[tor-bugs] #18037 [Tor]: Should the user be allowed to specify FQDNs for HS TARGETs?

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 16 23:39:41 UTC 2016

#18037: Should the user be allowed to specify FQDNs for HS TARGETs?
 Reporter:  yawning     |          Owner:
     Type:  defect      |         Status:  new
 Priority:  Low         |      Milestone:  Tor: 0.2.???
Component:  Tor         |        Version:  Tor: unspecified
 Severity:  Minor       |     Resolution:
 Keywords:  tor-hs dns  |  Actual Points:
Parent ID:              |         Points:
  Sponsor:              |

Comment (by arma):

 Replying to [comment:8 alecmuffett]:
 > Given the recent controversy about Apache's special treatment of
 requests coming in from "localhost", I actually wonder if there ought to
 be a _fourth_ syntax, vaguely IPv6 inspired, along the lines of:
 > HiddenServicePort interface:eth0 80
 > ...which regularly queries the named network interface and asks what IP
 address it is currently bound to, directing requests to _that_ rather than

 Careful! At least in some cases, when I connect to my computer's external
 IP address from the same computer, the routing decides to send it "from"
 localhost. I suspect if we try one of these tricks we will learn that it
 is not reliable. I think the only reasonable answer is to either make the
 application not trust localhost too much, or to put the application on an
 actual different place (which would, in essence, be a variant on making
 the application not trust the Tor address too much).

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18037#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list