Reject SOCKS requests for "localhost" or ".local"

Sending them on is futile, since we will be told "127.0.0.1" and then think we've been lied to. Partial fix for 2822.
author: Nick Mathewson <nickm@torproject.org> 2012-03-28 03:19:00 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-03-28 03:19:00 -0400
commit: 433d7578465e04484d537810096512b5cc61246f (patch)
tree: de201fe472549b9497894033660f979a0b80bd94 /src/or/connection_edge.c
parent: 70c17134c79d9de05408748329c0918158d7deb0 (diff)
download: tor-433d7578465e04484d537810096512b5cc61246f.tar
tor-433d7578465e04484d537810096512b5cc61246f.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index e19d7f077..fb09281fe 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2000,8 +2000,9 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
       if (options->ClientRejectInternalAddresses &&
           !conn->use_begindir && !conn->chosen_exit_name && !circ) {
         tor_addr_t addr;
-        if (tor_addr_parse(&addr, socks->address) >= 0 &&
-            tor_addr_is_internal(&addr, 0)) {
+        if (tor_addr_hostname_is_local(socks->address) ||
+            (tor_addr_parse(&addr, socks->address) >= 0 &&
+             tor_addr_is_internal(&addr, 0))) {
           /* If this is an explicit private address with no chosen exit node,
            * then we really don't want to try to connect to it.  That's
            * probably an error. */
author	Nick Mathewson <nickm@torproject.org>	2012-03-28 03:19:00 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-03-28 03:19:00 -0400
commit	433d7578465e04484d537810096512b5cc61246f (patch)
tree	de201fe472549b9497894033660f979a0b80bd94 /src/or/connection_edge.c
parent	70c17134c79d9de05408748329c0918158d7deb0 (diff)
download	tor-433d7578465e04484d537810096512b5cc61246f.tar tor-433d7578465e04484d537810096512b5cc61246f.tar.gz