nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-30 23:53:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add a new config option TestSocks so people can see if their

Browse Source 
applications are using socks4, socks4a, socks5-with-ip, or
socks5-with-hostname. This way they don't have to keep mucking
with tcpdump and wondering if something got cached somewhere.


svn:r5399
This commit is contained in:
Roger Dingledine 2005-11-16 23:37:35 +00:00
parent 83d6b0387b
commit c4aa9e7941
4 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/or/buffers.c
View File

@ -888,10 +888,13 @@ fetch_from_buf_http(buf_t *buf,
* If you want to specify the socks reply, write it into <b>req->reply</b> * If you want to specify the socks reply, write it into <b>req->reply</b>
* and set <b>req->replylen</b>, else leave <b>req->replylen</b> alone. * and set <b>req->replylen</b>, else leave <b>req->replylen</b> alone.
* *
* If <b>log_sockstype</b> is non-zero, then do a notice-level log of whether
* the connection is possibly leaking DNS requests locally or not.
*
* If returning 0 or -1, <b>req->address</b> and <b>req->port</b> are undefined. * If returning 0 or -1, <b>req->address</b> and <b>req->port</b> are undefined.
*/ */
int int
fetch_from_buf_socks(buf_t *buf, socks_request_t *req) fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
{ {
unsigned char len; unsigned char len;
char tmpbuf[INET_NTOA_BUF_LEN]; char tmpbuf[INET_NTOA_BUF_LEN];
@ -924,7 +927,7 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
req->reply[1] = '\xFF'; /* reject all methods */ req->reply[1] = '\xFF'; /* reject all methods */
return -1; return -1;
} }
buf_remove_from_front(buf,2+nummethods);/* remove packet from buf */ buf_remove_from_front(buf,2+nummethods); /* remove packet from buf */
req->replylen = 2; /* 2 bytes of response */ req->replylen = 2; /* 2 bytes of response */
req->reply[0] = 5; /* socks5 reply */ req->reply[0] = 5; /* socks5 reply */
@ -982,6 +985,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
req->address[len] = 0; req->address[len] = 0;
req->port = ntohs(get_uint16(buf->cur+5+len)); req->port = ntohs(get_uint16(buf->cur+5+len));
buf_remove_from_front(buf, 5+len+2); buf_remove_from_front(buf, 5+len+2);
if (log_sockstype)
notice(LD_APP, "Your application (using socks5 on port %d) gave Tor a hostname, which means Tor will do the DNS resolve for you. This is good.", req->port);
return 1; return 1;
default: /* unsupported */ default: /* unsupported */
warn(LD_APP,"socks5: unsupported address type %d. Rejecting.",*(buf->cur+3)); warn(LD_APP,"socks5: unsupported address type %d. Rejecting.",*(buf->cur+3));
@ -1055,6 +1060,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
return -1; return -1;
} }
tor_assert(next < buf->cur+buf->datalen); tor_assert(next < buf->cur+buf->datalen);
if (log_sockstype)
notice(LD_APP, "Your application (using socks4a on port %d) gave Tor a hostname, which means Tor will do the DNS resolve for you. This is good.", req->port);
} }
debug(LD_APP,"socks4: Everything is here. Success."); debug(LD_APP,"socks4: Everything is here. Success.");
strlcpy(req->address, startaddr ? startaddr : tmpbuf, strlcpy(req->address, startaddr ? startaddr : tmpbuf,

1
src/or/config.c
View File

@ -191,6 +191,7 @@ static config_var_t _option_vars[] = {
VAR("StrictEntryNodes", BOOL, StrictEntryNodes, "0"), VAR("StrictEntryNodes", BOOL, StrictEntryNodes, "0"),
VAR("StrictExitNodes", BOOL, StrictExitNodes, "0"), VAR("StrictExitNodes", BOOL, StrictExitNodes, "0"),
VAR("SysLog", LINELIST_S, OldLogOptions, NULL), VAR("SysLog", LINELIST_S, OldLogOptions, NULL),
VAR("TestSocks", BOOL, TestSocks, "0"),
VAR("TrackHostExits", CSV, TrackHostExits, NULL), VAR("TrackHostExits", CSV, TrackHostExits, NULL),
VAR("TrackHostExitsExpire",INTERVAL, TrackHostExitsExpire, "30 minutes"), VAR("TrackHostExitsExpire",INTERVAL, TrackHostExitsExpire, "30 minutes"),
OBSOLETE("TrafficShaping"), OBSOLETE("TrafficShaping"),

7
src/or/connection_edge.c
View File

@ -923,7 +923,8 @@ connection_ap_handshake_process_socks(connection_t *conn)
socks_request_t *socks; socks_request_t *socks;
int sockshere; int sockshere;
hostname_type_t addresstype; hostname_type_t addresstype;
int tor_should_handle_stream = !get_options()->LeaveStreamsUnattached; or_options_t *options = get_options();
int tor_should_handle_stream = !options->LeaveStreamsUnattached;
tor_assert(conn); tor_assert(conn);
tor_assert(conn->type == CONN_TYPE_AP); tor_assert(conn->type == CONN_TYPE_AP);
@ -933,7 +934,7 @@ connection_ap_handshake_process_socks(connection_t *conn)
debug(LD_APP,"entered."); debug(LD_APP,"entered.");
sockshere = fetch_from_buf_socks(conn->inbuf, socks); sockshere = fetch_from_buf_socks(conn->inbuf, socks, options->TestSocks);
if (sockshere == 0) { if (sockshere == 0) {
if (socks->replylen) { if (socks->replylen) {
connection_write_to_buf(socks->reply, socks->replylen, conn); connection_write_to_buf(socks->reply, socks->replylen, conn);
@ -1072,7 +1073,7 @@ connection_ap_handshake_process_socks(connection_t *conn)
rep_hist_note_used_port(socks->port, time(NULL)); /* help predict this next time */ rep_hist_note_used_port(socks->port, time(NULL)); /* help predict this next time */
control_event_stream_status(conn, STREAM_EVENT_NEW); control_event_stream_status(conn, STREAM_EVENT_NEW);
} }
if (get_options()->LeaveStreamsUnattached) { if (!tor_should_handle_stream) {
conn->state = AP_CONN_STATE_CONTROLLER_WAIT; conn->state = AP_CONN_STATE_CONTROLLER_WAIT;
} else { } else {
conn->state = AP_CONN_STATE_CIRCUIT_WAIT; conn->state = AP_CONN_STATE_CIRCUIT_WAIT;

4
src/or/or.h
View File

@ -1307,6 +1307,8 @@ typedef struct {
#define LOG_PROTOCOL_WARN (get_options()->ProtocolWarnings ? LOG_WARN : LOG_INFO) #define LOG_PROTOCOL_WARN (get_options()->ProtocolWarnings ? LOG_WARN : LOG_INFO)
int ProtocolWarnings; /**< Boolean: when other parties screw up the Tor int ProtocolWarnings; /**< Boolean: when other parties screw up the Tor
* protocol, is it a warn or an info in our logs? */ * protocol, is it a warn or an info in our logs? */
int TestSocks; /**< Boolean: when we get a socks connection, do we loudly
* log whether it was DNS-leaking or not? */
int HardwareAccel; /**< Boolean: Should we enable OpenSSL hardware int HardwareAccel; /**< Boolean: Should we enable OpenSSL hardware
* acceleration where available? */ * acceleration where available? */
int UseHelperNodes; /**< Boolean: Do we try to enter from a smallish number int UseHelperNodes; /**< Boolean: Do we try to enter from a smallish number
@ -1379,7 +1381,7 @@ int fetch_from_buf_http(buf_t *buf,
char **headers_out, size_t max_headerlen, char **headers_out, size_t max_headerlen,
char **body_out, size_t *body_used, size_t max_bodylen, char **body_out, size_t *body_used, size_t max_bodylen,
int force_complete); int force_complete);
int fetch_from_buf_socks(buf_t *buf, socks_request_t *req); int fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype);
int fetch_from_buf_control0(buf_t *buf, uint32_t *len_out, uint16_t *type_out, int fetch_from_buf_control0(buf_t *buf, uint32_t *len_out, uint16_t *type_out,
char **body_out, int check_for_v1); char **body_out, int check_for_v1);
int fetch_from_buf_line(buf_t *buf, char *data_out, size_t *data_len); int fetch_from_buf_line(buf_t *buf, char *data_out, size_t *data_len);