Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 833
    • Issues 833
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 34
    • Merge requests 34
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #17949

Closed
Open
Created Dec 29, 2015 by teor@teor

Make loopback address search more accurate

legacy/trac#17901 (moved) and legacy/trac#11360 (moved) search local interfaces for loopback addresses.

We could make this more efficient by using the flags returned with each address:

  • getifaddrs returns struct ifaddrs with ifa_flags which has IFF_LOOPBACK
  • ioctl(.,SIOCGIFCONF,.) returns struct ifreq with ifr_flags which has IFF_LOOPBACK
  • GetAdaptersAddresses (Win32) returns IP_ADAPTER_ADDRESSES with IfType which has IF_TYPE_SOFTWARE_LOOPBACK
    • Also pass GAA_FLAG_SKIP_FRIENDLY_NAME as we never use it
  • tor_getsockname/get_interface_address6_via_udp_socket_hack connects to a public address. When passed the localhost flag, it could connect to a loopback address, but this seems rather tautologous, and it's hard to know which loopback address to pick in 127/8. Alternately, we could lookup localhost using the resolver, and check the returned address is 127/8 or ::1 (otherwise, broken DNS configs could lead to security issues).

A design for this could be:

  • pass a flag to get_interface_address* indicating whether we want loopback addresses
  • pass that flag down to get_interface_addresses_raw
  • pass that flag to the API-specific functions
  • when converting the address to a smartlist, include/exclude addresses matching the specified types
    • always exclude tor_addr_is_null()
    • always exclude addresses matching tor_addr_is_multicast
  • for extra points, create a flags argument for:
    • loopback
      • this will require disabling the checks for tor_addr_is_loopback() in get_interface_address6_list() and get_interface_address6_via_udp_socket_hack(), see legacy/trac#17901 (moved)
    • listen any (0.0.0.0 and [::], needs tor_addr_is_listen_any())
    • link-local (needs tor_addr_is_link_local())
    • other internal/private
    • public
    • with #defines:
      • _INTERNAL: everything except public
      • _INTERNAL_FOR_LISTENING: everything except public and listen any

After doing this, refactor the changes in legacy/trac#17901 (moved) and legacy/trac#11360 (moved), and all existing code, to use the new flags argument.

This will also resolve issues where systems have addresses other than 127.0.0.0/8 or ::1 as the loopback address (like some BSD jails and OpenVZ). But we're not too worried about this, they're non-standards-compliant, so the operator can configure the exact address correctly, as long as we fail with an informative message.

I need this to do legacy/trac#17835 (moved), I'll likely do it then if no-one gets to it first.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking