17 years ago · a62a24036d
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@ Changes in version 0.2.1.1-alpha - 2008-??-??
 
															     - Stop giving double-close warn when we reject an address for client DNS.
														
 
															     - On Windows, correctly detect errors when listing the contents of a
														
 
															       directory.  Fix from lodger.  (Bugfix on 0.1.2.x.)
														
 
															+    - Fix the implementation of ClientDNSRejectInternalAddresses so that it
														
 
															+      actually works, and doesn't warn about every single reverse lookup.
														
 
															+      Fixes the other part of bug 617.  Bugfix on 0.2.0.1-alpha.
														
 
															   o Minor features:
														
 
															     - Allow separate log levels to be configured for different logging
														
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1331,8 +1331,17 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
 
															     if (options->ClientDNSRejectInternalAddresses) {
														
 
															       /* Don't let people try to do a reverse lookup on 10.0.0.1. */
														
 
															       tor_addr_t addr;
														
 
															-      if (tor_addr_from_str(&addr, socks->address) >= 0 &&
														
 
															-          tor_addr_is_internal(&addr, 0)) {
														
 
															+      struct in_addr in;
														
 
															+      int ok;
														
 
															+      if (!strcasecmpend(socks->address, ".in-addr.arpa"))
														
 
															+        ok = !parse_inaddr_arpa_address(socks->address, &in);
														
 
															+      else
														
 
															+        ok = tor_inet_aton(socks->address, &in);
														
 
															+      /*XXXX021 make this a function. */
														
 
															+      addr.family = AF_INET;
														
 
															+      memcpy(&addr.addr.in_addr, &in, sizeof(struct in_addr));
														
 
															+
														
 
															+      if (ok && tor_addr_is_internal(&addr, 0)) {
														
 
															         connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_ERROR,
														
 
															                                                0, NULL, -1, TIME_MAX);
														
 
															         connection_mark_unattached_ap(conn,
														
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -481,7 +481,8 @@ send_resolved_hostname_cell(edge_connection_t *conn, const char *hostname)
 
															  * parse it and place the address in <b>in</b> if present. Return 1 on success;
														
 
															  * 0 if the address is not in in-addr.arpa format, and -1 if the address is
														
 
															  * malformed. */
														
 
															-static int
														
 
															+/* XXXX021 move this to util.c. */
														
 
															+int
														
 
															 parse_inaddr_arpa_address(const char *address, struct in_addr *in)
														
 
															 {
														
 
															   char buf[INET_NTOA_BUF_LEN];
														
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3246,6 +3246,7 @@ int dns_resolve(edge_connection_t *exitconn);
 
															 void dns_launch_correctness_checks(void);
														
 
															 int dns_seems_to_be_broken(void);
														
 
															 void dns_reset_correctness_checks(void);
														
 
															+int parse_inaddr_arpa_address(const char *address, struct in_addr *in);
														
 
															 /********************************* dnsserv.c ************************/