diff options
author | Nick Mathewson <nickm@torproject.org> | 2012-03-28 03:19:00 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2012-03-28 03:19:00 -0400 |
commit | 433d7578465e04484d537810096512b5cc61246f (patch) | |
tree | de201fe472549b9497894033660f979a0b80bd94 /src/or/connection_edge.c | |
parent | 70c17134c79d9de05408748329c0918158d7deb0 (diff) | |
download | tor-433d7578465e04484d537810096512b5cc61246f.tar tor-433d7578465e04484d537810096512b5cc61246f.tar.gz |
Reject SOCKS requests for "localhost" or ".local"
Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to. Partial fix for 2822.
Diffstat (limited to 'src/or/connection_edge.c')
-rw-r--r-- | src/or/connection_edge.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index e19d7f077..fb09281fe 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -2000,8 +2000,9 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, if (options->ClientRejectInternalAddresses && !conn->use_begindir && !conn->chosen_exit_name && !circ) { tor_addr_t addr; - if (tor_addr_parse(&addr, socks->address) >= 0 && - tor_addr_is_internal(&addr, 0)) { + if (tor_addr_hostname_is_local(socks->address) || + (tor_addr_parse(&addr, socks->address) >= 0 && + tor_addr_is_internal(&addr, 0))) { /* If this is an explicit private address with no chosen exit node, * then we really don't want to try to connect to it. That's * probably an error. */ |