summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-09-12 10:43:34 -0400
committerNick Mathewson <nickm@torproject.org>2017-09-12 10:43:34 -0400
commit26d462c1f0d4dd7ebd7f3f24c49a26e62e279b93 (patch)
tree9f974ffe1721507edadee29e3def22abbb21521c
parent4027bd2e9680cb5922b006847aa4db6170826bf6 (diff)
parent27fa4a98d23972213122fa99499efa4baebe49e3 (diff)
downloadtor-26d462c1f0d4dd7ebd7f3f24c49a26e62e279b93.tar.gz
tor-26d462c1f0d4dd7ebd7f3f24c49a26e62e279b93.zip
Merge branch 'ticket21031'
-rw-r--r--changes/ticket210315
-rw-r--r--doc/tor.1.txt15
-rw-r--r--src/or/config.c9
-rw-r--r--src/or/connection_edge.c2
-rw-r--r--src/or/or.h2
-rw-r--r--src/or/relay.c6
-rw-r--r--src/test/test_relaycell.c4
7 files changed, 25 insertions, 18 deletions
diff --git a/changes/ticket21031 b/changes/ticket21031
new file mode 100644
index 0000000000..79ad5267b5
--- /dev/null
+++ b/changes/ticket21031
@@ -0,0 +1,5 @@
+ o Removed features:
+ - The ClientDNSRejectInternalAddresses flag can no longer be set on
+ non-testing networks. It has been deprecated since 0.2.9.2-alpha.
+ Closes ticket 21031.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index c375e032d3..d49dd96336 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1408,12 +1408,6 @@ The following options are useful only for clients (that is, if
addresses/ports. See SocksPort for an explanation of isolation
flags. (Default: 0)
-[[ClientDNSRejectInternalAddresses]] **ClientDNSRejectInternalAddresses** **0**|**1**::
- If true, Tor does not believe any anonymously retrieved DNS answer that
- tells it that an address resolves to an internal address (like 127.0.0.1 or
- 192.168.0.1). This option prevents certain browser-based attacks; don't
- turn it off unless you know what you're doing. (Default: 1)
-
[[ClientRejectInternalAddresses]] **ClientRejectInternalAddresses** **0**|**1**::
If true, Tor does not try to fulfill requests to connect to an internal
address (like 127.0.0.1 or 192.168.0.1) __unless a exit node is
@@ -2468,7 +2462,7 @@ The following options are used for running a testing Tor network.
4 (for 40 seconds), 8, 16, 32, 60
ClientBootstrapConsensusMaxDownloadTries 80
ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries 80
- ClientDNSRejectInternalAddresses 0
+ TestingClientDNSRejectInternalAddresses 0
ClientRejectInternalAddresses 0
CountPrivateBandwidth 1
ExitPolicyRejectPrivate 0
@@ -2679,6 +2673,13 @@ The following options are used for running a testing Tor network.
we replace it and issue a new key?
(Default: 3 hours for link and auth; 1 day for signing.)
+[[ClientDNSRejectInternalAddresses]] [[TestingClientDNSRejectInternalAddresses]] **TestingClientDNSRejectInternalAddresses** **0**|**1**::
+ If true, Tor does not believe any anonymously retrieved DNS answer that
+ tells it that an address resolves to an internal address (like 127.0.0.1 or
+ 192.168.0.1). This option prevents certain browser-based attacks; don't
+ turn it off unless you know what you're doing. (Default: 1)
+
+
NON-PERSISTENT OPTIONS
----------------------
diff --git a/src/or/config.c b/src/or/config.c
index 9a7251c41f..55c9531f4b 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -169,6 +169,8 @@ static config_abbrev_t option_abbrevs_[] = {
{ "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
{ "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
{ "VirtualAddrNetwork", "VirtualAddrNetworkIPv4", 0, 0},
+ { "ClientDNSRejectInternalAddresses",
+ "TestingClientDNSRejectInternalAddresses", 0, 1, },
{ NULL, NULL, 0, 0},
};
@@ -251,7 +253,7 @@ static config_var_t option_vars_[] = {
V(CircuitsAvailableTimeout, INTERVAL, "0"),
V(CircuitStreamTimeout, INTERVAL, "0"),
V(CircuitPriorityHalflife, DOUBLE, "-100.0"), /*negative:'Use default'*/
- V(ClientDNSRejectInternalAddresses, BOOL,"1"),
+ V(TestingClientDNSRejectInternalAddresses, BOOL,"1"),
V(ClientOnly, BOOL, "0"),
V(ClientPreferIPv6ORPort, AUTOBOOL, "auto"),
V(ClientPreferIPv6DirPort, AUTOBOOL, "auto"),
@@ -635,7 +637,7 @@ static const config_var_t testing_tor_network_defaults[] = {
"0, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
V(ClientBootstrapConsensusMaxDownloadTries, UINT, "80"),
V(ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries, UINT, "80"),
- V(ClientDNSRejectInternalAddresses, BOOL,"0"), // deprecated in 0.2.9.2-alpha
+ V(TestingClientDNSRejectInternalAddresses, BOOL,"0"),
V(ClientRejectInternalAddresses, BOOL, "0"),
V(CountPrivateBandwidth, BOOL, "1"),
V(ExitPolicyRejectPrivate, BOOL, "0"),
@@ -684,8 +686,6 @@ static const config_deprecation_t option_deprecation_notes_[] = {
/* Deprecated since 0.2.9.2-alpha... */
{ "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
"a wide variety of application-level attacks." },
- { "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
- "easier to fingerprint, and may open you to esoteric attacks." },
/* End of options deprecated since 0.2.9.2-alpha. */
/* Deprecated since 0.3.2.0-alpha. */
@@ -4121,6 +4121,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
CHECK_DEFAULT(TestingSigningKeySlop);
CHECK_DEFAULT(TestingAuthKeySlop);
CHECK_DEFAULT(TestingLinkKeySlop);
+ CHECK_DEFAULT(TestingClientDNSRejectInternalAddresses);
#undef CHECK_DEFAULT
if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index c5bd39d172..dfa89bc2ce 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1344,7 +1344,7 @@ connection_ap_handshake_rewrite(entry_connection_t *conn,
/* Hang on, did we find an answer saying that this is a reverse lookup for
* an internal address? If so, we should reject it if we're configured to
* do so. */
- if (options->ClientDNSRejectInternalAddresses) {
+ if (options->TestingClientDNSRejectInternalAddresses) {
/* Don't let clients try to do a reverse lookup on 10.0.0.1. */
tor_addr_t addr;
int ok;
diff --git a/src/or/or.h b/src/or/or.h
index de03a99035..b3c4ed8293 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4212,7 +4212,7 @@ typedef struct {
/** If true, do not believe anybody who tells us that a domain resolves
* to an internal address, or that an internal address has a PTR mapping.
* Helps avoid some cross-site attacks. */
- int ClientDNSRejectInternalAddresses;
+ int TestingClientDNSRejectInternalAddresses;
/** If true, do not accept any requests to connect to internal addresses
* over randomly chosen exits. */
diff --git a/src/or/relay.c b/src/or/relay.c
index ba9c09b843..c00afc8e72 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -930,7 +930,7 @@ connection_ap_process_end_not_open(
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return 0;
}
- if (get_options()->ClientDNSRejectInternalAddresses &&
+ if (get_options()->TestingClientDNSRejectInternalAddresses &&
tor_addr_is_internal(&addr, 0)) {
log_info(LD_APP,"Address '%s' resolved to internal. Closing,",
safe_str(conn->socks_request->address));
@@ -1347,7 +1347,7 @@ connection_edge_process_resolved_cell(edge_connection_t *conn,
goto done;
}
- if (get_options()->ClientDNSRejectInternalAddresses) {
+ if (get_options()->TestingClientDNSRejectInternalAddresses) {
int orig_len = smartlist_len(resolved_addresses);
SMARTLIST_FOREACH_BEGIN(resolved_addresses, address_ttl_t *, addr) {
if (addr->hostname == NULL && tor_addr_is_internal(&addr->addr, 0)) {
@@ -1440,7 +1440,7 @@ connection_edge_process_relay_cell_not_open(
if (tor_addr_family(&addr) != AF_UNSPEC) {
const sa_family_t family = tor_addr_family(&addr);
if (tor_addr_is_null(&addr) ||
- (get_options()->ClientDNSRejectInternalAddresses &&
+ (get_options()->TestingClientDNSRejectInternalAddresses &&
tor_addr_is_internal(&addr, 0))) {
log_info(LD_APP, "...but it claims the IP address was %s. Closing.",
fmt_addr(&addr));
diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c
index eea1f5dc80..9c010deece 100644
--- a/src/test/test_relaycell.c
+++ b/src/test/test_relaycell.c
@@ -112,7 +112,7 @@ test_relaycell_resolved(void *arg)
MOCK(connection_mark_unattached_ap_, mark_unattached_mock);
MOCK(connection_ap_handshake_socks_resolved, socks_resolved_mock);
- options->ClientDNSRejectInternalAddresses = 0;
+ options->TestingClientDNSRejectInternalAddresses = 0;
SET_CELL(/* IPv4: 127.0.1.2, ttl 256 */
"\x04\x04\x7f\x00\x01\x02\x00\x00\x01\x00"
@@ -151,7 +151,7 @@ test_relaycell_resolved(void *arg)
/* But we may be discarding private answers. */
MOCK_RESET();
- options->ClientDNSRejectInternalAddresses = 1;
+ options->TestingClientDNSRejectInternalAddresses = 1;
r = connection_edge_process_resolved_cell(edgeconn, &cell, &rh);
tt_int_op(r, OP_EQ, 0);
ASSERT_MARK_CALLED(END_STREAM_REASON_DONE|