tsocks buggy / DNS wrap?

Stefan `Sec` Zehl sec at 42.org
Wed Aug 3 01:41:10 UTC 2005 

Hi,

I have just installed tor just to try it out.

I have noticed, that the supplied tsocks (called by torify) is somehow
buggy. For example my "ircii" fails to connect anywhere while running
under it.

While browsing the websites, i noticed a pointer to proxychains, which
seemed to work better for me.

While I don't really have problems with leaking DNS packets, i found it
unsatisfying not to be able to access *.onion sites easily, so I quickly
hacked some code into proxychains which wrapped getaddrinfo() to return
a 0.0.0.* address, and (socks5)-connect to translate these back into a
name before connecting.

The code is not very clean (tested only under freebsd 5.x), and misses a
few things (e.g. a wrapper for gethostbyname() ). I have successfully
tried it with "telnet" and "w3m" on FreeBSD.

Before I do that, I wanted to ask what you think of that idea. Do you
think its worthwhile to have, and might even be included?

CU,
    Sec

--- proxychains/core.c.orig	Wed Aug  3 03:36:46 2005
+++ proxychains/core.c	Wed Aug  3 03:37:26 2005
@@ -36,6 +36,8 @@
 #include <stdarg.h>
 #include "core.h"
 
+extern unsigned char hnum;
+extern char * hnames[MAXH];
 extern int tcp_read_time_out;
 extern int tcp_connect_time_out;
 extern int proxychains_quiet_mode;
@@ -335,13 +337,35 @@
      				buff[0]=5;       // version
 				buff[1]=1;       // connect
 				buff[2]=0;       // reserved
-				buff[3]=1;       // ip v4
 
+				int len;
+				if((ntohl(ip)<256)&&(ntohl(ip)>0)){
+					  if(ntohl(ip)>hnum){
+						    printf("Illegal Onion\n");
+						    return SOCKET_ERROR;
+					  };
+					  char * hostname=hnames[ntohl(ip)];
+					  len=strlen(hostname);
+					  if(len>250){
+						    printf("Hostname too long\n");
+						    return SOCKET_ERROR;
+					  };
+
+					  printf("Unresolving: %d to %s[%d]\n",
+						    ntohl(ip),hostname,len);
+					  buff[3]=3;       // DOMAINNAME
+					  buff[4]=(char)len;
+					  memcpy(&buff[5],hostname,len); // dest host
+					  len++;
+				}else{
+					  buff[3]=1;       // ip v4
 			 	memcpy(&buff[4],&ip,4); // dest host
-				memcpy(&buff[8],&port,2); // dest port
+					  len=4;
+				}
+				memcpy(&buff[4+len],&port,2); // dest port
 				
 
-			      if(10!=write_n_bytes(sock,buff,10))
+			      if((4+len+2)!=write_n_bytes(sock,buff,(4+len+2)))
 					return SOCKET_ERROR;
 		
 			      if(4!=read_n_bytes(sock,buff,4))
--- proxychains/core.h.orig	Wed Aug  3 03:36:52 2005
+++ proxychains/core.h	Wed Aug  3 03:37:26 2005
@@ -73,3 +73,6 @@
 
 
 #endif
+
+#define MAXH 5
+
--- proxychains/libproxychains.c.orig	Wed Aug  3 03:37:07 2005
+++ proxychains/libproxychains.c	Wed Aug  3 03:37:31 2005
@@ -32,6 +32,7 @@
 #include <sys/fcntl.h>
 
 
+#include <dlfcn.h>
 #include "core.h"
 
 #define     satosin(x)      ((struct sockaddr_in *) &(x))
@@ -41,6 +42,9 @@
 #define     SOCKFAMILY(x)     (satosin(x)->sin_family)
 #define     MAX_CHAIN 30*1024
 
+char * hnames[MAXH];
+unsigned char hnum=0;
+
 int tcp_read_time_out;
 int tcp_connect_time_out;
 chain_type proxychains_ct;
@@ -162,4 +166,67 @@
 	errno=ECONNREFUSED;
   return ret;
 }
+
+struct hostent* gethostbyname(const char *name){
+	  printf("gethostbyname: %s\n");
+	  return _gethostbyname(name);
+};
+
+int getaddrinfo(const char *hostname, const char *servname,
+		    const struct addrinfo *hints, struct addrinfo **res){
+
+	  int hlen=strlen(hostname);
+	  char *redir =".onion";
+	  int rlen=strlen(redir);
+
+	  struct addrinfo *ai;
+
+	  if ((hostname != NULL) && (hlen>=rlen)){
+		    if(strcmp(redir,hostname+hlen-rlen)==0){
+				printf("Captured Onion!\n");
+
+				/* New Onion */
+				hnum++;
+				if(hnum>=MAXH){
+					  printf("Onion cache full\n");
+					  return EAI_FAIL;
+				};
+				hnames[hnum]=malloc(strlen(hostname)+1);
+				strcpy(hnames[hnum],hostname);
+
+ai=malloc(sizeof(*ai));
+memset(ai, 0, sizeof(*ai));
+
+struct sockaddr_in * sin;
+sin=malloc(sizeof(*sin));
+memset(sin, 0, sizeof(*sin));
+sin->sin_len=sizeof(*sin);
+sin->sin_family=AF_INET;
+sin->sin_port=htons(atoi(servname));
+sin->sin_addr.s_addr=htonl(hnum);
+
+ai->ai_flags=0;    
+ai->ai_family=AF_INET;
+ai->ai_socktype=SOCK_STREAM;
+ai->ai_protocol=IPPROTO_TCP;
+ai->ai_addrlen=sizeof(*sin);
+ai->ai_canonname=NULL;
+ai->ai_addr=sin;
+ai->ai_next=NULL;
+
+
+				*res=ai;
+				return 0;
+		    };
+	  };
+	  printf("getaddrinfo: %s %s\n",hostname,servname);
+
+	  int (*libc_getaddrinfo)(const char *hostname, const char *servname,
+				const struct addrinfo *hints, struct addrinfo **res)=
+		    dlsym(RTLD_NEXT, "getaddrinfo");
+
+	  return libc_getaddrinfo(hostname, servname, hints, res);
+};
+
+// void freeaddrinfo(struct addrinfo *ai);
 
-- 
| Kevin Dalley on Melissa being Open Source:
While the Melissa license is a bit unclear, Melissa aggressively
encourages free distribution of its source code.

More information about the tor-dev mailing list