[Pkg-privacy-commits] [Git][pkg-privacy-team/torsocks][master] 63 commits: Add getdents / getdents64 support re ticket 28861
Hefee (@hefee)
hefee at debian.org
Thu Apr 3 23:39:51 BST 2025
Hefee pushed to branch master at Privacy Maintainers / torsocks
Commits:
4c00ec87 by Alejandro Alvarado at 2019-01-22T17:55:00-06:00
Add getdents / getdents64 support re ticket 28861
- - - - -
fb7db9ec by anonhelper at 2020-10-27T09:54:35-04:00
Fixed out-of-bounds write in onion pool.
- - - - -
d4b0a84b by Ola Bini at 2020-10-27T09:58:16-04:00
Fixes an issue when calling recvmsg on a domain socket non-blocking
Since the original flags are not taken into account when peeking, the peek
recvmsg call will hang forever in certain circumstances, including in all QT
applications running Wayland. This fix simply adds the original flags, so that
the peeking recvmsg call might be nonblocking, if the original call was
nonblocking.
Closes #40001
- - - - -
b2c1132d by Jim Newsome at 2021-02-05T13:52:35-06:00
Pass through non-blacklisted syscalls
- - - - -
800eb9eb by Jim Newsome at 2021-02-08T14:38:52-06:00
Add debug-log for opaque syscall passthrough
- - - - -
67cee6c7 by Jim Newsome at 2021-02-22T13:35:07-06:00
Merge branch 'default-allow-syscalls'
Merges tpo/core/torsocks!2
- - - - -
ca2ba371 by Dimitris Apostolou at 2021-11-12T15:57:36+02:00
Fix typos
- - - - -
f9721f38 by David Goulet at 2022-02-14T19:20:51+00:00
Merge branch 'typos' into 'main'
Fix typos
See merge request tpo/core/torsocks!3
- - - - -
4af2077b by Jim Newsome at 2022-05-24T09:00:58-05:00
Delegate to libc fclose when fileno fails
The native fclose can succeed in spite of not having a valid fd
associated with it.
https://gitlab.torproject.org/tpo/core/torsocks/-/issues/40002#note_2803789
- - - - -
dc5f4dce by Jim Newsome at 2022-05-24T14:12:27+00:00
Merge branch 'fclose-delegate' into 'main'
Delegate to libc fclose in error cases
See merge request tpo/core/torsocks!4
- - - - -
90c6d29c by Jim Newsome at 2022-05-24T14:54:48-05:00
Disable ipv6 socket creation by default
IPv6 support is incomplete. Some programs (e.g. signal-cli) fail with
the current IPv6 support, but gracefully fall back to IPv4 if we refuse
to create an IPv6 socket in the first place.
Fixes https://gitlab.torproject.org/tpo/core/torsocks/-/issues/40009
- - - - -
9f0dca63 by David Goulet at 2022-05-25T13:49:17+00:00
Merge branch 'disable-ipv6' into 'main'
Disable ipv6 socket creation by default
Closes #40009
See merge request tpo/core/torsocks!5
- - - - -
615048cc by Jim Newsome at 2022-05-25T09:14:45-05:00
Changelog for 2.4.0
- - - - -
afe9dea5 by Jim Newsome at 2022-05-25T14:36:05+00:00
Merge branch 'changelog-2.4' into 'main'
Changelog for 2.4.0
See merge request tpo/core/torsocks!6
- - - - -
c702e4fc by Jim Newsome at 2022-06-02T12:24:05-05:00
getaddrinfo: use default hints when none supplied
Previously we fell back to libc's getaddrinfo when hints is NULL, under
the mistaken assumption that the default address family AF_UNSPEC would
guarantee it wouldn't look up any address. It's actually the opposite -
it means v4 and v6 are both acceptable.
On my machine the previous behavior the native call to getaddrinfo makes
an interceptible call to `socket` to create a UDP socket which we block,
preventing a leak, but it's possible with other libc's this could have
caused a leak.
With this change such calls can still potentially succeed and return
addresses, resolved via tor.
- - - - -
f8b36685 by Jim Newsome at 2022-06-02T13:23:17-05:00
Never request v4-mapped addresses
Tor doesn't support connecting to them, so don't ask for them.
https://gitlab.torproject.org/tpo/core/tor/-/issues/40611
- - - - -
7e1514cd by Jim Newsome at 2022-06-02T13:27:04-05:00
Set AI_NUMERICHOST when delegating to libc gethostbyname
This is an extra safeguard to ensure it will never try to do a network
lookup.
- - - - -
1bbce97e by Jim Newsome at 2022-06-02T18:38:00+00:00
Merge branch 'hintless' into 'main'
In getaddrinfo:
* use default hints when none supplied
* never request v4-mapped addresses
* never let libc's getaddrinfo do network lookups
See merge request tpo/core/torsocks!7
- - - - -
47cf8b2c by Jim Newsome at 2022-08-07T15:46:32-05:00
configure.ac: update version to 2.4.0
- - - - -
305e42c6 by David Goulet at 2022-08-09T15:15:22+00:00
Merge branch 'releases' into 'main'
configure.ac: update version to 2.4.0
See merge request tpo/core/torsocks!8
- - - - -
6aa2c0a6 by Clément Hermann at 2023-02-10T21:31:00+01:00
New upstream version 2.4.0
- - - - -
1171bf2f by Florian Weimer at 2023-09-20T15:28:32+02:00
fix compatibility with C99
- - - - -
969d782a by Alexander Færøy at 2023-09-20T19:13:58+00:00
Merge branch 'fix-c99' into 'main'
fix compatibility with C99
Closes #40014
See merge request tpo/core/torsocks!9
- - - - -
ef544f2a by adrianTNT at 2024-09-11T17:14:56+00:00
Update torsocks.8, added clarification that hostnames are not supported, just IP address, when user tries to specify a hostname, it fails with additional ramifications. "not suported here" instead of "not supported" because from my tests, on the torrc config (oposite / listening side) that address seems to support host names (SOCKSPort my.tor.proxy:9050)
- - - - -
808d20be by adrianTNT at 2024-09-11T17:22:52+00:00
Update torsocks.in "hostnames not suported here" instead of "hostnames not supported" because from my tests, on the torrc config (oposite / listening side) that address seems to support host names (SOCKSPort my.tor.proxy:9050)
- - - - -
ca276c4a by Jim Newsome at 2024-09-11T18:43:43+00:00
Merge branch 'adrianTNT-main-patch-15435' into 'main'
Update torsocks.8, added clarification that hostnames are not supported, just...
See merge request tpo/core/torsocks!11
- - - - -
369b1569 by Jim Newsome at 2024-09-11T18:43:51+00:00
Merge branch 'adrianTNT-main-patch-99872' into 'main'
Update torsocks.in "hostnames not suported here" instead of "hostnames not...
See merge request tpo/core/torsocks!12
- - - - -
d5ca788b by Jim Newsome at 2024-09-13T13:12:59-05:00
conf_file_set_tor_address: return error on unrecognized addr type
Fixes #40025
- - - - -
efff14ab by Jim Newsome at 2024-09-13T13:16:48-05:00
conf_file_set_tor_address: refactor for readability
- - - - -
0e7f9218 by Jim Newsome at 2024-09-13T16:04:40-05:00
Pull in and use strlcpy and strlcat
I was getting some compiler warnings about incorrect bounds checks for
strncpy. If I understand correctly this could have led to creating some
unterminated strings (e.g. for socks username and password).
This cargo-cults a bit what it appears is done in tor - ensure strlcpy
and strlcat are available and use those instead.
- - - - -
18326a94 by Jim Newsome at 2024-09-13T16:12:52-05:00
Replace remaining usage of strncpy with strlcpy
I think this is a pure refactor, but simplifies the code a little bit,
and allows us not to require presence of strlcpy at all.
- - - - -
08b409f2 by David Goulet at 2024-09-16T12:54:20+00:00
Merge branch 'strlcpy' into 'main'
Pull in and use strlcpy and strlcat
See merge request tpo/core/torsocks!14
- - - - -
3d6c8593 by David Goulet at 2024-09-16T12:54:55+00:00
Merge branch 'main' into 'main'
conf_file_set_tor_address: return error on unrecognized addr type
Closes #40025
See merge request tpo/core/torsocks!13
- - - - -
fb3ffb2d by Jim Newsome at 2024-09-23T11:46:29-05:00
test-config-file: Update tests to expect error on bad addresses
- - - - -
6f4fcdef by Jim Newsome at 2024-09-23T12:08:18-05:00
fixtures: fix creation of fixture path
Fixes a bug introduced in 0e7f921843fcea65d75c915ef49aaf6758a6f413
- - - - -
3d43aa23 by David Goulet at 2024-09-23T18:15:25+00:00
Merge branch 'fix-conf-test' into 'main'
Fix tests
Closes #40026
See merge request tpo/core/torsocks!16
- - - - -
4be15c6d by Jim Newsome at 2024-09-23T14:03:44-05:00
Add basic gitlab CI
This copies some useful boilerplate from tor's gitlab CI,
and reproduces what we had in .travis.yml, with the additions of
* also running make check
* also building and checking on i386
- - - - -
37b6e5b2 by David Goulet at 2024-09-23T19:11:54+00:00
Merge branch 'ci' into 'main'
Add basic gitlab CI
See merge request tpo/core/torsocks!15
- - - - -
782db176 by Jim Newsome at 2025-03-11T18:29:06-05:00
torsocks/tests: return exit_status()
Most of these were actually failing, but returning exit code 0 anyway,
causing the failure to not surface in `make check`.
- - - - -
9063b768 by Daniel Winzen at 2025-03-11T18:34:04-05:00
Fix test cases - IPs seem to have changed
- - - - -
c7c1e673 by Jim Newsome at 2025-03-11T22:19:06-05:00
test_fd_passing: handle reordered UDP messages
This test was sometimes failing because the messages containing data and
containing fds would sometimes get reordered.
Synchronize with the sender so that the 2nd message isn't sent until the
first message is received.
- - - - -
f4c25680 by Jim Newsome at 2025-03-11T22:40:16-05:00
test_fd_passing: update test ip+port to an available one
- - - - -
bb643724 by Jim Newsome at 2025-03-11T23:10:08-05:00
Tests: enable ipv6 support
Needed for test_socket to pass
- - - - -
df216f19 by Jim Newsome at 2025-03-11T23:12:49-05:00
unit tests: return exit_status()
This is needed for failures to actually result in the test program
failing and the failure getting surfaced in `make check`.
- - - - -
7aeabd94 by Jim Newsome at 2025-03-11T23:20:02-05:00
CI: save test logs
- - - - -
3c661144 by Jim Newsome at 2025-03-12T09:26:22-05:00
CI: use TPA-maintained image registry
- - - - -
0d1cf2a1 by Jim Newsome at 2025-03-12T09:36:45-05:00
test_connect: report failure details
- - - - -
26a4eb7e by Jim Newsome at 2025-03-12T10:37:20-05:00
test_connect: fix raw socket test
When running as non-root, we fail to create the socket in the first
place. This happened to cause the test to pass, since it resulted in
errno being set to `EBADF` when we tried to `connect` on it.
We now check whether creation of the socket succeeded, and if not we
skip this particular test.
When running as root (as in CI), the test would *sometimes* still pass,
because we were passing an uninitialized `sockaddr_sin`. If it didn't
happen to have one of the allowed address families then we would still
get `EBADF` as the test expected. If it just happened to have one of the
allowed families though, then we get `EPERM`.
We now initialize `sin` so that we're not depending on uninitialized
data, and particularly set the family to `AF_INET` to ensure we're
exercising the code path that rejects unsupported socket types, not the
earlier check that rejects unsupported address families.
With that fixed, the expected errno is `EPERM` instead of `EBADF`.
- - - - -
8006f0c3 by David Goulet at 2025-03-12T18:59:08+00:00
Merge branch 'fix-tests' into 'main'
Ensure `make check` fails if tests fail and fix tests
See merge request tpo/core/torsocks!19
- - - - -
b10d1587 by Jim Newsome at 2025-03-25T16:22:58-05:00
torsocks: Reword -a help to specify what we *do* accept
- - - - -
b218a2f8 by Jim Newsome at 2025-03-25T16:23:46-05:00
torsocks.1: Sync with command-line help options
* Update `-a` with more precise description.
* Add missing `-6`, `--ipv6` description.
- - - - -
a4fa8c80 by David Goulet at 2025-03-26T13:10:21+00:00
Merge branch 'update-docs' into 'main'
torsocks.1: Sync with command-line help options
See merge request tpo/core/torsocks!20
- - - - -
be4719ae by Jim Newsome at 2025-03-26T10:19:22-05:00
Update changelog for 2.5.0
- - - - -
4f3b97cd by Jim Newsome at 2025-03-26T10:19:22-05:00
configure.ac: bump version to 2.5.0
- - - - -
7868aab6 by David Goulet at 2025-03-26T17:58:36+00:00
Merge branch 'bump-2.5.0' into 'main'
Bump 2.5.0
See merge request tpo/core/torsocks!21
- - - - -
b7e7319b by Sandro Knauß at 2025-03-27T21:50:55+01:00
New upstream version 2.5.0
- - - - -
9d18c5ee by Sandro Knauß at 2025-03-27T21:50:55+01:00
Update upstream source from tag 'upstream/2.5.0'
Update to upstream version '2.5.0'
with Debian dir a2a043bb63dd3f753594028c730901fabb95e6b0
- - - - -
7aa83731 by Sandro Knauß at 2025-03-27T21:59:58+01:00
New upstream release.
- - - - -
1db2610a by Sandro Knauß at 2025-03-27T22:00:56+01:00
remove upstream applied patch.
- - - - -
933ad5e0 by Sandro Knauß at 2025-04-04T00:37:41+02:00
warn user if libtorsocks is not installed for all archs.
- - - - -
47992e1e by Sandro Knauß at 2025-04-04T00:38:39+02:00
Make dependecy of torsocks -> libtorsocks arch:all compatible.
- - - - -
7b009b60 by Sandro Knauß at 2025-04-04T00:38:57+02:00
update copyright file.
- - - - -
3e8baa7c by Sandro Knauß at 2025-04-04T00:39:22+02:00
create missing directory before adding file.
- - - - -
34 changed files:
- .gitignore
- + .gitlab-ci.yml
- ChangeLog
- configure.ac
- debian/changelog
- debian/control
- debian/copyright
- debian/patches/0004-Make-torsocks-multi-arch-foreign-compatible.patch → debian/patches/0003-Make-torsocks-multi-arch-foreign-compatible.patch
- − debian/patches/fix_compatibility_with_C99.patch
- debian/patches/series
- debian/rules
- doc/torsocks.1
- doc/torsocks.8
- src/bin/torsocks.in
- src/common/compat.c
- src/common/compat.h
- src/common/config-file.c
- src/common/config-file.h
- src/common/onion.c
- + src/ext/strlcat.c
- + src/ext/strlcpy.c
- src/lib/getaddrinfo.c
- src/lib/gethostbyname.c
- tests/Makefile.am
- tests/test_connect.c
- tests/test_dns.c
- tests/test_fd_passing.c
- tests/test_getpeername.c
- tests/test_socket.c
- tests/unit/test_compat.c
- tests/unit/test_config-file.c
- tests/unit/test_connection.c
- tests/unit/test_onion.c
- tests/utils/fixtures.h
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/torsocks/-/compare/0e0b7abeb85ffeb753eef46169d34f9ec116682c...3e8baa7cc68a3dbe60da1829e922acb4c718e360
--
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/torsocks/-/compare/0e0b7abeb85ffeb753eef46169d34f9ec116682c...3e8baa7cc68a3dbe60da1829e922acb4c718e360
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-commits/attachments/20250403/c63b3d25/attachment-0001.htm>
More information about the Pkg-privacy-commits
mailing list