[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] [RELEASE] Torsocks 2.0.0-rc4



On 04 Mar (10:46:06), David Goulet wrote:
> On 04 Mar (10:30:40), Nick Mathewson wrote:
> > On Tue, Mar 4, 2014 at 10:13 AM, David Goulet <dgoulet@xxxxxxxxx> wrote:
> > > On 04 Mar (08:36:13), Nick Mathewson wrote:
> > >> On Mar 4, 2014 4:26 AM, "Lunar" <lunar@xxxxxxxxxxxxxx> wrote:
> > >> >
> > >> > David Goulet:
> > >> > > After a big code review from Nick and help from a lot of people
> > >> > > contributing and testing, this is the release candidate 4 for the new
> > >> > > torsocks.
> > >> >
> > >> > I was about to push the new version to Debian experimental, but it just
> > >> > breaks my SSH configuration too badly.
> > >> >
> > >> > The new version forbids listen() and accept().
> > >> >
> > >> > That means that at least SSH options ControlMaster, LocalForward, and
> > >> > DynamicForward will not work. Being able to multiplex connections
> > >> > (ControlMaster) is pretty crucial to keep sanity when working over
> > >> > hidden services. Forwarding options allow a simple way to create to
> > >> > tunnel TCP connections to a remote system through SSH over Tor.
> > >> >
> > >> > I am not sure what is the right move here. Perhaps allowing listen on
> > >> > Unix sockets and localhost? Or maybe allowing listen() entirely?
> > >>
> > >> Those sound like good candidates for options. I think that listen-local is
> > >> probably safe*, but arbitrary listen is broken in enough use cases that it
> > >> should IMO be off by default.
> > >
> > > I agree here that this should not break the ssh -L. What I propose is an
> > > option that allows torsocks to accept inbound connection thus
> > > listen()/accept().
> > >
> > > An option in the configuration file and an environment variable also
> > > (which adds a command line option to torsocks as well). What about
> > > "AllowInbound" or "AllowListen" or "AcceptListen" that is off by
> > > default.
> > 
> > AllowInbound is probably okay, though still I think that "allow
> > inbound locally only" is a good idea.
> > 
> > (Could we implement that by checking getsockname() on the socket
> > before the call to listen(), to make sure that it was localhost or
> > unix?)
> 
> I'm comfortable with that having torsocks to allow localhost binding
> *but* denies by default non localhost.
> 
> "AllowInbound 1" would allow non localhost inbound and yes getsockname()
> is probably the right call to use! :)
> 
> /me implementing that.

I just pushed this feature that adds "AllowInbound 0|1" option. Also by
default now the Unix socket and localhost are allowed.

Again, time for testing and review!

Thanks!
David

> 
> Thanks!
> David
> 
> > 
> > -- 
> > Nick
> > _______________________________________________
> > tor-dev mailing list
> > tor-dev@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev



> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev