[tor-dev] [RELEASE] Torsocks 2.0.0-rc4
David Goulet
dgoulet at ev0ke.net
Tue Mar 4 22:28:59 UTC 2014
On 04 Mar (10:46:06), David Goulet wrote:
> On 04 Mar (10:30:40), Nick Mathewson wrote:
> > On Tue, Mar 4, 2014 at 10:13 AM, David Goulet <dgoulet at ev0ke.net> wrote:
> > > On 04 Mar (08:36:13), Nick Mathewson wrote:
> > >> On Mar 4, 2014 4:26 AM, "Lunar" <lunar at torproject.org> wrote:
> > >> >
> > >> > David Goulet:
> > >> > > After a big code review from Nick and help from a lot of people
> > >> > > contributing and testing, this is the release candidate 4 for the new
> > >> > > torsocks.
> > >> >
> > >> > I was about to push the new version to Debian experimental, but it just
> > >> > breaks my SSH configuration too badly.
> > >> >
> > >> > The new version forbids listen() and accept().
> > >> >
> > >> > That means that at least SSH options ControlMaster, LocalForward, and
> > >> > DynamicForward will not work. Being able to multiplex connections
> > >> > (ControlMaster) is pretty crucial to keep sanity when working over
> > >> > hidden services. Forwarding options allow a simple way to create to
> > >> > tunnel TCP connections to a remote system through SSH over Tor.
> > >> >
> > >> > I am not sure what is the right move here. Perhaps allowing listen on
> > >> > Unix sockets and localhost? Or maybe allowing listen() entirely?
> > >>
> > >> Those sound like good candidates for options. I think that listen-local is
> > >> probably safe*, but arbitrary listen is broken in enough use cases that it
> > >> should IMO be off by default.
> > >
> > > I agree here that this should not break the ssh -L. What I propose is an
> > > option that allows torsocks to accept inbound connection thus
> > > listen()/accept().
> > >
> > > An option in the configuration file and an environment variable also
> > > (which adds a command line option to torsocks as well). What about
> > > "AllowInbound" or "AllowListen" or "AcceptListen" that is off by
> > > default.
> >
> > AllowInbound is probably okay, though still I think that "allow
> > inbound locally only" is a good idea.
> >
> > (Could we implement that by checking getsockname() on the socket
> > before the call to listen(), to make sure that it was localhost or
> > unix?)
>
> I'm comfortable with that having torsocks to allow localhost binding
> *but* denies by default non localhost.
>
> "AllowInbound 1" would allow non localhost inbound and yes getsockname()
> is probably the right call to use! :)
>
> /me implementing that.
I just pushed this feature that adds "AllowInbound 0|1" option. Also by
default now the Unix socket and localhost are allowed.
Again, time for testing and review!
Thanks!
David
>
> Thanks!
> David
>
> >
> > --
> > Nick
> > _______________________________________________
> > tor-dev mailing list
> > tor-dev at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140304/3c45747e/attachment.sig>
More information about the tor-dev
mailing list