[Pkg-privacy-commits] [torsocks] 14/17: Remove TODO as we use the bugtracker for those
Intrigeri
intrigeri at moszumanska.debian.org
Wed Oct 19 20:59:18 UTC 2016
This is an automated email from the git hooks/post-receive script.
intrigeri pushed a commit to branch bugfix/typo-subsytem
in repository torsocks.
commit b92860d5979de1902707b638933d315e3313848f
Author: David Goulet <dgoulet at ev0ke.net>
Date: Tue Oct 18 12:25:58 2016 -0400
Remove TODO as we use the bugtracker for those
Signed-off-by: David Goulet <dgoulet at ev0ke.net>
---
TODO | 94 --------------------------------------------------------------------
1 file changed, 94 deletions(-)
diff --git a/TODO b/TODO
deleted file mode 100644
index ab593f4..0000000
--- a/TODO
+++ /dev/null
@@ -1,94 +0,0 @@
-Version 2.0
------------
-* Support res_* API
-* Check recvmmsg() FD passing on Unix socket and for TCP socket, clean exit
-* Support the complete list of dangerous syscall numbers with syscall()
-* Clean configure.ac - DONE
-* Create new updated torsocks shell script - DONE
-* Rename torsocks to something more meaningful
-* Add tests and a bunch load of them!
-
-Version 1.0
------------
-
-- is_local is fishy. investigate.
-- Resolve race condition where hooks are called before dlsym'd. - DONE
-- Need to ensure even locally destined dns requests are caught and handled
- appropriately.
- Do we need to detect TCP dns requests in connect() to ensure
- they are rejected/re-routed?
- Where do such requests come from? res_*?
- How can we re-route them to Tor? DNSPort?
-- kill ICMP as well.
-
-Version 1.1
------------
-* What about the isc library calls like res_init and so on? How widely are
- they use? Does this present a more elegant way to implement this stuff?
-
-* It should be possible to make this thread-safe with --enable-threads.
-
-* Add stdout and stderr messages that enable a parent program (such as TorK)
- to monitor torsocks for errors.
-
-* Merge dsocks so we support BSD (http://monkey.org/~dugsong/dsocks/)
-
---------------------------------------------------------------------------
-
-DONE:
-
-* In fact, one could modify tsocks further to play nicely with tor. For
- example, you could prevent nonlocal UDP traffic from being sent at all,
- and so on. - DONE
-
- - Addressed in connect(), sendto() and sendmsg().
- - Don't need to handle send(), since that is handled in connect().
-
-
-------------------------------------------------------------------------
-Original TODO:
-
-- Update FAQ to include information about the install location of the
- tsocks library
-
-- Install the saveme and validateconf binaries, presumably with new names
-
-
-TODO
-----
-
-* Think about how local names get resolved. Is it important? For example,
- if I 'telnet localhost' which using tordns, what should happen? Should
- we search through /etc/hosts ourselves or what?
-
-* What about the isc library calls like res_init and so on? How widely are
- they use? Does this present a more elegant way to implement this stuff?
-
-* Perhaps intercept res_query etc and try to do something appropriate.
-
-* It should be possible to make this thread-safe with --enable-threads.
-
-* validateconf needs to be updated to understand (and show information about)
- the tordns configuration options.
-
-* Perhaps intercept reverse name lookups? - DONE - getaddrbyhost (RH)
-
-* In fact, one could modify tsocks further to play nicely with tor. For
- example, you could prevent nonlocal UDP traffic from being sent at all,
- and so on.
-
-The 'tordns' feature for tsocks only works with applications using the
-standard c library name lookup mechanisms.
-
-Some programs roll their own name lookup functions, for example, 'curl'
-uses the 'adns' library, not the standard c library name lookup calls.
-In this case, you'll still be leaking DNS requests.
-
-However, it seems that most programs which go to the trouble of implementing
-asynchronous DNS requests or doing other tricky things have native SOCKS or
-HTTP proxy support.
-
-Requests for reverse name lookups are not intercepted.
-
-Finally, the tsocks library is NOT thread-safe, with or without this patch.
-You should not 'torify' multithreaded applications.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torsocks.git
More information about the Pkg-privacy-commits
mailing list