[tor-commits] [torsocks/master] Add AllowOutboundLocalhost.
dgoulet at torproject.org
dgoulet at torproject.org
Mon Jan 19 17:23:49 UTC 2015
commit 7cfcd619d6fc293dfd05af42f30b2f39243ff736
Author: Yawning Angel <yawning at schwanenlied.me>
Date: Mon Jan 19 00:44:05 2015 +0000
Add AllowOutboundLocalhost.
This addresses the tails problem with #8137 in that, with the options
set, all connections to the loopback address is allowed. Since this is a
massive foot + gun option for the users, it's off by default.
Note that to correctly fix MAPADDRESS and all the things that the Whonix
people are complaining about would require bringing back the old tsocks
"local" configuration option.
Signed-off-by: Yawning Angel <yawning at schwanenlied.me>
Signed-off-by: David Goulet <dgoulet at ev0ke.net>
---
doc/torsocks.conf | 5 +++++
doc/torsocks.conf.5 | 6 ++++++
src/common/config-file.c | 36 ++++++++++++++++++++++++++++++++++++
src/common/config-file.h | 7 +++++++
src/lib/connect.c | 9 +++++++++
5 files changed, 63 insertions(+)
diff --git a/doc/torsocks.conf b/doc/torsocks.conf
index c1596c0..7e82a27 100644
--- a/doc/torsocks.conf
+++ b/doc/torsocks.conf
@@ -28,3 +28,8 @@ OnionAddrRange 127.42.42.0/24
# Set Torsocks to accept inbound connections. If set to 1, listen() and
# accept() will be allowed to be used with non localhost address. (Default: 0)
#AllowInbound 1
+
+# Set Torsocks to allow outbound connections to the loopback interface.
+# If set to 1, connect() will be allowed to be used to the loopback interface
+# bypassing Tor. This option should not be used by most users. (Default: 0)
+#AllowOutboundLocalhost 1
diff --git a/doc/torsocks.conf.5 b/doc/torsocks.conf.5
index 451af59..13ac7b9 100644
--- a/doc/torsocks.conf.5
+++ b/doc/torsocks.conf.5
@@ -77,6 +77,12 @@ Allow inbound connections meaning that listen() and accept()/accept4() will be
allowed for non localhost address so the applicaton can handle incoming
connection. Note that Unix socket are allowed. (Default: 0)
+.TP
+.I AllowOutboundLocalhost 0|1
+Allow outbound connections to the loopback interface meaning that connect()
+will be allowed to connect to localhost addresses bypassing Tor. This option
+should not be used by most users. (Default: 0)
+
.SH EXAMPLE
$ export TORSOCKS_CONF_FILE=$PWD/torsocks.conf
$ torsocks ssh account at sshserver.com
diff --git a/src/common/config-file.c b/src/common/config-file.c
index 79fe5ca..64b3d42 100644
--- a/src/common/config-file.c
+++ b/src/common/config-file.c
@@ -38,6 +38,7 @@ static const char *conf_onion_str = "OnionAddrRange";
static const char *conf_socks5_user_str = "SOCKS5Username";
static const char *conf_socks5_pass_str = "SOCKS5Password";
static const char *conf_allow_inbound_str = "AllowInbound";
+static const char *conf_allow_outbound_localhost_str = "AllowOutboundLocalhost";
/*
* Once this value reaches 2, it means both user and password for a SOCKS5
@@ -227,6 +228,11 @@ static int parse_config_line(const char *line, struct configuration *config)
if (ret < 0) {
goto error;
}
+ } else if (!strcmp(tokens[0], conf_allow_outbound_localhost_str)) {
+ ret = conf_file_set_allow_outbound_localhost(tokens[1], config);
+ if (ret < 0) {
+ goto error;
+ }
} else {
WARN("Config file contains unknown value: %s", line);
}
@@ -366,6 +372,36 @@ int conf_file_set_allow_inbound(const char *val, struct configuration *config)
}
/*
+ * Set the allow outbound localhost option for the given config.
+ *
+ * Return 0 if option is off, 1 if on and negative value on error.
+ */
+ATTR_HIDDEN
+int conf_file_set_allow_outbound_localhost(const char *val,
+ struct configuration *config)
+{
+ int ret;
+
+ assert(val);
+ assert(config);
+
+ ret = atoi(val);
+ if (ret == 0) {
+ config->allow_outbound_localhost = 0;
+ DBG("[config] Outbound localhost connections disallowed.");
+ } else if (ret == 1) {
+ config->allow_outbound_localhost = 1;
+ DBG("[config] Outbound localhost connections allowed.");
+ } else {
+ ERR("[config] Invalid %s value for %s", val,
+ conf_allow_outbound_localhost_str);
+ ret = -EINVAL;
+ }
+
+ return ret;
+}
+
+/*
* Read and populate the given config parsed data structure.
*
* Return 0 on success or else a negative value.
diff --git a/src/common/config-file.h b/src/common/config-file.h
index c35507d..da3d507 100644
--- a/src/common/config-file.h
+++ b/src/common/config-file.h
@@ -78,6 +78,11 @@ struct configuration {
* for non localhost addresses.
*/
unsigned int allow_inbound:1;
+
+ /*
+ * Allow outbound connections to localhost that bypass Tor.
+ */
+ unsigned int allow_outbound_localhost:1;
};
int config_file_read(const char *filename, struct configuration *config);
@@ -87,5 +92,7 @@ int conf_file_set_socks5_pass(const char *password,
int conf_file_set_socks5_user(const char *username,
struct configuration *config);
int conf_file_set_allow_inbound(const char *val, struct configuration *config);
+int conf_file_set_allow_outbound_localhost(const char *val, struct
+ configuration *config);
#endif /* CONFIG_FILE_H */
diff --git a/src/lib/connect.c b/src/lib/connect.c
index 5e56e4e..1bf81ac 100644
--- a/src/lib/connect.c
+++ b/src/lib/connect.c
@@ -172,6 +172,15 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG)
* thus this check is done after the onion entry lookup.
*/
if (utils_sockaddr_is_localhost(addr)) {
+ /*
+ * Certain setups need to be able to reach localhost, despite
+ * running torsocks. If they enabled the config option, allow such
+ * connections.
+ */
+ if (tsocks_config.allow_outbound_localhost) {
+ goto libc_connect;
+ }
+
WARN("[connect] Connection to a local address are denied since it "
"might be a TCP DNS query to a local DNS server. "
"Rejecting it for safety reasons.");
More information about the tor-commits
mailing list