tor-resolve: Don't automatically refuse .onion addresses.

If the Tor is running with AutomapHostsOnResolve set, it _is_
reasonable to do a DNS lookup on a .onion address.  So instead we make
tor-resolve willing to try to resolve anything.  Only if Tor refuses
to resolve it do we suggest to the user that resolving a .onion
address may not work.

Fix for bug 1005.
This commit is contained in:
Nick Mathewson 2009-06-18 11:08:10 -04:00
parent 3847f54945
commit 298dc95dfd
2 changed files with 20 additions and 10 deletions

View File

@ -14,6 +14,8 @@ Changes in version 0.2.1.16-?? - 2009-??-??
o Minor features: o Minor features:
- Update to the "June 3 2009" ip-to-country file. - Update to the "June 3 2009" ip-to-country file.
- Do not have tor-resolve automatically refuse all .onion addresses;
if AutomapHostsOnResolve is set, this will work fine.
o Minor bugfixes (on 0.2.0.x): o Minor bugfixes (on 0.2.0.x):
- Log correct error messages for DNS-related network errors on - Log correct error messages for DNS-related network errors on

View File

@ -107,7 +107,8 @@ build_socks_resolve_request(char **out,
* Return 0 on success, -1 on error. * Return 0 on success, -1 on error.
*/ */
static int static int
parse_socks4a_resolve_response(const char *response, size_t len, parse_socks4a_resolve_response(const char *hostname,
const char *response, size_t len,
uint32_t *addr_out) uint32_t *addr_out)
{ {
uint8_t status; uint8_t status;
@ -129,6 +130,13 @@ parse_socks4a_resolve_response(const char *response, size_t len,
} }
if (status != 90) { if (status != 90) {
log_warn(LD_NET,"Got status response '%d': socks request failed.", status); log_warn(LD_NET,"Got status response '%d': socks request failed.", status);
if (!strcasecmpend(hostname, ".onion")) {
log_warn(LD_NET,
"%s is a hidden service; those don't have IP addresses. "
"To connect to a hidden service, you need to send the hostname "
"to Tor; we suggest an application that uses SOCKS 4a.",hostname);
return -1;
}
return -1; return -1;
} }
@ -241,7 +249,8 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
log_err(LD_NET, "Error reading SOCKS4 response."); log_err(LD_NET, "Error reading SOCKS4 response.");
return -1; return -1;
} }
if (parse_socks4a_resolve_response(reply_buf, RESPONSE_LEN_4, if (parse_socks4a_resolve_response(hostname,
reply_buf, RESPONSE_LEN_4,
result_addr)<0){ result_addr)<0){
return -1; return -1;
} }
@ -260,6 +269,13 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
log_warn(LD_NET,"Got SOCKS5 status response '%u': %s", log_warn(LD_NET,"Got SOCKS5 status response '%u': %s",
(unsigned)reply_buf[1], (unsigned)reply_buf[1],
socks5_reason_to_string(reply_buf[1])); socks5_reason_to_string(reply_buf[1]));
if (reply_buf[1] == 4 && !strcasecmpend(hostname, ".onion")) {
log_warn(LD_NET,
"%s is a hidden service; those don't have IP addresses. "
"To connect to a hidden service, you need to send the hostname "
"to Tor; we suggest an application that uses SOCKS 4a.",
hostname);
}
return -1; return -1;
} }
if (reply_buf[3] == 1) { if (reply_buf[3] == 1) {
@ -396,14 +412,6 @@ main(int argc, char **argv)
usage(); usage();
} }
if (!strcasecmpend(arg[0], ".onion") && !force) {
fprintf(stderr,
"%s is a hidden service; those don't have IP addresses.\n\n"
"To connect to a hidden service, you need to send the hostname\n"
"to Tor; we suggest an application that uses SOCKS 4a.\n", arg[0]);
return 1;
}
if (network_init()<0) { if (network_init()<0) {
log_err(LD_BUG,"Error initializing network; exiting."); log_err(LD_BUG,"Error initializing network; exiting.");
return 1; return 1;