Opened 4 years ago

Last modified 2 years ago

#15961 new enhancement

tor fails to handle half-closed TCP connections: it should forward data back on sockets that were shutdown(SHUT_WR) by client

Reported by: yurivict271 Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: lorax, tor-relay, tor-client, tcp, halfopen
Cc: rl1987@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I hit this situation when TCP client sent some data into the socket, then called "shutdown(fd, SHUT_WR)". Tor immediately initiates EOF in return.

However, "shutdown(fd, SHUT_WR)" only shuts down (sends EOF) in one direction. Another direction remains open, and tor should still send EOF into the circuit, receive response from TCP server, and forward it to the client through this half-closed connection, until the TCP server initiates EOF.

The easiest way to reproduce this is to run this script through torsocks:

#!/bin/sh

echo "GET / HTTP/1.0
Connection: close

" | nc -N www.torproject.org 80

It returns no output. Remove "-N" and it will return an output. Run it without torsocks, and it will return output with and without "-N".

"-N" flag causes nc to call shutdown(SHUT_WR) once stdin had EOF.

So this script with -N option demonstrates how tor fails to handle half-closed TCP connections.
(older versions of nc had no -N flag, and always called shutdown(SHUT_WR))

The correct behavior here is to keep writing response into such socket until 'write' returns some error condition.

To be fair, squid/DeleGate/nginx proxies all suffer from the same problem. But I believe, TOR should be better than them, and do things the right way.

Child Tickets

Change History (9)

comment:1 Changed 4 years ago by yurivict271

I also tested this in tor-connected VM (connected with firewall rules to TransPort), and got the same result (somebody might think that torsocks can be causing this).

Last edited 4 years ago by yurivict271 (previous) (diff)

comment:2 Changed 4 years ago by nickm

Component: - Select a componentTor

comment:3 Changed 4 years ago by nickm

Keywords: lorax tor-relay tor-client added
Milestone: Tor: 0.2.???

Worth fixing; possibly interesting project for a volunteer.

comment:4 Changed 4 years ago by nickm

Type: defectenhancement

comment:5 Changed 4 years ago by rl1987

Cc: rl1987@… added

comment:6 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:7 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:8 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:9 Changed 2 years ago by nickm

Keywords: tcp halfopen added
Severity: Normal
Note: See TracTickets for help on using tickets.