Opened 7 years ago

Closed 5 years ago

#8475 closed defect (fixed)

internal-address check in handling RESOLVED cells doesn't cover IPv6

Reported by: nickm Owned by:
Priority: High Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client dns ipv6 023-backport
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Our check for internal addresses in connection_ap_process_not_open() doesn't look at IPv6 addresses. Better fix that. This is less horrible than it could be now that we don't cache answers, but somebody else might be caching Tor's replies or something.

Child Tickets

Change History (8)

comment:1 Changed 7 years ago by nickm

Keywords: 023-backport added
Status: newneeds_review

Fix in branch "bug8475_023" in my public repository. Backportable to 023. I deliberately didn't refactor the rest of that code, though it sure could use it.

comment:2 Changed 7 years ago by andrea

This patch looks fine to me. Yeah, that code probably could use some refactoring.

comment:3 Changed 7 years ago by nickm

Milestone: Tor: 0.2.4.x-finalTor: 0.2.3.x-final

Great; merged to 0.2.4; leaving in 0.2.3 for backport.

comment:4 in reply to:  description ; Changed 7 years ago by arma

Replying to nickm:

This is less horrible than it could be now that we don't cache answers

That applies to 0.2.4 but not 0.2.3, right? How horrible is it for 0.2.3?

comment:5 in reply to:  4 Changed 7 years ago by nickm

Replying to arma:

Replying to nickm:

This is less horrible than it could be now that we don't cache answers

That applies to 0.2.4 but not 0.2.3, right? How horrible is it for 0.2.3?

0.2.3 doesn't cache IPv6 answers.

comment:6 Changed 7 years ago by arma

Then let's leave it out of 0.2.3?

comment:7 Changed 7 years ago by nickm

I dunno; I worry about external application behavior, and this *is* a very simple fix

comment:8 Changed 5 years ago by nickm

Milestone: Tor: 0.2.3.x-finalTor: 0.2.4.x-final
Resolution: fixed
Status: needs_reviewclosed

Marking a batch of tickets that had been under consideration for 0.2.3 backport as fixed-in-0.2.4. There is no plan for further 0.2.3 releases.

Note: See TracTickets for help on using tickets.