[tor-commits] [tor/master] Clarify that ClientRejectInternalAddresses also rejects mDNS *.local hosts

nickm at torproject.org nickm at torproject.org
Mon Dec 5 13:17:36 UTC 2016 

commit 7ffa95abd935fd6ac10abd96e8a8d14aa9035caf
Author: J. Ryan Stinnett <jryans at gmail.com>
Date:   Sat Dec 3 21:06:30 2016 -0600

    Clarify that ClientRejectInternalAddresses also rejects mDNS *.local hosts
    
    Fixes #17070.
---
 changes/17070        | 4 ++++
 doc/tor.1.txt        | 3 ++-
 src/common/address.c | 3 ++-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/changes/17070 b/changes/17070
new file mode 100644
index 0000000..ffe616f
--- /dev/null
+++ b/changes/17070
@@ -0,0 +1,4 @@
+  o Documentation (SOCKS connections):
+    - Clarify that when `ClientRejectInternalAddresses` is enabled (which is the
+      default), multicast DNS hostnames for machines on the local network (of
+      the form *.local) are also rejected.  Closes ticket 17070.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index aa3859e..c4219d9 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1414,7 +1414,8 @@ The following options are useful only for clients (that is, if
     If true, Tor does not try to fulfill requests to connect to an internal
     address (like 127.0.0.1 or 192.168.0.1) __unless a exit node is
     specifically requested__ (for example, via a .exit hostname, or a
-    controller request).  (Default: 1)
+    controller request).  If true, multicast DNS hostnames for machines on the
+    local network (of the form *.local) are also rejected.  (Default: 1)
 
 [[DownloadExtraInfo]] **DownloadExtraInfo** **0**|**1**::
     If true, Tor downloads and caches "extra-info" documents. These documents
diff --git a/src/common/address.c b/src/common/address.c
index 773e688..fa6630e 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -2100,7 +2100,8 @@ get_interface_address,(int severity, uint32_t *addr))
 }
 
 /** Return true if we can tell that <b>name</b> is a canonical name for the
- * loopback address. */
+ * loopback address.  Return true also for *.local hostnames, which are
+ * multicast DNS names for hosts on the local network. */
 int
 tor_addr_hostname_is_local(const char *name)
 {

More information about the tor-commits mailing list