[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] torify/torsocks and TCP Fast Open

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] torify/torsocks and TCP Fast Open
From: Tim Ruehsen <tim.ruehsen@xxxxxx>
Date: Wed, 14 Jan 2015 16:53:58 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 14 Jan 2015 11:00:31 -0500
In-reply-to: <20150114140140.GA24965@dalia>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <12692970.1PIi2Jmkmn@blitz-lx> <20150114140140.GA24965@dalia>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: KMail/4.14.2 (Linux/3.16.0-4-amd64; KDE/4.14.2; x86_64; ; )

On Wednesday 14 January 2015 09:01:40 David Goulet wrote:
> On 13 Jan (15:25:35), Tim Ruehsen wrote:
> > Hi,
> > 
> > I tried to torify my wget-like application
> > (https://github.com/rockdaboot/mget) and after some struggling I found
> > that
> > TFO is enabled by default (where available).
> > 
> > I guess, the problem is TFO not using connect() but sendto().
> > 
> > Please enlighten me, what I can do (despite turning off TFO).
> > 
> > Is it worth a patch or do you think patching libtorsocks has pitfalls or
> > unwanted side-effects ?
> 
> Can you tell me the torsocks version you are using. Also, how can I
> reproduce this. Is TFO something you have to set to the socket or enable
> with a sysctl or... ?

Hi David,

Thanks for having a look at it.

I am using Debian unstable, torsocks 2.0.0-3

Be aware that TFO is not using connect() but sendto() instead (and sendto has 
been removed from libtorsocks.so a while ago).
see here for a good description
http://edsiper.linuxchile.cl/blog/2013/02/21/linux-tcp-fastopen-in-your 
sockets/

To reproduce, you'll need a client that supports TFO.
e.g.
git clone https://github.com/rockdaboot/mget.git
cd mget
./autogen.sh
./configure

[Hint: mget currently does not use TFO with HTTPS, just with HTTP]

Check your own IP
src/mget -qO- checkip.dyndns.org|grep IP
[Shows your current IP]

Double check with wget
wget -qO- checkip.dyndns.org|grep IP
[Shows your current IP]

Check torifying with TFO enabled (guess you have linux kernel >= 3.6.1)
torify src/mget -qO- checkip.dyndns.org|grep IP
[Shows your current IP]

Check torifying with TFO disabled
torify src/mget -qO- --no-tcp-fastopen checkip.dyndns.org|grep IP
[Shows a Tor IP]


Applying my patch (posted to the list) to the latest git master, I use for 
testing:
LD_PRELOAD="/home/tim/src/torsocks/src/lib/.libs/libtorsocks.so" src/mget -qO- 
checkip.dyndns.org|grep IP
[Shows a Tor IP, same with --no-tcp-fastopen]

Tim

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] torify/torsocks and TCP Fast Open
  - From: Tim Rühsen
- Re: [tor-dev] torify/torsocks and TCP Fast Open
  - From: Tim Rühsen

References:
- [tor-dev] torify/torsocks and TCP Fast Open
  - From: Tim Ruehsen
- Re: [tor-dev] torify/torsocks and TCP Fast Open
  - From: David Goulet

Prev by Author: Re: [tor-dev] [PATCH] torify/torsocks and TCP Fast Open
Next by Author: Re: [tor-dev] [PATCH] torify/torsocks and TCP Fast Open
Previous by thread: Re: [tor-dev] torify/torsocks and TCP Fast Open
Next by thread: Re: [tor-dev] torify/torsocks and TCP Fast Open
Index(es):
- Author
- Thread