On Mar 4, 2014 4:26 AM, "Lunar" <lu...@torproject.org> wrote: > > David Goulet: > > After a big code review from Nick and help from a lot of people > > contributing and testing, this is the release candidate 4 for the new > > torsocks. > > I was about to push the new version to Debian experimental, but it just > breaks my SSH configuration too badly. > > The new version forbids listen() and accept(). > > That means that at least SSH options ControlMaster, LocalForward, and > DynamicForward will not work. Being able to multiplex connections > (ControlMaster) is pretty crucial to keep sanity when working over > hidden services. Forwarding options allow a simple way to create to > tunnel TCP connections to a remote system through SSH over Tor. > > I am not sure what is the right move here. Perhaps allowing listen on > Unix sockets and localhost? Or maybe allowing listen() entirely?
Those sound like good candidates for options. I think that listen-local is probably safe*, but arbitrary listen is broken in enough use cases that it should IMO be off by default. *do we need to do anything about fds transferred over Unix sockets? Probably. Yrs, -- Nick
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev