[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] torify/torsocks and TCP Fast Open



On Wednesday 14 January 2015 09:01:40 David Goulet wrote:
> On 13 Jan (15:25:35), Tim Ruehsen wrote:
> > Hi,
> > 
> > I tried to torify my wget-like application
> > (https://github.com/rockdaboot/mget) and after some struggling I found
> > that
> > TFO is enabled by default (where available).
> > 
> > I guess, the problem is TFO not using connect() but sendto().
> > 
> > Please enlighten me, what I can do (despite turning off TFO).
> > 
> > Is it worth a patch or do you think patching libtorsocks has pitfalls or
> > unwanted side-effects ?
> 
> Can you tell me the torsocks version you are using. Also, how can I
> reproduce this. Is TFO something you have to set to the socket or enable
> with a sysctl or... ?

Hi David,

Thanks for having a look at it.

I am using Debian unstable, torsocks 2.0.0-3

Be aware that TFO is not using connect() but sendto() instead (and sendto has 
been removed from libtorsocks.so a while ago).
see here for a good description
http://edsiper.linuxchile.cl/blog/2013/02/21/linux-tcp-fastopen-in-your 
sockets/

To reproduce, you'll need a client that supports TFO.
e.g.
git clone https://github.com/rockdaboot/mget.git
cd mget
./autogen.sh
./configure

[Hint: mget currently does not use TFO with HTTPS, just with HTTP]

Check your own IP
src/mget -qO- checkip.dyndns.org|grep IP
[Shows your current IP]

Double check with wget
wget -qO- checkip.dyndns.org|grep IP
[Shows your current IP]

Check torifying with TFO enabled (guess you have linux kernel >= 3.6.1)
torify src/mget -qO- checkip.dyndns.org|grep IP
[Shows your current IP]

Check torifying with TFO disabled
torify src/mget -qO- --no-tcp-fastopen checkip.dyndns.org|grep IP
[Shows a Tor IP]


Applying my patch (posted to the list) to the latest git master, I use for 
testing:
LD_PRELOAD="/home/tim/src/torsocks/src/lib/.libs/libtorsocks.so" src/mget -qO- 
checkip.dyndns.org|grep IP
[Shows a Tor IP, same with --no-tcp-fastopen]

Tim

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev