Opened 3 months ago

Closed 3 months ago

#31115 closed defect (not a bug)

tor returns first 4 bytes of IPv6 address only when using SOCKS command "F0"

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor Version: Tor: 0.3.5.8
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Context:

Tor has a custom extension to the SOCKS protocol, defined in:
https://gitweb.torproject.org/torspec.git/tree/socks-extensions.txt#n48

that allows resolving hostnames.

exitmap makes use of this SOCKS extension.

When the answer is an IPv6 address (ATYP=04) only the first 4 bytes are contained in the response instead of the entire IPv6 address.

Expected behavior: The entire IPv6 address should be in the response (128 bit instead of 32 bit).

https://lists.torproject.org/pipermail/tor-dev/2019-July/013931.html

Child Tickets

Change History (5)

comment:1 Changed 3 months ago by cypherpunks

example:

SOCKS response for resolving "ipv6.google.com" ("2a00:1450:4007:80c::200e")

0x05 00 00 04 2a001450 4001

05 = version
00 = resp code: succeeded
00 = reserved
04 = ATYP: IPv6
2a001450 = first bytes of the IPv6 address

last to bytes are "BND.PORT" as per spec but they might also be part of the IPv6 address
so the answer might contain the first 6 bytes not just 4 bytes.

Last edited 3 months ago by cypherpunks (previous) (diff)

comment:2 Changed 3 months ago by cypherpunks

you can close this one.

comment:3 Changed 3 months ago by nickm

Milestone: Tor: 0.4.2.x-final

Why? Is this not an issue?

comment:4 Changed 3 months ago by cypherpunks

exitmap reads only 10 bytes of the response, that is why it does not see more.

You can close it.

comment:5 Changed 3 months ago by nickm

Resolution: not a bug
Status: newclosed

ah, ok

Note: See TracTickets for help on using tickets.