[tor-commits] [tor/master] Refuse to make direct connections to private OR addresses
nickm at torproject.org
nickm at torproject.org
Wed Dec 9 15:47:28 UTC 2015
commit 23b088907fd23da417f5caf2b7b5f664f317ef4a
Author: teor (Tim Wilson-Brown) <teor2345 at gmail.com>
Date: Wed Nov 25 03:11:15 2015 +1100
Refuse to make direct connections to private OR addresses
Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would
connect, then refuse to send any cells to a private address.
Fixes bugs 17674 and 8976; bugfix on b7c172c9ec76 (28 Aug 2012)
Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint
release.
Patch by "teor".
---
doc/tor.1.txt | 8 +++++---
src/or/circuitbuild.c | 8 ++++++++
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index aba0c1c..2ada568 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1898,9 +1898,11 @@ is non-zero):
(Default: 1)
[[ExtendAllowPrivateAddresses]] **ExtendAllowPrivateAddresses** **0**|**1**::
- When this option is enabled, Tor routers allow EXTEND request to
- localhost, RFC1918 addresses, and so on. This can create security issues;
- you should probably leave it off. (Default: 0)
+ When this option is enabled, Tor will connect to localhost, RFC1918
+ addresses, and so on. In particular, Tor will make direct connections, and
+ Tor routers allow EXTEND requests, to these private addresses. This can
+ create security issues; you should probably leave it off.
+ (Default: 0)
[[MaxMemInQueues]] **MaxMemInQueues** __N__ **bytes**|**KB**|**MB**|**GB**::
This option configures a threshold above which Tor will assume that it
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 0688398..933d70b 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -498,6 +498,14 @@ circuit_handle_first_hop(origin_circuit_t *circ)
tor_assert(firsthop);
tor_assert(firsthop->extend_info);
+ /* XX/teor - does tor ever need build a circuit directly to itself? */
+ if (tor_addr_is_internal(&firsthop->extend_info->addr, 0) &&
+ !get_options()->ExtendAllowPrivateAddresses) {
+ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+ "Client asked me to connect directly to a private address");
+ return -END_CIRC_REASON_TORPROTOCOL;
+ }
+
/* now see if we're already connected to the first OR in 'route' */
log_debug(LD_CIRC,"Looking for firsthop '%s'",
fmt_addrport(&firsthop->extend_info->addr,
More information about the tor-commits
mailing list