[tor-commits] [tor/release-0.2.2] Don't leak the local hostname in relay nicknames
arma at torproject.org
arma at torproject.org
Wed Apr 27 18:06:26 UTC 2011
commit 4c789ec08c8d52c3aab3ab775a86fe2350d584b5
Author: Sebastian Hahn <sebastian at torproject.org>
Date: Tue Apr 26 05:07:37 2011 +0200
Don't leak the local hostname in relay nicknames
Fixes bug 2979, reported by tagnaq.
---
changes/bug2979 | 9 ++++++++
src/or/config.c | 55 ------------------------------------------------------
src/or/dirserv.h | 2 +-
3 files changed, 10 insertions(+), 56 deletions(-)
diff --git a/changes/bug2979 b/changes/bug2979
new file mode 100644
index 0000000..fe1f45f
--- /dev/null
+++ b/changes/bug2979
@@ -0,0 +1,9 @@
+ o Minor bugfixes:
+ - If the Nickname configuration option wasn't given, Tor used to pick
+ a nickname based on the local hostname as the nickname for a relay.
+ Because nicknames are not very important in today's Tor and the
+ "Unnamed" nickname has been implemented, this is now problematic
+ behaviour: It leaks information about the hostname without being
+ useful at all. Bugfix on tor-0.1.2.2-alpha, which introduced the
+ Unnamed nickname. Fixes bug 2979, reported by tagnaq.
+
diff --git a/src/or/config.c b/src/or/config.c
index 3770301..9675c73 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2500,54 +2500,6 @@ is_local_addr(const tor_addr_t *addr)
return 0;
}
-/** Called when we don't have a nickname set. Try to guess a good nickname
- * based on the hostname, and return it in a newly allocated string. If we
- * can't, return NULL and let the caller warn if it wants to. */
-static char *
-get_default_nickname(void)
-{
- static const char * const bad_default_nicknames[] = {
- "localhost",
- NULL,
- };
- char localhostname[256];
- char *cp, *out, *outp;
- int i;
-
- if (gethostname(localhostname, sizeof(localhostname)) < 0)
- return NULL;
-
- /* Put it in lowercase; stop at the first dot. */
- if ((cp = strchr(localhostname, '.')))
- *cp = '\0';
- tor_strlower(localhostname);
-
- /* Strip invalid characters. */
- cp = localhostname;
- out = outp = tor_malloc(strlen(localhostname) + 1);
- while (*cp) {
- if (strchr(LEGAL_NICKNAME_CHARACTERS, *cp))
- *outp++ = *cp++;
- else
- cp++;
- }
- *outp = '\0';
-
- /* Enforce length. */
- if (strlen(out) > MAX_NICKNAME_LEN)
- out[MAX_NICKNAME_LEN]='\0';
-
- /* Check for dumb names. */
- for (i = 0; bad_default_nicknames[i]; ++i) {
- if (!strcmp(out, bad_default_nicknames[i])) {
- tor_free(out);
- return NULL;
- }
- }
-
- return out;
-}
-
/** Release storage held by <b>options</b>. */
static void
config_free(config_format_t *fmt, void *options)
@@ -2976,14 +2928,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->Nickname == NULL) {
if (server_mode(options)) {
- if (!(options->Nickname = get_default_nickname())) {
- log_notice(LD_CONFIG, "Couldn't pick a nickname based on "
- "our hostname; using %s instead.", UNNAMED_ROUTER_NICKNAME);
options->Nickname = tor_strdup(UNNAMED_ROUTER_NICKNAME);
- } else {
- log_notice(LD_CONFIG, "Choosing default nickname '%s'",
- options->Nickname);
- }
}
} else {
if (!is_legal_nickname(options->Nickname)) {
diff --git a/src/or/dirserv.h b/src/or/dirserv.h
index 569abfc..a8a7060 100644
--- a/src/or/dirserv.h
+++ b/src/or/dirserv.h
@@ -52,7 +52,7 @@
MAX_V_LINE_LEN \
)
-#define UNNAMED_ROUTER_NICKNAME "Unnamed"
+#define UNNAMED_ROUTER_NICKNAME "Unnamed"
int connection_dirserv_flushed_some(dir_connection_t *conn);
More information about the tor-commits
mailing list