tor-socksproto

Crates.iotor-socksproto
lib.rstor-socksproto
version0.25.0
sourcesrc
created_at2021-06-24 14:03:33.347959
updated_at2024-12-02 18:00:13.121632
descriptionEncode and decode the SOCKS protocol, as extended in Tor
homepagehttps://gitlab.torproject.org/tpo/core/arti/-/wikis/home
repositoryhttps://gitlab.torproject.org/tpo/core/arti.git/
max_upload_size
id414466
size95,735
Gabi Moldovan (gabi-250)

documentation

README

tor-socksproto

Implements SOCKS in the flavors provided by Tor.

Overview

SOCKS is an old and somewhat janky protocol for telling a TCP proxy where to connect. Versions 4, 4a, and 5 are sometimes encountered in the wild.

The tor-socksproto crate tries to hide the actual details of the protocol, and expose a stateful handshake type that eventually provides a [SocksRequest] or an error. It is part of Arti, a project to implement Tor in Rust. At present, it is only used to provide a SOCKS proxy over the Tor network, but eventually it may be used to implement support for connecting to the Tor network over a SOCKS proxy.

This crate may be a good choice for you if you need a SOCKS implementation that "behaves like Tor", but otherwise it is probably better to use some other SOCKS crate.

For more information about SOCKS:

  • SOCKS5 (which is preferred) is specified in RFC 1928, and see also RFC 1929 for Username/Password authentication in SOCKS5.
  • The wikipedia article is the best surviving documentation for SOCKS4 and SOCKS4a.
  • See socks-extensions.txt for a description of Tor's extensions and restrictions on the SOCKS protocol.

Design notes

Arti uses this crate instead of some other SOCKS implementation, for two reasons:

  • First, because we need to support Tor SOCKS extensions.
  • Second, and because we sometimes need to see particular details of the individual handshakes that most other SOCKS implementations don't expose. (For example, if we are told to connect to a raw IP address, the type of the handshake can help us guess whether that IP address came from a DNS response–in which case we should warn about a possible DNS leak.)

Currently, tor-socksproto does no networking code: it only implements the server (proxy) side of the SOCKS handshake by handling a series of bytes. We may (or may not) want to add network functionality to this crate or elsewhere in the future. We'll definitely want to add client functionality.

Possibly, this approach will prove useful for other uses. If it does, We can put the tor-only functionality behind a Cargo build feature, so that others can use this crate more safely.

License: MIT OR Apache-2.0

Commit count: 0

cargo fmt