Bug: improperly bound listen addresses?
grarpamp
grarpamp at gmail.com
Wed Aug 6 18:50:17 UTC 2008
> I don't know of any way to tell the resolver routines to bind
> only to a particular network interface for sending their queries.
Not possible as of yet. But likely moot...
> AFAIK, tor uses the resolver library, so adding a command line/torrc
> option like you're asking for would have no effect.
sockstat/netstat always shows tor as having a connection tacked up
to the DNS servers specified in resolv.conf. I wasn't seeing any
gethostby* calls as other applications do, so I poked around...
eventdns.c
2098 _evdns_nameserver_add_impl(u32 address, int port) {
2117 ns->socket = socket(PF_INET, SOCK_DGRAM, 0);
2131 if (connect(ns->socket, (struct sockaddr *) &sin,
So I stuck this right before 2131:
printf("CONNECTevdns2131: %s\n", debug_ntoa(address));
and get:
CONNECTevdns2131: <nameserver_ip_from_resolv_conf> 53
Looks to me like a standalone DNS client implementation, bypassing
the resolver, no? ... Then me, not being great with C, might suggest
replacing the:
socket [dgram] --> connect [remote]
call order from the above with:
socket [dgram] --> bind [local] --> connect [remote]
That 'bind [local]' would honor a new -DNSClientAddress option.
And optionally a new -DNSClientPort option. And since the name
'resolv.conf' confusingly implies use of the normal system resolver
routines, some clarity regarding its actual usage could be added
to the docs.
I know about -DNSPort, -DNSListenAddress, that isn't part of the
above. Though -ServerDNS* are related to it.
Feel free to slap me with a wet fish if I'm being way off base and
clueless here :) But I'm wearing pretty strong deodorant now.
More information about the tor-talk
mailing list