diff options
| -rw-r--r-- | changes/first-hop-no-private | 8 | ||||
| -rw-r--r-- | doc/tor.1.txt | 8 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 8 |
3 files changed, 21 insertions, 3 deletions
diff --git a/changes/first-hop-no-private b/changes/first-hop-no-private new file mode 100644 index 0000000000..e8d0684061 --- /dev/null +++ b/changes/first-hop-no-private @@ -0,0 +1,8 @@ + o Minor bugfix (relays, hidden services): + - Refuse connection requests to private OR addresses unless + ExtendAllowPrivateAddresses is set. Previously, tor would + connect, then refuse to send any cells to a private address. + Fixes bugs 17674 and 8976; bugfix on b7c172c9ec76 (28 Aug 2012) + Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint + release. + Patch by "teor". diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 56b709f421..c5ef054f61 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1898,9 +1898,11 @@ is non-zero): (Default: 1) [[ExtendAllowPrivateAddresses]] **ExtendAllowPrivateAddresses** **0**|**1**:: - When this option is enabled, Tor routers allow EXTEND request to - localhost, RFC1918 addresses, and so on. This can create security issues; - you should probably leave it off. (Default: 0) + When this option is enabled, Tor will connect to localhost, RFC1918 + addresses, and so on. In particular, Tor will make direct connections, and + Tor routers allow EXTEND requests, to these private addresses. This can + create security issues; you should probably leave it off. + (Default: 0) [[MaxMemInQueues]] **MaxMemInQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: This option configures a threshold above which Tor will assume that it diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 0688398f6d..933d70bd8b 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -498,6 +498,14 @@ circuit_handle_first_hop(origin_circuit_t *circ) tor_assert(firsthop); tor_assert(firsthop->extend_info); + /* XX/teor - does tor ever need build a circuit directly to itself? */ + if (tor_addr_is_internal(&firsthop->extend_info->addr, 0) && + !get_options()->ExtendAllowPrivateAddresses) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Client asked me to connect directly to a private address"); + return -END_CIRC_REASON_TORPROTOCOL; + } + /* now see if we're already connected to the first OR in 'route' */ log_debug(LD_CIRC,"Looking for firsthop '%s'", fmt_addrport(&firsthop->extend_info->addr, |