[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

RE: client bug in and a new bad exit: exoassist

     On Mon, 1 Feb 2010 04:51:54 -0500 downie - <downgeoff2@xxxxxxxxxxx>
>> Date: Sun=2C 31 Jan 2010 22:36:11 -0600
>> From: bennett@xxxxxxxxxx
>> To: flamsmark@xxxxxxxxx=3B or-talk@xxxxxxxxxxxxx
>> Subject: Re: client bug in and a new bad exit: exoassist
>>      On Sun=2C 31 Jan 2010 23:10:42 -0500 Flamsmark <flamsmark@xxxxxxxxx>
>> wrote:
>> >On 31 January 2010 21:58=2C Scott Bennett <bennett@xxxxxxxxxx> wrote:
>> >
>> >>     So it appears that a) there is a new tor client bug in
>> >> that
>> >> leaves the "exoassist.exit" in the name passed along from its SOCKS
>> >> listener
>> >> to the destination port.
>IIRC removing the .exit notation in the Host header has never been a Tor fu=
>nction: it is/was carried out by Privoxy.
     There are two separate ways that the .exit notation is used.  One is
in the HTTP(S) header, which can indeed be stripped by privoxy.  Having it
enabled/disabled in user.action seems to make no difference in this case.
The same illegitimate web page gets returned.  Trying another exit using
the .exit notation gives the correct result:  a privoxy SOCKS 5 host
unreachable error page.
     The other way that the .exit notation is used is in the SOCKS 4a
connection when it is passed to the SOCKS port instead of a destination
IP address.  The typical SOCKS 4a server then resolves a name passed to
it into an IP address and returns it back to the client.  However, tor
handles a .nickname.exit passed to it in a unique way by looking up the
node by nickname in its current directory in order to build a circuit to
that node for use as an exit.  If the node is not currently listed as
being an exit for the desired port number, then a connection failure is
returned immediately to the client.  If the node is usable as an exit for
the circuit's desired purpose, then the circuit gets built. The real
destination's name is then passed through the circuit for the exit node
to resolve, but the .nickname.exit has to be stripped by tor at some point
for that to work.
     So it looks to me as though has introduced a client bug.
     And "exoassist" remains a bad exit and should be, but still is not,
flagged as such.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/