[tor-dev] torify/torsocks and TCP Fast Open

Tim Rühsen tim.ruehsen at gmx.de
Sat Jan 17 12:25:49 UTC 2015 

Hi,

do you need any more information ?

Tim


Am Mittwoch, 14. Januar 2015, 16:53:58 schrieb Tim Ruehsen:
> On Wednesday 14 January 2015 09:01:40 David Goulet wrote:
> > On 13 Jan (15:25:35), Tim Ruehsen wrote:
> > > Hi,
> > > 
> > > I tried to torify my wget-like application
> > > (https://github.com/rockdaboot/mget) and after some struggling I found
> > > that
> > > TFO is enabled by default (where available).
> > > 
> > > I guess, the problem is TFO not using connect() but sendto().
> > > 
> > > Please enlighten me, what I can do (despite turning off TFO).
> > > 
> > > Is it worth a patch or do you think patching libtorsocks has pitfalls or
> > > unwanted side-effects ?
> > 
> > Can you tell me the torsocks version you are using. Also, how can I
> > reproduce this. Is TFO something you have to set to the socket or enable
> > with a sysctl or... ?
> 
> Hi David,
> 
> Thanks for having a look at it.
> 
> I am using Debian unstable, torsocks 2.0.0-3
> 
> Be aware that TFO is not using connect() but sendto() instead (and sendto
> has been removed from libtorsocks.so a while ago).
> see here for a good description
> http://edsiper.linuxchile.cl/blog/2013/02/21/linux-tcp-fastopen-in-your
> sockets/
> 
> To reproduce, you'll need a client that supports TFO.
> e.g.
> git clone https://github.com/rockdaboot/mget.git
> cd mget
> ./autogen.sh
> ./configure
> 
> [Hint: mget currently does not use TFO with HTTPS, just with HTTP]
> 
> Check your own IP
> src/mget -qO- checkip.dyndns.org|grep IP
> [Shows your current IP]
> 
> Double check with wget
> wget -qO- checkip.dyndns.org|grep IP
> [Shows your current IP]
> 
> Check torifying with TFO enabled (guess you have linux kernel >= 3.6.1)
> torify src/mget -qO- checkip.dyndns.org|grep IP
> [Shows your current IP]
> 
> Check torifying with TFO disabled
> torify src/mget -qO- --no-tcp-fastopen checkip.dyndns.org|grep IP
> [Shows a Tor IP]
> 
> 
> Applying my patch (posted to the list) to the latest git master, I use for
> testing:
> LD_PRELOAD="/home/tim/src/torsocks/src/lib/.libs/libtorsocks.so" src/mget
> -qO- checkip.dyndns.org|grep IP
> [Shows a Tor IP, same with --no-tcp-fastopen]
> 
> Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150117/3e684db3/attachment.sig>

More information about the tor-dev mailing list