[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #17070 [Tor]: ".local" is mDNS for the local network, but tor assumes localhost

Subject: [tor-bugs] #17070 [Tor]: ".local" is mDNS for the local network, but tor assumes localhost
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 15 Sep 2015 05:51:26 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 15 Sep 2015 01:51:36 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17070: ".local" is mDNS for the local network, but tor assumes localhost
----------------------+------------------------------------
 Reporter:  teor      |          Owner:
     Type:  defect    |         Status:  new
 Priority:  normal    |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor       |        Version:
 Keywords:  security  |  Actual Points:
Parent ID:            |         Points:
----------------------+------------------------------------
 `tor_addr_hostname_is_local` labels hostnames ending in ".local" as
 resolving to the loopback address. But ".local" is used for multicast DNS,
 so some names ending in ".local" may be on the local network(s), and not
 on 127.0.0.1 or ::1 or the associated netblocks.

 https://en.wikipedia.org/wiki/Multicast_DNS

 However, the current implementation is probably doing the right thing
 anyway, as allowing ".local" over SOCKS/Tor could open up access to
 servers or devices on Exit relays' local networks, which has security
 implications.

 This may require a documentation change, or perhaps refactoring and review
 of all uses of `tor_addr_hostname_is_local` to see if they want only
 localhost, or local networks as well.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17070>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #17070 [Tor]: ".local" is mDNS for the local network, but tor assumes localhost
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #17069 [Tor]: use domain fronting for all outgoing connections to cdn hosted websites
Next by Author: Re: [tor-bugs] #15353 [Chutney]: Some chutney tests fail when localhost is the only available IP
Previous by thread: Re: [tor-bugs] #17069 [Tor]: use domain fronting for all outgoing connections to cdn hosted websites
Next by thread: Re: [tor-bugs] #17070 [Tor]: ".local" is mDNS for the local network, but tor assumes localhost
Index(es):
- Author
- Thread