nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-14 07:03:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow a rendezvous point to have a private address

Browse Source 
When an HS process an INTRODUCE2 cell, we didn't validate if the IP address
of the rendezvous point was a local address. If it's the case, we end up
wasting resources by trying to extend to a local address which fails since
we do not allow that in circuit_extend().

This commit now rejects a rendezvous point that has a local address once
seen at the hidden service side unless ExtendAllowPrivateAddresses is set.

Fixes #8976

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
This commit is contained in:
David Goulet 2015-12-08 13:42:27 -05:00
parent b701b7962b
commit 4a7964b3bc
3 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/or/circuitbuild.c
View File

@ -2403,3 +2403,18 @@ build_state_get_exit_nickname(cpath_build_state_t *state)
return state->chosen_exit->nickname; return state->chosen_exit->nickname;
} }
/** Return true iff the given address can be used to extend to. */
int extend_info_addr_is_allowed(const tor_addr_t *addr)
{
tor_assert(addr);
/* Check if we have a private address and if we can extend to it. */
if (tor_addr_is_internal(addr, 0) &&
!get_options()->ExtendAllowPrivateAddresses) {
goto disallow;
}
/* Allowed! */
return 1;
disallow:
return 0;
}

1
src/or/circuitbuild.h
View File

@ -53,6 +53,7 @@ extend_info_t *extend_info_new(const char *nickname, const char *digest,
extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect); extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect);
extend_info_t *extend_info_dup(extend_info_t *info); extend_info_t *extend_info_dup(extend_info_t *info);
void extend_info_free(extend_info_t *info); void extend_info_free(extend_info_t *info);
int extend_info_addr_is_allowed(const tor_addr_t *addr);
const node_t *build_state_get_exit_node(cpath_build_state_t *state); const node_t *build_state_get_exit_node(cpath_build_state_t *state);
const char *build_state_get_exit_nickname(cpath_build_state_t *state); const char *build_state_get_exit_nickname(cpath_build_state_t *state);

12
src/or/rendservice.c
View File

@ -1818,6 +1818,18 @@ find_rp_for_intro(const rend_intro_cell_t *intro,
goto err; goto err;
} }
/* Make sure the RP we are being asked to connect to is _not_ a private
* address unless it's allowed. Let's avoid to build a circuit to our
* second middle node and fail right after when extending to the RP. */
if (!extend_info_addr_is_allowed(&rp->addr)) {
if (err_msg_out) {
tor_asprintf(&err_msg,
"Relay IP in INTRODUCE2 cell is private address.");
}
extend_info_free(rp);
rp = NULL;
goto err;
}
goto done; goto done;
err: err: