Opened 12 months ago

Closed 6 months ago

#23876 closed defect (fixed)

Torsocks getpeername() is broken for .onion addresses

Reported by: Torsocks_user Owned by: dgoulet
Priority: Medium Milestone:
Component: Core Tor/Torsocks Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When I connect to a .onion host with ssh using torsocks, ssh connects to the host and completes authentication but then it aborts with this error:

get_sock_port: getnameinfo NI_NUMERICSERV failed: ai_family not supported

I built torsocks with additional debug messages and found that the failure is due to a bug in torsocks. Ssh calls getpeername() to map the onion IP cookie address it was given by torsocks back to a hostname, and tsocks_getpeername() at getpeername.c:60 returns the sockaddr struct from the connection table expecting it to contain the onion IP cookie. But that struct is actually all 0's because when the connection entry for a .onion address is created in tsocks_connect() at connect.c:162, the address passed to connection_create is null instead of the onion IP cookie address.

Here's a patch to pass the onion IP cookie address to connection_create() instead of null. With this patch, the ssh connection to a .onion host works.

--- src/lib/connect.c.orig
+++ src/lib/connect.c
@@ -156,10 +156,11 @@
        onion_pool_unlock(&tsocks_onion_pool);
        if (on_entry) {
                /*
-                * Create a connection without a destination address since we will set
+                * Create a connection with the onion IP cookie since getpeername()
+                * might need it, and set connection domain and hostname to use
                 * the onion address name found before.
                 */
-               new_conn = connection_create(sockfd, NULL);
+               new_conn = connection_create(sockfd, addr);
                if (!new_conn) {
                        errno = ENOMEM;
                        goto error;

Child Tickets

Change History (1)

comment:1 Changed 6 months ago by dgoulet

Resolution: fixed
Status: newclosed

Hmmm, I'm not having this problem with an onion address... :S

However, I agree with the fix that we should set the cookie value into the dest_addr since in getpeername() we fallback to IPv4 if the connection domain is a FQDN.

Fixed in 2fa559117c36e2e8. Thanks for this!!!

Note: See TracTickets for help on using tickets.