[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #32315 [Core Tor/Tor]: Can't perform reverse DNS lookup for a (binary) IPv6 address
#32315: Can't perform reverse DNS lookup for a (binary) IPv6 address
--------------------------+------------------------------------
Reporter: liberat | Owner: (none)
Type: defect | Status: needs_review
Priority: Medium | Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor | Version: Tor: 0.4.1.6
Severity: Normal | Resolution:
Keywords: ipv6, dns | Actual Points:
Parent ID: | Points:
Reviewer: teor | Sponsor:
--------------------------+------------------------------------
Comment (by liberat):
Looking at the latest maint-0.2.9 / maint-0.3.5 branches:
**0.2.9** doesn't allow ASCII addresses for RESOLVE_PTR. It only allows
binary v4 or v6 addresses, and both seem to work correctly. If you try to
use an ASCII address with RESOLVE_PTR, it shows the error message:
{{{
socks5 received RESOLVE_PTR command with hostname type. Rejecting.
}}}
**0.3.5** shows the same symptoms as described above for 0.4.1.6: it
accepts either a binary address or an ASCII address. But in the case of
IPv6, binary addresses are rejected with the same error message:
{{{
socks5 received RESOLVE_PTR command with hostname type. Rejecting.
}}}
which is now somewhat misleading.
Here's a unit test to check for correct handling of IPv6 binary addresses:
{{{
--- a/src/test/test_socks.c
+++ b/src/test/test_socks.c
@@ -277,6 +277,23 @@ test_socks_5_supported_commands(void *ptr)
tt_str_op("2.2.2.5",OP_EQ, socks->address);
tt_int_op(0,OP_EQ, buf_datalen(buf));
+ socks_request_clear(socks);
+
+ /* SOCKS 5 Send RESOLVE_PTR [F1] for an IPv6 address */
+ ADD_DATA(buf, "\x05\x01\x00");
+ ADD_DATA(buf, "\x05\xF1\x00\x04"
+
"\x20\x01\x0d\xb8\x85\xa3\x00\x00\x00\x00\x8a\x2e\x03\x70\x73\x34"
+ "\x12\x34");
+ tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
+ get_options()->SafeSocks),
+ OP_EQ, 1);
+ tt_int_op(5,OP_EQ, socks->socks_version);
+ tt_int_op(2,OP_EQ, socks->replylen);
+ tt_int_op(5,OP_EQ, socks->reply[0]);
+ tt_int_op(0,OP_EQ, socks->reply[1]);
+ tt_str_op("[2001:db8:85a3::8a2e:370:7334]",OP_EQ, socks->address);
+
+ tt_int_op(0,OP_EQ, buf_datalen(buf));
done:
;
}}}
What's the best way to perform a more complete test?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32315#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs