Opened 4 years ago

Closed 3 years ago

#16183 closed defect (wontfix)

torsocks upgrade broke OpenSSH connection sharing

Reported by: zeuner Owned by: dgoulet
Priority: Medium Milestone:
Component: Core Tor/Torsocks Version:
Severity: Normal Keywords: ssh
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

After upgrading torsocks, I found that OpenSSH connection sharing did not work correctly anymore. It turned out that the master process (when running using torsocks) keeps file descriptors open which it received from the slave processes.

It turned out that the fd passing check introduced in commit eecc1152a9c8645 is responsible for the issue.

Child Tickets

Change History (3)

comment:1 Changed 4 years ago by dgoulet

Keywords: recvmsg removed

Interesting!

This is a very difficult one to fix, iirc the kernel will dup() the fd passed on the socket only when the recvmsg() is called. So, even if we track the sendmsg() in the master process, we can't correlate it with the recvmsg() since the fd value will be different.

I'm unsure how to fix this, maybe there is a way to inject a cookie in the ancillary data? Feedback welcome.

comment:2 Changed 3 years ago by dgoulet

Severity: Normal
Status: newaccepted

I've created #19407 for support of FD passing.

comment:3 Changed 3 years ago by dgoulet

Resolution: wontfix
Status: acceptedclosed

Closing this in favor of #19407.

Note: See TracTickets for help on using tickets.