[Pkg-privacy-commits] [onioncat] 107/241: man page updated support of random local addresses added (option -R)

Intrigeri intrigeri at moszumanska.debian.org
Wed Aug 26 16:16:43 UTC 2015


This is an automated email from the git hooks/post-receive script.

intrigeri pushed a commit to branch upstream-master
in repository onioncat.

commit 0b50107bc30e7ee108a1608611f4713963041d18
Author: eagle <eagle at 58e1ccc2-750e-0410-8d0d-f93ca75ab447>
Date:   Sun Jan 4 15:47:12 2009 +0000

    man page updated
    support of random local addresses added (option -R)
    
    
    git-svn-id: https://www.cypherpunk.at/svn/onioncat/trunk@416 58e1ccc2-750e-0410-8d0d-f93ca75ab447
---
 ChangeLog        |  2 ++
 man/ocat.1       | 54 +++++++++++++++++++++++++++++++++++++-----------------
 src/ocat.c       | 19 +++++++++++++++----
 src/ocat.h       |  2 ++
 src/ocatsetup.c  | 11 ++++++++++-
 src/ocatv6conv.c | 16 ++++++++++++++++
 6 files changed, 82 insertions(+), 22 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c6370bb..3d87026 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,6 @@
 * version 
+ - man page updated
+ - Local onion-URL may be generated randomly (option -R)
  - SOCKS destination IP configurable (v4 only)
  - disabled self connections to root nodes
  - fatal memory error in SOCKS queue fixed
diff --git a/man/ocat.1 b/man/ocat.1
index a84dbf2..09a8e67 100644
--- a/man/ocat.1
+++ b/man/ocat.1
@@ -27,6 +27,9 @@ ocat \- OnionCat creates a transparent IPv6 layer on top of TOR's hidden service
 .B ocat
 [\fIOPTION\fP] \fIonion_id                (3rd form)\fP
 .br
+.B ocat
+-R [\fIOPTION\fP]\fI                      (4th form)\fP
+.br
 .SH DESCRIPTION
 OnionCat creates a transparent IPv6 layer on top of TOR's hidden services. It
 transmits any kind of IP-based data transparently through the TOR network on a
@@ -38,10 +41,12 @@ between TOR and the local OS. Any protocol which is based on IP can be
 transmitted. Of course, UDP and TCP (and probably ICMP) are the most important
 ones but all other protocols can also be forwarded through it.
 
-OnionCat opens a TUN device and assigns an IPv6 address to it. All packets forwarded to the TUN device by the
-kernel are forwarded by OnionCat to other OnionCats listening on TOR's hidden service ports.
-The IPv6 address depends on the \fIonion_id\fP of the locally configured hidden service (see \fBtor(8)\fP).
-Depending on the configuration of TOR the \fIonion_id\fP usually can be found at \fI/var/lib/tor/hidden_service/hostname\fP or similar location.
+OnionCat opens a TUN device and assigns an IPv6 address to it. All packets
+forwarded to the TUN device by the kernel are forwarded by OnionCat to other
+OnionCats listening on TOR's hidden service ports.  The IPv6 address depends on
+the \fIonion_id\fP of the locally configured hidden service (see \fBtor(8)\fP).
+Depending on the configuration of TOR the \fIonion_id\fP usually can be found
+at \fI/var/lib/tor/hidden_service/hostname\fP or similar location.
 
 .SS OPTIONS
 .TP
@@ -50,20 +55,22 @@ Enable IPv4 forwarding.
 .TP
 \fB\-a\fP
 OnionCat creates a log file at $HOME/.ocat/connect_log. All incomming connects are
-log to that file. $HOME is determined from the user under which OnionCat runs (see option -u).
+log to that file. $HOME is determined from the user under which OnionCat runs
+(see option -u).
 .TP
 \fB\-b\fP
 Run OnionCat in background.
 .TP
 \fB\-C\fP
-Disable the local controller interface. The controller interfaces listens on localhost (127.0.0.1 and ::1 port 8066)
-for incomming connections. It's currently used for debugging purpose and not thread-safe and does not
-have any kind of authentication or authorization mechanism. Hence,
-it should not be used in production environments.
+Disable the local controller interface. The controller interfaces listens on
+localhost (127.0.0.1 and ::1 port 8066) for incomming connections. It's
+currently used for debugging purpose and not thread-safe and does not have any
+kind of authentication or authorization mechanism. Hence, it should not be used
+in production environments.
 .TP
 \fB\-d\fP \fIn\fP
-Set debug level to \fIn\fP. Default = 7 which is maximum. Debug output will only be created if OnionCat was
-compiled with option DEBUG.
+Set debug level to \fIn\fP. Default = 7 which is maximum. Debug output will
+only be created if OnionCat was compiled with option DEBUG.
 .TP
 \fB\-f\fP \fIconfig file\fP
 Read initial configuration from \fIconfig file\fP. 
@@ -84,7 +91,8 @@ Log output to \fIlog_file\fP instead of stderr.
 Convert \fIIPv6 address\fP to \fIonion_id\fP and exit program.
 .TP
 \fB\-p\fP
-Use TAP device instead of TUN device. There are a view differences. See \fBTAP DEVICE\fP later.
+Use TAP device instead of TUN device. There are a view differences. See \fBTAP
+DEVICE\fP later.
 .TP
 \fB\-P\fP \fIpid file\fP
 Create \fIpid file\fP instead of \fB/var/run/ocat.pid\fP.
@@ -92,11 +100,22 @@ Create \fIpid file\fP instead of \fB/var/run/ocat.pid\fP.
 \fB\-r\fP
 Run OnionCat as root and don't change user id (see option \fB\-u\fP).
 .TP
+\fB\-R\fP
+Generate a random local onion_id. With this option it is not necessary to add a
+hidden service to the Tor configuration file \fBtorrc\fP.  With this option set
+one might use OnionCat services within Tor as usualy but it is NOT possible to
+receive incoming connections. If you plan to also receive connections (e.g.
+because you provide a service or you use software which opens sockets for
+incomming connections like Bitorrent) you MUST configure a hidden service and
+supply its hostname to OnionCat on the command line.
+.TP
 \fB\-s\fP \fIport\fP
 Set OnionCat's virtual hidden service port to \fIport\fP.
 .TP
-\fB\-t\fP \fIport\fP
-Set TOR SOCKS \fIport\fP. 
+\fB\-t\fP \fI(IP|[IP:]port)\fP
+Set TOR SOCKS \fIIP\fP and/or \fIport\fP. If no \fIIP\fP is specified 127.0.0.1
+will be used, if no \fIport\fP is specified 9050 will be used as defaults. IPv6
+addresses must be escaped by square brackets.
 .TP
 \fB\-T\fP \fItun_dev\fP
 TUN device file to open for creation of TUN interface, defaults to
@@ -108,7 +127,8 @@ changes userid after the TUN device is set up correctly.
 after tun device setup.
 
 .SS TAP DEVICE
-Usually OnionCat opens a TUN device which is a layer 3 interface. With option \fB\-p\fP OnionCat opens a TAP device instead which is a virtual ethernet
+Usually OnionCat opens a TUN device which is a layer 3 interface. With option
+\fB\-p\fP OnionCat opens a TAP device instead which is a virtual ethernet
 (layer 2) interface.
 
 .SH NOTES
@@ -118,8 +138,8 @@ This man page is still not finished...
 $HOME/.ocat/connect_log
 
 .SH AUTHOR
-Written by Bernhard R. Fischer.
-Conecption by Bernhard R. Fischer and Daniel Haslinger.
+Software and man page written by Bernhard R. Fischer.
+Concept by Bernhard R. Fischer and Daniel Haslinger.
 
 .SH "SEE ALSO"
 OnionCat project page http://www.abenteuerland.at/onioncat/
diff --git a/src/ocat.c b/src/ocat.c
index 8ceab63..c2aa07d 100644
--- a/src/ocat.c
+++ b/src/ocat.c
@@ -37,6 +37,7 @@ void usage(const char *s)
          "   -p                    use TAP device instead of TUN\n"
          "   -P <pid_file>         create pid file at location of <pid_file> (default = %s)\n"
          "   -r                    run as root, i.e. do not change uid/gid\n"
+         "   -R                    generate a random local onion URL\n"
          "   -s <port>             set hidden service virtual port, default = %d\n"
          "   -t [<ip>:]<port>      set Tor SOCKS address and port, default = 127.0.0.1:%d\n"
 #ifndef WITHOUT_TUN
@@ -48,7 +49,7 @@ void usage(const char *s)
          // option defaults start here
          OCAT_DIR, OCAT_CONNECT_LOG, CNF(create_clog), CNF(debug_level), OCAT_LISTEN_PORT,
          CNF(pid_file),
-         CNF(ocat_dest_port), CNF(socks_dst)->sin_port, 
+         CNF(ocat_dest_port), ntohs(CNF(socks_dst)->sin_port), 
 #ifndef WITHOUT_TUN
          TUN_DEV,
 #endif
@@ -130,7 +131,7 @@ int main(int argc, char *argv[])
    if (argc < 2)
       usage(argv[0]), exit(1);
 
-   while ((c = getopt(argc, argv, "abCd:f:hriopl:t:T:s:u:4L:P:")) != -1)
+   while ((c = getopt(argc, argv, "abCd:f:hrRiopl:t:T:s:u:4L:P:")) != -1)
       switch (c)
       {
          case 'a':
@@ -185,6 +186,10 @@ int main(int argc, char *argv[])
             CNF(usrname) = "root";
             break;
 
+         case 'R':
+            CNF(rand_addr) = 1;
+            break;
+
          case 's':
             CNF(ocat_dest_port) = atoi(optarg);
             break;
@@ -214,7 +219,7 @@ int main(int argc, char *argv[])
             exit(1);
       }
 
-   if (!argv[optind])
+   if (!CNF(rand_addr) && !argv[optind])
       usage(argv[0]), exit(1);
 
    // init main thread
@@ -233,8 +238,14 @@ int main(int argc, char *argv[])
       exit(0);
    }
 
+   // copy onion-URL from command line
+   if (!CNF(rand_addr))
+      strncpy(CNF(onion_url), argv[optind], ONION_NAME_SIZE);
+   // ...or generate a random one
+   else
+      rand_onion(CNF(onion_url));
+
    // convert parameter to IPv6 address
-   strncpy(CNF(onion_url), argv[optind], ONION_NAME_SIZE);
    if ((s = strchr(CNF(onion_url), '.')))
          *s = '\0';
    if (strlen(CNF(onion_url)) != 16)
diff --git a/src/ocat.h b/src/ocat.h
index 6c04d50..6b2289a 100644
--- a/src/ocat.h
+++ b/src/ocat.h
@@ -259,6 +259,7 @@ struct OcatSetup
    };
    //! local listening socket address for incoming connections
    struct sockaddr **oc_listen;
+   int rand_addr;
 };
 
 #ifdef PACKET_QUEUE
@@ -450,6 +451,7 @@ char *ipv6tonion(const struct in6_addr *, char *);
 int oniontipv6(const char *, struct in6_addr *);
 int oniontipv4(const char *, struct in_addr *, int);
 int has_tor_prefix(const struct in6_addr *);
+void rand_onion(char *);
 /*
 #define IN6_HAS_TOR_PREFIX(a) ((((__const uint32_t *) (a))[0] == ((__const uint32_t*)(TOR_PREFIX))[0]) \
       && (((__const uint16_t*)(a))[2] == ((__const uint16_t*)(TOR_PREFIX))[2]))
diff --git a/src/ocatsetup.c b/src/ocatsetup.c
index fd90ee6..c0cb6b5 100644
--- a/src/ocatsetup.c
+++ b/src/ocatsetup.c
@@ -60,12 +60,21 @@ struct OcatSetup setup_ =
    0,
    "/dev/urandom",
    {(struct sockaddr_in*) &socks_dst6_},
-   oc_listen_a_
+   oc_listen_a_,
+   //! rand_addr
+   0
 };
 
 
 void init_setup(void)
 {
+   struct timeval tv;
+
+   // seeding PRNG rand()
+   if (gettimeofday(&tv, NULL) == -1)
+      log_msg(LOG_WARNING, "could gettimeofday(): \"%s\"", strerror(errno));
+   srand(tv.tv_sec ^ tv.tv_usec);
+
    setup_.logf = stderr;
    setup_.uptime = time(NULL);
 
diff --git a/src/ocatv6conv.c b/src/ocatv6conv.c
index 62b6fbb..2b37410 100644
--- a/src/ocatv6conv.c
+++ b/src/ocatv6conv.c
@@ -119,3 +119,19 @@ char *ipv6tonion(const struct in6_addr *ip6, char *onion)
    return r;
 }
 
+
+/*! Generate a random onion-URL.
+ *  @paran onion must be of at least ONION_URL_LEN + 1 (=17).
+ */
+void rand_onion(char *onion)
+{
+   int i;
+
+   if (RAND_MAX < 32)
+      log_msg(LOG_WARNING, "weak randomness: RAND_MAX = %d < 32", RAND_MAX);
+
+   for (i = 0; i < ONION_URL_LEN; i++, onion++)
+      *onion = BASE32[rand() & 0x1f];
+   *onion = '\0';
+}
+

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/onioncat.git



More information about the Pkg-privacy-commits mailing list