Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote-tracking branch 'public/bug10801_024'

Conflicts:
	src/common/address.c
	src/or/config.c
Nick Mathewson 10 years ago
parent
d290e36576 b3469e4207
commit
2ff664ee20
5 changed files with 83 additions and 21 deletions
Split View Show Diff Stats
  1. 4 0
      changes/bug10801
  2. 21 4
      src/common/address.c
  3. 2 1
      src/common/address.h
  4. 3 10
      src/or/config.c
  5. 53 6
      src/test/test_addr.c

+ 4 - 0
changes/bug10801
View File 

@@ -0,0 +1,4 @@
 
+  o Minor bugfixes:
 
+    - Stop accepting bridge lines containing hostnames. Doing so allowed
 
+      clients to perform DNS requests on the hostnames, which was not
 
+      sensible behavior. Fixes bug 10801; bugfix on 0.2.0.1-alpha.

+ 21 - 4
src/common/address.c
View File 

@@ -1451,12 +1451,16 @@ get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
 
  * to the port.
 
  *
 
  * Don't do DNS lookups and don't allow domain names in the "ip" field.
 
- * Don't accept <b>addrport</b> of the form "ip" or "ip:0".
 
+ *
 
+ * If <b>default_port</b> is less than 0, don't accept <b>addrport</b> of the
 
+ * form "ip" or "ip:0".  Otherwise, accept those forms, and set
 
+ * *<b>port_out</b> to <b>default_port</b>.
 
  *
 
  * Return 0 on success, -1 on failure. */
 
 int
 
 tor_addr_port_parse(int severity, const char *addrport,
 
-                    tor_addr_t *address_out, uint16_t *port_out)
 
+                    tor_addr_t *address_out, uint16_t *port_out,
 
+                    int default_port)
 
 {
 
   int retval = -1;
 
   int r;
 
@@ -1470,8 +1474,12 @@ tor_addr_port_parse(int severity, const char *addrport,
 
   if (r < 0)
 
     goto done;
 
 
-  if (!*port_out)
 
-    goto done;
 
+  if (!*port_out) {
 
+    if (default_port >= 0)
 
+      *port_out = default_port;
 
+    else
 
+      goto done;
 
+  }
 
 
   /* make sure that address_out is an IP address */
 
   if (tor_addr_parse(address_out, addr_tmp) < 0)
 
@@ -1492,9 +1500,18 @@ int
 
 tor_addr_port_split(int severity, const char *addrport,
 
                     char **address_out, uint16_t *port_out)
 
 {
 
+  tor_addr_t a_tmp;
 
   tor_assert(addrport);
 
   tor_assert(address_out);
 
   tor_assert(port_out);
 
+  /* We need to check for IPv6 manually because addr_port_lookup() doesn't
 
+   * do a good job on IPv6 addresses that lack a port. */
 
+  if (tor_addr_parse(&a_tmp, addrport) == AF_INET6) {
 
+    *port_out = 0;
 
+    *address_out = tor_strdup(addrport);
 
+    return 0;
 
+  }
 
+
 
   return addr_port_lookup(severity, addrport, address_out, NULL, port_out);
 
 }

+ 2 - 1
src/common/address.h
View File 

@@ -210,7 +210,8 @@ int tor_addr_port_split(int severity, const char *addrport,
 
                         char **address_out, uint16_t *port_out);
 
 
 int tor_addr_port_parse(int severity, const char *addrport,
 
-                        tor_addr_t *address_out, uint16_t *port_out);
 
+                        tor_addr_t *address_out, uint16_t *port_out,
 
+                        int default_port);
 
 
 int tor_addr_hostname_is_local(const char *name);

+ 3 - 10
src/or/config.c
View File 

@@ -4535,18 +4535,11 @@ parse_bridge_line(const char *line)
 
     addrport = field;
 
   }
 
 
-  /* Parse addrport. */
 
-  if (tor_addr_port_lookup(addrport,
 
-                           &bridge_line->addr, &bridge_line->port)<0) {
 
+  if (tor_addr_port_parse(LOG_INFO, addrport,
 
+                          &bridge_line->addr, &bridge_line->port, 443)<0) {
 
     log_warn(LD_CONFIG, "Error parsing Bridge address '%s'", addrport);
 
     goto err;
 
   }
 
-  if (!bridge_line->port) {
 
-    log_info(LD_CONFIG,
 
-             "Bridge address '%s' has no port; using default port 443.",
 
-             addrport);
 
-    bridge_line->port = 443;
 
-  }
 
 
   /* If transports are enabled, next field could be a fingerprint or a
 
      socks argument. If transports are disabled, next field must be
 
@@ -4797,7 +4790,7 @@ get_bindaddr_from_transport_listen_line(const char *line,const char *transport)
 
     goto err;
 
 
   /* Validate addrport */
 
-  if (tor_addr_port_parse(LOG_WARN, addrport, &addr, &port)<0) {
 
+  if (tor_addr_port_parse(LOG_WARN, addrport, &addr, &port, -1)<0) {
 
     log_warn(LD_CONFIG, "Error parsing ServerTransportListenAddr "
 
              "address '%s'", addrport);
 
     goto err;

+ 53 - 6
src/test/test_addr.c
View File 

@@ -743,42 +743,89 @@ test_addr_parse(void)
 
   /* Correct call. */
 
   r= tor_addr_port_parse(LOG_DEBUG,
 
                          "192.0.2.1:1234",
 
-                         &addr, &port);
 
+                         &addr, &port, -1);
 
   test_assert(r == 0);
 
   tor_addr_to_str(buf, &addr, sizeof(buf), 0);
 
   test_streq(buf, "192.0.2.1");
 
   test_eq(port, 1234);
 
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "[::1]:1234",
 
+                         &addr, &port, -1);
 
+  test_assert(r == 0);
 
+  tor_addr_to_str(buf, &addr, sizeof(buf), 0);
 
+  test_streq(buf, "::1");
 
+  test_eq(port, 1234);
 
+
 
   /* Domain name. */
 
   r= tor_addr_port_parse(LOG_DEBUG,
 
                          "torproject.org:1234",
 
-                         &addr, &port);
 
+                         &addr, &port, -1);
 
   test_assert(r == -1);
 
 
   /* Only IP. */
 
   r= tor_addr_port_parse(LOG_DEBUG,
 
                          "192.0.2.2",
 
-                         &addr, &port);
 
+                         &addr, &port, -1);
 
+  test_assert(r == -1);
 
+
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "192.0.2.2",
 
+                         &addr, &port, 200);
 
+  test_assert(r == 0);
 
+  tt_int_op(port,==,200);
 
+
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "[::1]",
 
+                         &addr, &port, -1);
 
   test_assert(r == -1);
 
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "[::1]",
 
+                         &addr, &port, 400);
 
+  test_assert(r == 0);
 
+  tt_int_op(port,==,400);
 
+
 
   /* Bad port. */
 
   r= tor_addr_port_parse(LOG_DEBUG,
 
                          "192.0.2.2:66666",
 
-                         &addr, &port);
 
+                         &addr, &port, -1);
 
+  test_assert(r == -1);
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "192.0.2.2:66666",
 
+                         &addr, &port, 200);
 
   test_assert(r == -1);
 
 
   /* Only domain name */
 
   r= tor_addr_port_parse(LOG_DEBUG,
 
                          "torproject.org",
 
-                         &addr, &port);
 
+                         &addr, &port, -1);
 
+  test_assert(r == -1);
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "torproject.org",
 
+                         &addr, &port, 200);
 
   test_assert(r == -1);
 
 
   /* Bad IP address */
 
   r= tor_addr_port_parse(LOG_DEBUG,
 
                          "192.0.2:1234",
 
-                         &addr, &port);
 
+                         &addr, &port, -1);
 
   test_assert(r == -1);
 
 
+  /* Make sure that the default port has lower priority than the real
 
+     one */
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "192.0.2.2:1337",
 
+                         &addr, &port, 200);
 
+  test_assert(r == 0);
 
+  tt_int_op(port,==,1337);
 
+
 
+  r= tor_addr_port_parse(LOG_DEBUG,
 
+                         "[::1]:1369",
 
+                         &addr, &port, 200);
 
+  test_assert(r == 0);
 
+  tt_int_op(port,==,1369);
 
+
 
  done:
 
   ;
 
 }