[or-cvs] [tor/master] tor-resolve: Don't automatically refuse .onion addresses.

Nick Mathewson nickm at seul.org
Thu Jun 18 15:10:29 UTC 2009


Author: Nick Mathewson <nickm at torproject.org>
Date: Thu, 18 Jun 2009 11:08:10 -0400
Subject: tor-resolve: Don't automatically refuse .onion addresses.
Commit: 298dc95dfd84877f1e231426322c02240303815e

If the Tor is running with AutomapHostsOnResolve set, it _is_
reasonable to do a DNS lookup on a .onion address.  So instead we make
tor-resolve willing to try to resolve anything.  Only if Tor refuses
to resolve it do we suggest to the user that resolving a .onion
address may not work.

Fix for bug 1005.
---
 ChangeLog               |    2 ++
 src/tools/tor-resolve.c |   28 ++++++++++++++++++----------
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f9457ed..f2da854 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,8 @@ Changes in version 0.2.1.16-?? - 2009-??-??
 
   o Minor features:
     - Update to the "June 3 2009" ip-to-country file.
+    - Do not have tor-resolve automatically refuse all .onion addresses;
+      if AutomapHostsOnResolve is set, this will work fine.
 
   o Minor bugfixes (on 0.2.0.x):
     - Log correct error messages for DNS-related network errors on
diff --git a/src/tools/tor-resolve.c b/src/tools/tor-resolve.c
index ca75a5a..fe4e882 100644
--- a/src/tools/tor-resolve.c
+++ b/src/tools/tor-resolve.c
@@ -107,7 +107,8 @@ build_socks_resolve_request(char **out,
  * Return 0 on success, -1 on error.
  */
 static int
-parse_socks4a_resolve_response(const char *response, size_t len,
+parse_socks4a_resolve_response(const char *hostname,
+                               const char *response, size_t len,
                                uint32_t *addr_out)
 {
   uint8_t status;
@@ -129,6 +130,13 @@ parse_socks4a_resolve_response(const char *response, size_t len,
   }
   if (status != 90) {
     log_warn(LD_NET,"Got status response '%d': socks request failed.", status);
+    if (!strcasecmpend(hostname, ".onion")) {
+      log_warn(LD_NET,
+        "%s is a hidden service; those don't have IP addresses. "
+        "To connect to a hidden service, you need to send the hostname "
+        "to Tor; we suggest an application that uses SOCKS 4a.",hostname);
+      return -1;
+    }
     return -1;
   }
 
@@ -241,7 +249,8 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
       log_err(LD_NET, "Error reading SOCKS4 response.");
       return -1;
     }
-    if (parse_socks4a_resolve_response(reply_buf, RESPONSE_LEN_4,
+    if (parse_socks4a_resolve_response(hostname,
+                                       reply_buf, RESPONSE_LEN_4,
                                        result_addr)<0){
       return -1;
     }
@@ -260,6 +269,13 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
       log_warn(LD_NET,"Got SOCKS5 status response '%u': %s",
                (unsigned)reply_buf[1],
                socks5_reason_to_string(reply_buf[1]));
+      if (reply_buf[1] == 4 && !strcasecmpend(hostname, ".onion")) {
+        log_warn(LD_NET,
+            "%s is a hidden service; those don't have IP addresses. "
+            "To connect to a hidden service, you need to send the hostname "
+            "to Tor; we suggest an application that uses SOCKS 4a.",
+            hostname);
+      }
       return -1;
     }
     if (reply_buf[3] == 1) {
@@ -396,14 +412,6 @@ main(int argc, char **argv)
     usage();
   }
 
-  if (!strcasecmpend(arg[0], ".onion") && !force) {
-    fprintf(stderr,
-       "%s is a hidden service; those don't have IP addresses.\n\n"
-       "To connect to a hidden service, you need to send the hostname\n"
-       "to Tor; we suggest an application that uses SOCKS 4a.\n", arg[0]);
-    return 1;
-  }
-
   if (network_init()<0) {
     log_err(LD_BUG,"Error initializing network; exiting.");
     return 1;
-- 
1.5.6.5



More information about the tor-commits mailing list