[tor-bugs] #22461 [Core Tor/Tor]: Tor emits inaccurate safesocks warning event whenever you visit a naked IP address
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 31 16:45:47 UTC 2017
#22461: Tor emits inaccurate safesocks warning event whenever you visit a naked IP
address
------------------------------+-----------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+-----------------
Start your Tor client, then connect to the control port and ask for
{{{setevents STATUS_CLIENT}}}.
Then {{{torify wget 128.31.0.34}}}
And on the control port you'll get
{{{
650 STATUS_CLIENT WARN DANGEROUS_SOCKS PROTOCOL=SOCKS5
ADDRESS=128.31.0.34:80
}}}
That warn event happens if you use the current socks5 variant, but you
give it a fqdn that happens to be an IP address:
{{{
if (string_is_valid_ipv4_address(req->address) ||
string_is_valid_ipv6_address(req->address)) {
log_unsafe_socks_warning(5,req->address,req->port,safe_socks);
}}}
This bug went in to Tor 0.2.6.2-alpha during commit 2862b769.
Bug noticed because of #10165.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22461>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list