LIBC_RECVMSG_ARGS \
 	sockfd, msg, flags
 
+/* accept(2) */
+#define LIBC_ACCEPT_NAME accept
+#define LIBC_ACCEPT_NAME_STR XSTR(LIBC_ACCEPT_NAME)
+#define LIBC_ACCEPT_RET_TYPE int
+#define LIBC_ACCEPT_SIG \
+	int sockfd, struct sockaddr *addr, socklen_t *addrlen
+#define LIBC_ACCEPT_ARGS sockfd, addr, addrlen
+
 #else
 #error "OS not supported."
 #endif /* __GLIBC__ , __FreeBSD__, __darwin__, __NetBSD__ */
@@ -184,6 +192,14 @@ struct hostent **result, int *h_errnop
 #define LIBC_SYSCALL_SIG long int number, ...
 #define LIBC_SYSCALL_ARGS number
 
+/* accept4(2) */
+#define LIBC_ACCEPT4_NAME accept4
+#define LIBC_ACCEPT4_NAME_STR XSTR(LIBC_ACCEPT4_NAME)
+#define LIBC_ACCEPT4_RET_TYPE int
+#define LIBC_ACCEPT4_SIG \
+	int sockfd, struct sockaddr *addr, socklen_t *addrlen, int flags
+#define LIBC_ACCEPT4_ARGS sockfd, addr, addrlen, flags
+
 #endif /* __linux__ */
 
 #if (defined(__FreeBSD__) || defined(__darwin__) || defined(__NetBSD__))
@@ -321,6 +337,18 @@ extern TSOCKS_LIBC_DECL(getpeername, LIBC_GETPEERNAME_RET_TYPE,
 #define LIBC_GETPEERNAME_DECL LIBC_GETPEERNAME_RET_TYPE \
 		LIBC_GETPEERNAME_NAME(LIBC_GETPEERNAME_SIG)
 
+/* accept(2) */
+extern TSOCKS_LIBC_DECL(accept, LIBC_ACCEPT_RET_TYPE, LIBC_ACCEPT_SIG)
+#define LIBC_ACCEPT_DECL LIBC_ACCEPT_RET_TYPE \
+		LIBC_ACCEPT_NAME(LIBC_ACCEPT_SIG)
+
+/* accept4(2) */
+#if (defined(__linux__))
+extern TSOCKS_LIBC_DECL(accept4, LIBC_ACCEPT4_RET_TYPE, LIBC_ACCEPT4_SIG)
+#define LIBC_ACCEPT4_DECL LIBC_ACCEPT4_RET_TYPE \
+		LIBC_ACCEPT4_NAME(LIBC_ACCEPT4_SIG)
+#endif
+
 /*
  * Those are actions to do during the lookup process of libc symbols. For
  * instance the connect(2) syscall is essential to Torsocks so the function

More information about the tor-commits mailing list