[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #17991 [Tor]: Handle non-127.0.0.1 IPv4 loopback addresses

Subject: [tor-bugs] #17991 [Tor]: Handle non-127.0.0.1 IPv4 loopback addresses
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 04 Jan 2016 06:31:27 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 04 Jan 2016 01:31:35 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17991: Handle non-127.0.0.1 IPv4 loopback addresses
-----------------------------+--------------------------------
     Reporter:  teor         |      Owner:
         Type:  enhancement  |     Status:  new
     Priority:  Medium       |  Milestone:  Tor: 0.2.8.x-final
    Component:  Tor          |    Version:
     Severity:  Minor        |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |    Sponsor:
-----------------------------+--------------------------------
 In #17901, we identified some FreeBSD jails and OpenVZ VMs as having no
 127.0.0.1. #17901 deals with those systems that have no loopback at all.

 But some FreeBSD jails block access to 127.0.0.1, and have loopback on a
 valid yet unexpected address, like 127.0.0.2.

 Tor could bind to any address in 127/8 (or ::1, see #11360) and be
 accessible locally.

 One possible implementation is:
 * find all addresses on all loopback interfaces (#17949)
   * as a fallback, resolve localhost (#17953), and check that it's
 127.0.0.0/8 or ::1
 * choose the address that's closest to 127.0.0.1
 * use that address as the bind address
 * If there is no 127.0.0.0/8 (or ::1) on the server, reject the *Port with
 a warning that tells the user to use AF_UNIX (if their system supports
 it), or supply an explicit IP address if they really want their *Port
 listening on a non-local address.

 Operators can always specify an explicit bind address in the *Port line,
 so this isn't a serious usability issue.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17991>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #17991 [Tor]: Handle non-127.0.0.1 IPv4 loopback addresses
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #15989 [Tor]: Add AccountingRule in and out
Next by Author: Re: [tor-bugs] #17901 [Tor]: Tor would bind ControlPort to public ip address if it has no localhost interface
Previous by thread: Re: [tor-bugs] #15989 [Tor]: Add AccountingRule in and out
Next by thread: Re: [tor-bugs] #17991 [Tor]: Handle non-127.0.0.1 IPv4 loopback addresses
Index(es):
- Author
- Thread