Package: torsocks Version: 1.1+git20110826-1 Severity: important After upgrading to version 1.1+git20110826-1, any attempts to use torsocks to connect to a hidden service fails with error:
# torsocks ssh xxxxx.onion 15:11:16 libtorsocks(8037): SOCKS V4 connect rejected: 15:11:16 libtorsocks(8037): SOCKS server refused connection As a matter of fact, /var/log/tor/log has some explanations: Sep 20 15:11:16.156 [warn] Your application (using socks4 to port 22) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS. Sep 20 15:11:16.156 [warn] Rejecting SOCKS request for anonymous connection to private address [scrubbed] It seems that there have been a lot of code refactoring done by upstream lately that has broken the hidden service part of torsocks, in particular the resolving part for onion names. Using the debug mode give some more informations: # TORSOCKS_DEBUG=3 torsocks ssh xxx.onion [SNIP] 15:19:49 libtorsocks(8250): address: 127.0.0.0 is local 15:19:49 libtorsocks(8250): Beginning handle loop for socket 3 15:19:49 libtorsocks(8250): In request handle loop for socket 3, current state of request is 0 15:19:49 libtorsocks(8250): Connecting to 127.0.0.1 port 9050 15:19:49 libtorsocks(8250): Connect returned 0, errno is 107 15:19:49 libtorsocks(8250): Socket 3 connected to SOCKS server 15:19:49 libtorsocks(8250): In request handle loop for socket 3, current state of request is 2 15:19:49 libtorsocks(8250): In request handle loop for socket 3, current state of request is 3 15:19:49 libtorsocks(8250): Writing to server (sending 17 bytes) 15:19:49 libtorsocks(8250): Sent 17 bytes of 17 bytes in buffer, return code is 0 15:19:49 libtorsocks(8250): In request handle loop for socket 3, current state of request is 5 15:19:49 libtorsocks(8250): Receiving reply to SOCKS V4 connect request 15:19:49 libtorsocks(8250): In request handle loop for socket 3, current state of request is 4 15:19:49 libtorsocks(8250): Reading from server (expecting 8 bytes) 15:19:49 libtorsocks(8250): Received 8 bytes of 8 bytes expected, return code is 0 15:19:49 libtorsocks(8250): In request handle loop for socket 3, current state of request is 6 15:19:49 libtorsocks(8250): SOCKS V4 connect rejected: 15:19:49 libtorsocks(8250): SOCKS server refused connection while with the previous version of torsocks, everything went fine: [SNIP] 15:23:17 libtorsocks(8976): address: 127.0.0.0 is local 15:23:17 libtorsocks(8976): Beginning handle loop for socket 3 15:23:17 libtorsocks(8976): In request handle loop for socket 3, current state of request is 0 15:23:17 libtorsocks(8976): Connecting to 127.0.0.1 port 9050 15:23:17 libtorsocks(8976): Connect returned 0, errno is 107 15:23:17 libtorsocks(8976): Socket 3 connected to SOCKS server 15:23:17 libtorsocks(8976): In request handle loop for socket 3, current state of request is 2 15:23:17 libtorsocks(8976): get_pool_entry: searching for: 127.0.69.0 15:23:17 libtorsocks(8976): get_pool_entry: found: xxx.onion 15:23:17 libtorsocks(8976): In request handle loop for socket 3, current state of request is 3 15:23:17 libtorsocks(8976): Writing to server (sending 40 bytes) 15:23:17 libtorsocks(8976): Sent 40 bytes of 40 bytes in buffer, return code is 0 15:23:17 libtorsocks(8976): In request handle loop for socket 3, current state of request is 5 15:23:17 libtorsocks(8976): Receiving reply to SOCKS V4 connect request 15:23:17 libtorsocks(8976): In request handle loop for socket 3, current state of request is 4 15:23:17 libtorsocks(8976): Reading from server (expecting 8 bytes) 15:23:46 libtorsocks(8976): Received 8 bytes of 8 bytes expected, return code is 0 15:23:46 libtorsocks(8976): In request handle loop for socket 3, current state of request is 6 15:23:46 libtorsocks(8976): Handle loop completed for socket 3 in state 13, returning 0 Seems that in the new version the get_pool_entry part is bypassed. I'm using the DNSPort and AutomapHostsOnResolve options in /etc/tor/torrc. Setting tordns_enable to false in /etc/torsocks.conf doesn't resolve the problem (as expected). -- System Information: Debian Release: wheezy/sid Versions of packages torsocks depends on: ii libc6 2.13-18 Versions of packages torsocks recommends: ii tor 0.2.2.32-1 torsocks suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
