[tor-bugs] #6244 [Tor Client]: MapAddress wildcarding not working right

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Jun 27 00:22:13 UTC 2012


#6244: MapAddress wildcarding not working right
------------------------+---------------------------------------------------
 Reporter:  grarpamp    |          Owner:                    
     Type:  defect      |         Status:  new               
 Priority:  normal      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Client  |        Version:  Tor: 0.2.3.17-beta
 Keywords:              |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------
 MapAddress wildcarding does not seem to be working right.
 Note the following three issues via the controller...


 1) When using the man documented format to enter the map:

 mapaddress *.example.com=*.example.com.<fingerprint>.exit
 512 syntax error: invalid address '*.example.com.<fingerprint>.exit'

 With no map, I did not check the streams.

 2) When chancing upon an alternate format that returns 250:

 mapaddress *.example.com=<fingerprint>.exit
 250 *.example.com=<fingerprint>.exit

 This results in these streams. Which appear to leak badly in that
 the first stream to a destination does not honor the exit.

 172506 NEW 0 www.example.com:443 PURPOSE=USER
 172507 NEW 0 www.example.com:443 PURPOSE=USER
 172506 SUCCEEDED 121217 64.34.110.174:443
 172507 SUCCEEDED 121219 64.34.110.174.<fingerprint>.exit:443

 Note that entering the following related map syntax does not
 SUCCEED, which is weird given the above streams:

     mapaddress foo.bar.com=<fingerprint>.exit

 This one does, which is documented expectation:

     mapaddress foo.bar.com=foo.bar.com.<fingerprint>.exit

 3) The map in (2) is not removable by the syntax of setting the
 source (left) equal to (=) the destination (right):

 mapaddress *.example.com=*.example.com
 512 syntax error: invalid address '*.example.com'


 Seems the solution may/should be...
 - Adopt the syntax documented in (1), removing that acting in (2).
 - Fix the stream issue shown in (2).
 - Allow removal by syntax in (3).
 - Document the map removal syntax in the control spec page.
 - Check that removal from torrc and sighup works (as that is the
 form of the various options in the man page).
 - Lint the inputted map to reject '=<fingerprint>.exit' form.


 Adding applicable environment...

 trackhostexits .
 trackhostexitsexpire 604800
 allowdotexit 1
 signal NEWNYM

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6244>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list