From 33762b529694f58d7640ebcbef1bc0f940419c89 Mon Sep 17 00:00:00 2001 From: Jacob Appelbaum Date: Sat, 8 Aug 2009 19:15:22 -0700 Subject: [PATCH] LetsKillNoConnect removes support for .noconnect This is a patch to remove support for .noconnect. We are removing .noconnect because of a talk at Defcon 17 by Gregory Fleischer. --- ChangeLog | 1 + doc/spec/address-spec.txt | 12 ------------ src/or/connection_edge.c | 16 ---------------- src/or/dnsserv.c | 7 +------ 4 files changed, 2 insertions(+), 34 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1d9b71b766..b1f45f1ffd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -49,6 +49,7 @@ Changes in version 0.2.2.1-alpha - 2009-0?-?? - The EXTENDED_EVENTS and VERBOSE_NAMES controller features are now always on; using them is necessary for correct forward-compatible controllers. + - Removal of support for .noconnect style addresses. Changes in version 0.2.1.20 - 2009-??-?? diff --git a/doc/spec/address-spec.txt b/doc/spec/address-spec.txt index 95641b49b8..fdae9b82a4 100644 --- a/doc/spec/address-spec.txt +++ b/doc/spec/address-spec.txt @@ -53,15 +53,3 @@ When Tor sees an address in this format, it tries to look up and connect to the specified hidden service. See rend-spec.txt for full details. -4. .noconnect - - SYNTAX: [string].noconnect - - When Tor sees an address in this format, it immediately closes the - connection without attaching it to any circuit. This is useful for - controllers that want to test whether a given application is indeed using - the same instance of Tor that they're controlling. - -5. [XXX Is there a ".virtual" address that we expose too, or is that -just intended to be internal? -RD] - diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 79496f7a9b..04fffd9f57 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1875,14 +1875,6 @@ connection_ap_handshake_process_socks(edge_connection_t *conn) return -1; } /* else socks handshake is done, continue processing */ - if (hostname_is_noconnect_address(socks->address)) - { - control_event_stream_status(conn, STREAM_EVENT_NEW, 0); - control_event_stream_status(conn, STREAM_EVENT_CLOSED, 0); - connection_mark_unattached_ap(conn, END_STREAM_REASON_DONE); - return -1; - } - if (SOCKS_COMMAND_IS_CONNECT(socks->command)) control_event_stream_status(conn, STREAM_EVENT_NEW, 0); else @@ -2944,11 +2936,3 @@ failed: return BAD_HOSTNAME; } -/** Check if the address is of the form "y.noconnect" - */ -int -hostname_is_noconnect_address(const char *address) -{ - return ! strcasecmpend(address, ".noconnect"); -} - diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index 08cf653093..b1e0ff104f 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -92,12 +92,7 @@ evdns_server_callback(struct evdns_server_request *req, void *_data) evdns_server_request_respond(req, DNS_ERR_NONE); return; } - if (q->type == EVDNS_TYPE_A) { - /* Refuse any attempt to resolve a noconnect address, right now. */ - if (hostname_is_noconnect_address(q->name)) { - err = DNS_ERR_REFUSED; - } - } else { + if (q->type != EVDNS_TYPE_A) { tor_assert(q->type == EVDNS_TYPE_PTR); }