tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit ed4d6a00300dec1dcac7cf294bebfe736e1d97a4
parent adcb094cb639ab8a3a36f3dc0bf1bb4e7fcdbd2b
Author: David Goulet <dgoulet@torproject.org>
Date:   Thu, 30 Sep 2021 10:26:37 -0400

hs-v2: Disable SOCKS connection for v2 addresses

This effectively turns off the ability of tor to use HSv2 as a client by
invalidating the v2 onion hostname passed through a SOCKS request.

Part of #40476

Signed-off-by: David Goulet <dgoulet@torproject.org>

Diffstat:

Msrc/core/or/connection_edge.c | 17++++-------------


1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
@@ -1636,12 +1636,12 @@ consider_plaintext_ports(entry_connection_t *conn, uint16_t port)
  * The possible recognized forms are (where true is returned):
  *
  *  If address is of the form "y.onion" with a well-formed handle y:
- *     Put a NUL after y, lower-case it, and return ONION_V2_HOSTNAME or
- *     ONION_V3_HOSTNAME depending on the HS version.
+ *     Put a NUL after y, lower-case it, and return ONION_V3_HOSTNAME
+ *     depending on the HS version.
  *
  *  If address is of the form "x.y.onion" with a well-formed handle x:
  *     Drop "x.", put a NUL after y, lower-case it, and return
- *     ONION_V2_HOSTNAME or ONION_V3_HOSTNAME depending on the HS version.
+ *     ONION_V3_HOSTNAME depending on the HS version.
  *
  * If address is of the form "y.onion" with a badly-formed handle y:
  *     Return BAD_HOSTNAME and log a message.
@@ -1691,14 +1691,6 @@ parse_extended_hostname(char *address, hostname_type_t *type_out)
   if (q != address) {
     memmove(address, q, strlen(q) + 1 /* also get \0 */);
   }
-  /* v2 onion address check. */
-  if (strlen(query) == REND_SERVICE_ID_LEN_BASE32) {
-    *type_out = ONION_V2_HOSTNAME;
-    if (rend_valid_v2_service_id(query)) {
-      goto success;
-    }
-    goto failed;
-  }
 
   /* v3 onion address check. */
   if (strlen(query) == HS_SERVICE_ADDR_LEN_BASE32) {
@@ -1718,8 +1710,7 @@ parse_extended_hostname(char *address, hostname_type_t *type_out)
  failed:
   /* otherwise, return to previous state and return 0 */
   *s = '.';
-  const bool is_onion = (*type_out == ONION_V2_HOSTNAME) ||
-    (*type_out == ONION_V3_HOSTNAME);
+  const bool is_onion = (*type_out == ONION_V3_HOSTNAME);
   log_warn(LD_APP, "Invalid %shostname %s; rejecting",
            is_onion ? "onion " : "",
            safe_str_client(address));