[tor-dev] InjectSOCKS: 2nd try

David Goulet dgoulet at ev0ke.net
Thu Dec 12 16:10:25 UTC 2013 

Hi again,

Sorry for the delay to respond!

On 10 Dec (20:27:14), tor at herr-der-mails.de wrote:
> Hello David,
> 
> thank you for your reaction. I've read some information about 
> "Torsocks" now and yes, it seems to be similar. Unfortunately the 
> information on Torsocks's homepage is rather short. So I can't tell 
> you if the internal technology is similar.

Currently, an effort is still ongoing on rewriting torsocks and in code
review process right now. Thus, the webpage is probably out of date big
time.

> It tells that it explicitly rejects UDP traffic. It would be possible 
> to block UDP traffic in InjectSOCKS as well. By the way, why does Tor 
> not support UDP via SOCKS?

Yes, UDP is simply not supported by Tor thus it will be rejected when
opening the socket. Actually, it's not only UDP that should be blocked
but *every* other protocol except TCP. For instance, there is no way to
send icmp request through Tor thus we don't want that to leak.

> The Torsocks documents also say that it blocks local traffic as well. 
> While implementing InjectsSOCKS I saw that some Windows software 
> needs local traffic in order to work for internal inter process 
> communication (maybe Internet Explorer - not sure anymore). So I've 
> explicitly prevented using the SOCKS server for local traffic 
> (wouldn't make sense) and don't reject it - otherwise this software 
> wouldn't work anymore.

This is dangerous and the reason why it's denied is that the application
could easily make a DNS request for instance to a local server that will
then resolve it on a remote one thus leaking.

You should really reconsider that, going locally can be fine but also
really dangerous.

> 
> > Do you think you can put your code into a git repository (github,
> > gitourious, ...). That would be *very* helpful to review/contribute
> > and track changes.
> 
> Unfortunately I'm not familiar with git. However, the source code is 
> rather small. The most important parts are in InjectSOCKS_DLL.c
> The sources are already commented a little bit, but I think that I'll 
> add Visual C++ XML or doxygen style documentation. This way it's 
> easier to understand and review/analyze the code. For the moment I'd 
> like to suggest sending me any change suggestions or questions via 
> e-mail. If we detect that this is not manageable, we can still switch 
> to a different solution.

Maybe you can use one you are familiar with? SVN, bazaar ... ? It's just
that for an open source project, having it easily browsable on a public
server that *anyone* can clone the latest, it helps a great deal.

Maybe it's a good time to get familiar with the most awesome tool you'll
ever play with, git! :P

> 
> By the way, I've released V1.1 of InjectSOCKS now. This adds the BSD 
> license text and a dialog for creating a Windows shortcut file to 
> call InjectSOCKS correctly. The dialog pops up when you start 
> InjectSOCKS without any parameter. This helps users not familiar with 
> the command line.
> Known bug: There is a small possible memory leak in the function 
> "CreateLink" of that dialog; it will be fixed in the next release :-)

I'll take a look at it and if I can find a Windows, test it. From that
point on, I'll check how feasible it is to integrate what you did in the
new torsocks code so we can have *nix and Windows support in the same
tool, that would be quite awesome.

Cheers and thanks for this!
David

> 
> Regards,
> ghostmaker
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20131212/e3fe39be/attachment.sig>

More information about the tor-dev mailing list