#31115 closed defect (not a bug)

tor returns first 4 bytes of IPv6 address only when using SOCKS command "F0"

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:



Tor has a custom extension to the SOCKS protocol, defined in:

that allows resolving hostnames.

exitmap makes use of this SOCKS extension.

When the answer is an IPv6 address (ATYP=04) only the first 4 bytes are contained in the response instead of the entire IPv6 address.

Expected behavior: The entire IPv6 address should be in the response (128 bit instead of 32 bit).


Child Tickets

Change History (5)

comment:1 Changed 16 months ago by cypherpunks


SOCKS response for resolving "ipv6.google.com" ("2a00:1450:4007:80c::200e")

0x05 00 00 04 2a001450 4001

05 = version
00 = resp code: succeeded
00 = reserved
04 = ATYP: IPv6

last to bytes are "BND.PORT" as per spec but they might also be part of the IPv6 address
so the answer might contain the first 6 bytes not just 4 bytes.

Version 0, edited 16 months ago by cypherpunks (next)

comment:2 Changed 16 months ago by cypherpunks

you can close this one.

comment:3 Changed 16 months ago by nickm

Milestone: Tor: 0.4.2.x-final

Why? Is this not an issue?

comment:4 Changed 16 months ago by cypherpunks

exitmap reads only 10 bytes of the response, that is why it does not see more.

You can close it.

comment:5 Changed 16 months ago by nickm

Resolution: not a bug
Status: newclosed

ah, ok

Note: See TracTickets for help on using tickets.