tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 4e4c4e72d74d66181bec537fc00a8af92be0a0af
parent 1bde356bf645f3c3d3b0a6e70c03e2baf9f89d26
Author: liberat <liberat@disroot.org>
Date:   Mon, 11 Nov 2019 15:08:36 +0000

Handle binary IPv6 addresses and bracketed strings in RESOLVE_PTR.

When a SOCKS5 client sends a RESOLVE_PTR request, it must include
either an IPv4 or IPv6 address.  In the past this was required to be a
binary address (address types 1 or 4), but since the refactoring of
SOCKS5 support in Tor 0.3.5.1-alpha, strings (address type 3) are also
allowed if they represent an IPv4 or IPv6 literal.

However, when a binary IPv6 address is provided,
parse_socks5_client_request converts it into a string enclosed in
brackets.  This doesn't match what string_is_valid_ipv6_address
expects, so this would fail with the error "socks5 received
RESOLVE_PTR command with hostname type. Rejecting."

By replacing string_is_valid_ipv4_address/string_is_valid_ipv6_address
with tor_addr_parse, we accept strings both with and without brackets.
This fixes the handling of binary addresses, and also improves
symmetry with CONNECT and RESOLVE requests.

Fixes bug 32315.

Diffstat:

Achanges/bug32315 | 4++++


Msrc/core/proto/proto_socks.c | 6+++---


2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/changes/bug32315 b/changes/bug32315
@@ -0,0 +1,4 @@
+  o Major bugfixes (networking):
+    - Correctly handle IPv6 addresses in SOCKS5 RESOLVE_PTR requests,
+      and accept strings as well as binary addresses. Fixes bug 32315;
+      bugfix on Tor 0.3.5.1-alpha.
diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c
@@ -615,6 +615,7 @@ process_socks5_client_request(socks_request_t *req,
                               int safe_socks)
 {
   socks_result_t res = SOCKS_RESULT_DONE;
+  tor_addr_t tmpaddr;
 
   if (req->command != SOCKS_COMMAND_CONNECT &&
       req->command != SOCKS_COMMAND_RESOLVE &&
@@ -625,11 +626,10 @@ process_socks5_client_request(socks_request_t *req,
   }
 
   if (req->command == SOCKS_COMMAND_RESOLVE_PTR &&
-      !string_is_valid_ipv4_address(req->address) &&
-      !string_is_valid_ipv6_address(req->address)) {
+      tor_addr_parse(&tmpaddr, req->address) < 0) {
     socks_request_set_socks5_error(req, SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED);
     log_warn(LD_APP, "socks5 received RESOLVE_PTR command with "
-                     "hostname type. Rejecting.");
+                     "a malformed address. Rejecting.");
 
     res = SOCKS_RESULT_INVALID;
     goto end;