Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#4018 closed defect (fixed)

warn_nonlocal_client_ports should use tor_addr_is_internal, not _is_loopback

Reported by: rransom Owned by: rransom
Priority: Medium Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: easy tor-client
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Sep 14 04:11:29.518 [notice] Tor v0.2.3.4-alpha (git-5f4f727d58daa194). This is experimental software. Do not rely on it for strong anonymity. (Running on OpenBSD i386)
Sep 14 04:11:29.519 [notice] Read configuration file "/etc/tor/torrc".
Sep 14 04:11:29.519 [warn] You specified a public address for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
Sep 14 04:11:29.521 [warn] It's a little hard to tell, but you seem to have Libevent 1.4.0-beta header files, whereas you have linked against Libevent 1.4.14b-stable.  This will probably make Tor crash.
Sep 14 04:11:29.523 [notice] Initialized libevent version 1.4.14b-stable using method kqueue. Good.
Sep 14 04:11:29.524 [warn] You specified a public address for SocksPort. Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.
Sep 14 04:11:29.524 [notice] Opening Socks listener on 127.0.0.1:9050
Sep 14 04:11:29.524 [notice] Opening Socks listener on 192.168.7.1:9050
Sep 14 04:11:29.524 [notice] Opening Control listener on 127.0.0.1:9071

Reported by Tas.

Child Tickets

Change History (9)

comment:1 Changed 8 years ago by rransom

Status: newneeds_review

See bug4018 ( https://git.torproject.org/rransom/tor.git bug4018 ) for a fix.

comment:2 Changed 8 years ago by rransom

Status: needs_reviewassigned

The fact that the warning appeared twice is also a bug.

comment:3 in reply to:  2 Changed 8 years ago by rransom

Status: assignedneeds_review

Replying to rransom:

The fact that the warning appeared twice is also a bug.

Moved to #4019.

comment:4 Changed 8 years ago by nickm

I like it, but I don't want to remove the warning for non-loopback addresses entirely. If the address is internal but not noopback, then can we say something like, "You specified an internal address for FooPort. Other people on your local network can find your Tor program and use it as a proxy."

comment:5 in reply to:  4 Changed 8 years ago by rransom

Replying to nickm:

I like it, but I don't want to remove the warning for non-loopback addresses entirely. If the address is internal but not noopback, then can we say something like, "You specified an internal address for FooPort. Other people on your local network can find your Tor program and use it as a proxy."

One of the major goals of proposal 171 was to make it safe to expose one's SOCKSPort to an internal network. I don't see the point of adding a warning message about client ports bound to non-loopback internal IP addresses in only the versions of Tor in which those are safe.

comment:6 Changed 8 years ago by nickm

Perhaps a notice then? I am not so convinced that everybody using this feature will in fact know what they are doing.

comment:7 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged, add a notice. We can kill the notice later if it's too loud.

comment:8 Changed 7 years ago by nickm

Keywords: tor-client added

comment:9 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.