diff options
author | Nick Mathewson <nickm@torproject.org> | 2013-03-20 14:47:49 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2013-03-20 14:47:49 -0400 |
commit | 7c2eabcf8e68aee149bff1d5c9f11eff14152bc7 (patch) | |
tree | 04c0f818bf68f4eb0cc3aeb45c04b555667c22a4 | |
parent | a87f22ef6499818c1ff32f30c66e2e18d1e80ddf (diff) | |
parent | 34120549878aa05969b66d9564cdd902adeeb6be (diff) | |
download | tor-7c2eabcf8e68aee149bff1d5c9f11eff14152bc7.tar.gz tor-7c2eabcf8e68aee149bff1d5c9f11eff14152bc7.zip |
Merge remote-tracking branch 'origin/maint-0.2.4'
-rw-r--r-- | changes/bug8475 | 4 | ||||
-rw-r--r-- | src/or/relay.c | 13 |
2 files changed, 12 insertions, 5 deletions
diff --git a/changes/bug8475 b/changes/bug8475 new file mode 100644 index 0000000000..eb8debedba --- /dev/null +++ b/changes/bug8475 @@ -0,0 +1,4 @@ + o Major bugfixes: + - If configured via ClientDNSRejectInternalAddresses not to report + DNS queries which have resolved to internal addresses, apply that + rule to IPv6 as well. Fixes bug 8475; bugfix on 0.2.0.7-alpha. diff --git a/src/or/relay.c b/src/or/relay.c index 1da993269d..0ca3e56fd5 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -1140,12 +1140,15 @@ connection_edge_process_relay_cell_not_open( 2+answer_len)); else ttl = -1; - if (answer_type == RESOLVED_TYPE_IPV4 && answer_len == 4) { - uint32_t addr = ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+2)); - if (get_options()->ClientDNSRejectInternalAddresses && - is_internal_IP(addr, 0)) { + if (answer_type == RESOLVED_TYPE_IPV4 || + answer_type == RESOLVED_TYPE_IPV6) { + tor_addr_t addr; + if (decode_address_from_payload(&addr, cell->payload+RELAY_HEADER_SIZE, + rh->length) && + tor_addr_is_internal(&addr, 0) && + get_options()->ClientDNSRejectInternalAddresses) { log_info(LD_APP,"Got a resolve with answer %s. Rejecting.", - fmt_addr32(addr)); + fmt_addr(&addr)); connection_ap_handshake_socks_resolved(entry_conn, RESOLVED_TYPE_ERROR_TRANSIENT, 0, NULL, 0, TIME_MAX); |