From 7ffa95abd935fd6ac10abd96e8a8d14aa9035caf Mon Sep 17 00:00:00 2001 From: "J. Ryan Stinnett" Date: Sat, 3 Dec 2016 21:06:30 -0600 Subject: Clarify that ClientRejectInternalAddresses also rejects mDNS *.local hosts Fixes #17070. --- changes/17070 | 4 ++++ doc/tor.1.txt | 3 ++- src/common/address.c | 3 ++- 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 changes/17070 diff --git a/changes/17070 b/changes/17070 new file mode 100644 index 0000000000..ffe616f38d --- /dev/null +++ b/changes/17070 @@ -0,0 +1,4 @@ + o Documentation (SOCKS connections): + - Clarify that when `ClientRejectInternalAddresses` is enabled (which is the + default), multicast DNS hostnames for machines on the local network (of + the form *.local) are also rejected. Closes ticket 17070. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index aa3859e0fe..c4219d96b0 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1414,7 +1414,8 @@ The following options are useful only for clients (that is, if If true, Tor does not try to fulfill requests to connect to an internal address (like 127.0.0.1 or 192.168.0.1) __unless a exit node is specifically requested__ (for example, via a .exit hostname, or a - controller request). (Default: 1) + controller request). If true, multicast DNS hostnames for machines on the + local network (of the form *.local) are also rejected. (Default: 1) [[DownloadExtraInfo]] **DownloadExtraInfo** **0**|**1**:: If true, Tor downloads and caches "extra-info" documents. These documents diff --git a/src/common/address.c b/src/common/address.c index 773e688554..fa6630ef92 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -2100,7 +2100,8 @@ get_interface_address,(int severity, uint32_t *addr)) } /** Return true if we can tell that name is a canonical name for the - * loopback address. */ + * loopback address. Return true also for *.local hostnames, which are + * multicast DNS names for hosts on the local network. */ int tor_addr_hostname_is_local(const char *name) { -- cgit v1.2.3-54-g00ecf