[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #619 [Tor]: exit-policy-reject-star relays should refuse dns?
#619: exit-policy-reject-star relays should refuse dns?
------------------------+---------------------------
Reporter: arma | Owner:
Type: defect | Status: reopened
Priority: minor | Milestone: 0.2.0.x-final
Component: Tor | Version: 0.2.0.21-rc
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
------------------------+---------------------------
Changes (by mttp):
* status: closed => reopened
* resolution: Fixed =>
Old description:
> lodger points out that non-exit relays could reject dns and reverse dns
> attempts. (Currently clients try not to ask them any questions, but the
> relays don't enforce it. Non-exit relays might be surprised at the dns
> requests they are forced to do. "also permit reverse resolve for private
> addresses, which could lead to leaks of names, in normal circumstances,
> only available locally."
>
> Here's his patch:
>
> --- dns.c Tue Feb 26 19:56:28 2008
> +++ dns.c Sat Mar 8 12:11:34 2008
> @@ -550,7 +550,12 @@
> char *hostname = NULL;
> is_resolve = exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE;
>
> - r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);
> + routerinfo_t *me = router_get_my_routerinfo();
> + if (is_resolve && me &&
> + policy_is_reject_star(me->exit_policy)) /* non-exit */
> + r = -1;
> + else
> + r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);
> switch (r) {
> case 1:
> /* We got an answer without a lookup -- either the answer was
> @@ -659,9 +664,12 @@
> * .in-addr.arpa address but this isn't a resolve request, kill the
> * connection.
> */
> - if ((r = parse_inaddr_arpa_address(exitconn->_base.address, NULL)) !=
> 0) {
> - if (r == 1)
> + if ((r = parse_inaddr_arpa_address(exitconn->_base.address, &in)) !=
> 0) {
> + if (r == 1) {
> is_reverse = 1;
> + if (is_internal_IP(ntohl(in.s_addr), 0)) /* internal address */
> + return -1;
> + }
>
> if (!is_reverse || !is_resolve) {
> if (!is_reverse)
>
> [Automatically added by flyspray2trac: Operating System: All]
New description:
lodger points out that non-exit relays could reject dns and reverse dns
attempts. (Currently clients try not to ask them any questions, but the
relays don't enforce it. Non-exit relays might be surprised at the dns
requests they are forced to do. "also permit reverse resolve for private
addresses, which could lead to leaks of names, in normal circumstances,
only available locally."
Here's his patch:
--- dns.c Tue Feb 26 19:56:28 2008
+++ dns.c Sat Mar 8 12:11:34 2008
@@ -550,7 +550,12 @@
char *hostname = NULL;
is_resolve = exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE;
- r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);
+ routerinfo_t *me = router_get_my_routerinfo();
+ if (is_resolve && me &&
+ policy_is_reject_star(me->exit_policy)) /* non-exit */
+ r = -1;
+ else
+ r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);
switch (r) {
case 1:
/* We got an answer without a lookup -- either the answer was
@@ -659,9 +664,12 @@
* .in-addr.arpa address but this isn't a resolve request, kill the
* connection.
*/
- if ((r = parse_inaddr_arpa_address(exitconn->_base.address, NULL)) !=
0) {
- if (r == 1)
+ if ((r = parse_inaddr_arpa_address(exitconn->_base.address, &in)) != 0)
{
+ if (r == 1) {
is_reverse = 1;
+ if (is_internal_IP(ntohl(in.s_addr), 0)) /* internal address */
+ return -1;
+ }
if (!is_reverse || !is_resolve) {
if (!is_reverse)
[Automatically added by flyspray2trac: Operating System: All]
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/619#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs