openprivacy
/
connectivity
3
0
Fork 2
Code Issues 1 Pull Requests 1 Releases 35 Wiki Activity

Support listening on UDS provided by Tor #23

New Issue
Open
opened 2021-08-17 17:50:21 +00:00 by dingrite · 0 comments
dingrite commented 2021-08-17 17:50:21 +00:00
Copy Link

For applications such as cwtch this module needlessly listens on and potentially exposes a local tcp port.

Tor supports mapping an .onion:port to a unix domain socket:
https://2019.www.torproject.org/docs/tor-manual.html.en

HiddenServicePort VIRTPORT [TARGET]
Configure a virtual port VIRTPORT for a hidden service. You may use this option multiple times; each time applies to the service using the most recent HiddenServiceDir. By default, this option maps the virtual port to the same port on 127.0.0.1 over TCP. You may override the target port, address, or both by specifying a target of addr, port, addr:port, or unix:path. (You can specify an IPv6 target as [addr]:port. Unix paths may be quoted, and may use standard C escapes.) You may also have multiple lines with the same VIRTPORT: when a user connects to that VIRTPORT, one of the TARGETs from those lines will be chosen at random. Note that address-port pairs have to be comma-separated.

eg:

HiddenServicePort 80 unix:/var/run/nginx.sock

For applications such as cwtch this module needlessly listens on and potentially exposes a local tcp port. Tor supports mapping an .onion:port to a unix domain socket: https://2019.www.torproject.org/docs/tor-manual.html.en HiddenServicePort VIRTPORT [TARGET] Configure a virtual port VIRTPORT for a hidden service. You may use this option multiple times; each time applies to the service using the most recent HiddenServiceDir. By default, this option maps the virtual port to the same port on 127.0.0.1 over TCP. You may override the target port, address, or both by specifying a target of addr, port, addr:port, **or unix:path**. (You can specify an IPv6 target as [addr]:port. Unix paths may be quoted, and may use standard C escapes.) You may also have multiple lines with the same VIRTPORT: when a user connects to that VIRTPORT, one of the TARGETs from those lines will be chosen at random. Note that address-port pairs have to be comma-separated. eg: HiddenServicePort 80 unix:/var/run/nginx.sock
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
whonix
tor-updates
tails
takeownpid
update_drone
circuitQueue
logging
updateDrone
verStatus
binefix
gets
versionCallback
regexp_static
regexp
goroutine-fixes
getinfo
custom_tor_config
validation
startLog
thread_safety
quality
fix-deadlock
restart
getVer
randDirLog
bine
trunk
notorrcerr
authenticator
locks2
networkStatus
v1.11.0
v1.10.1
v1.10.0
v1.9.0
v1.8.7
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.0
v1.6.0
v1.5.0
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.2
v1.2.1
v1.2.0
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.1
v1.0.0
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
security

   
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: openprivacy/connectivity#23
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?