[tor-bugs] #6244 [Tor Client]: MapAddress wildcarding not working right
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Jun 27 00:22:13 UTC 2012
#6244: MapAddress wildcarding not working right
------------------------+---------------------------------------------------
Reporter: grarpamp | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version: Tor: 0.2.3.17-beta
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
MapAddress wildcarding does not seem to be working right.
Note the following three issues via the controller...
1) When using the man documented format to enter the map:
mapaddress *.example.com=*.example.com.<fingerprint>.exit
512 syntax error: invalid address '*.example.com.<fingerprint>.exit'
With no map, I did not check the streams.
2) When chancing upon an alternate format that returns 250:
mapaddress *.example.com=<fingerprint>.exit
250 *.example.com=<fingerprint>.exit
This results in these streams. Which appear to leak badly in that
the first stream to a destination does not honor the exit.
172506 NEW 0 www.example.com:443 PURPOSE=USER
172507 NEW 0 www.example.com:443 PURPOSE=USER
172506 SUCCEEDED 121217 64.34.110.174:443
172507 SUCCEEDED 121219 64.34.110.174.<fingerprint>.exit:443
Note that entering the following related map syntax does not
SUCCEED, which is weird given the above streams:
mapaddress foo.bar.com=<fingerprint>.exit
This one does, which is documented expectation:
mapaddress foo.bar.com=foo.bar.com.<fingerprint>.exit
3) The map in (2) is not removable by the syntax of setting the
source (left) equal to (=) the destination (right):
mapaddress *.example.com=*.example.com
512 syntax error: invalid address '*.example.com'
Seems the solution may/should be...
- Adopt the syntax documented in (1), removing that acting in (2).
- Fix the stream issue shown in (2).
- Allow removal by syntax in (3).
- Document the map removal syntax in the control spec page.
- Check that removal from torrc and sighup works (as that is the
form of the various options in the man page).
- Lint the inputted map to reject '=<fingerprint>.exit' form.
Adding applicable environment...
trackhostexits .
trackhostexitsexpire 604800
allowdotexit 1
signal NEWNYM
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6244>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list