[tor-bugs] #23876 [Core Tor/Torsocks]: Torsocks getpeername() is broken for .onion addresses

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Oct 15 21:24:24 UTC 2017 

#23876: Torsocks getpeername() is broken for .onion addresses
-----------------------------------+---------------------
     Reporter:  Torsocks_user      |      Owner:  dgoulet
         Type:  defect             |     Status:  new
     Priority:  Medium             |  Milestone:
    Component:  Core Tor/Torsocks  |    Version:
     Severity:  Normal             |   Keywords:
Actual Points:                     |  Parent ID:
       Points:                     |   Reviewer:
      Sponsor:                     |
-----------------------------------+---------------------
 When I connect to a .onion host with ssh using torsocks, ssh connects to
 the host and completes authentication but then it aborts with this error:
    {{{get_sock_port: getnameinfo NI_NUMERICSERV failed: ai_family not
 supported}}}

 I built torsocks with additional debug messages and found that the failure
 is due to a bug in torsocks. Ssh calls getpeername() to map the onion IP
 cookie address it was given by torsocks back to a hostname, and
 tsocks_getpeername() at getpeername.c:60 returns the sockaddr struct from
 the connection table expecting it to contain the onion IP cookie. But that
 struct is actually all 0's because when the connection entry for a .onion
 address is created in tsocks_connect() at connect.c:162, the address
 passed to connection_create is null instead of the onion IP cookie
 address.

 Here's a patch to pass the onion IP cookie address to connection_create()
 instead of null. With this patch, the ssh connection to a .onion host
 works.
 {{{
 --- src/lib/connect.c.orig
 +++ src/lib/connect.c
 @@ -156,10 +156,11 @@
         onion_pool_unlock(&tsocks_onion_pool);
         if (on_entry) {
                 /*
 -                * Create a connection without a destination address since
 we will set
 +                * Create a connection with the onion IP cookie since
 getpeername()
 +                * might need it, and set connection domain and hostname
 to use
                  * the onion address name found before.
                  */
 -               new_conn = connection_create(sockfd, NULL);
 +               new_conn = connection_create(sockfd, addr);
                 if (!new_conn) {
                         errno = ENOMEM;
                         goto error;
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23876>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list