exit-policy-reject-star relays should refuse dns?

lodger points out that non-exit relays could reject dns and reverse dns attempts. (Currently clients try not to ask them any questions, but the relays don't enforce it. Non-exit relays might be surprised at the dns requests they are forced to do. "also permit reverse resolve for private addresses, which could lead to leaks of names, in normal circumstances, only available locally."

Here's his patch:

--- dns.c Tue Feb 26 19:56:28 2008 +++ dns.c Sat Mar 8 12:11:34 2008 @@ -550,7 +550,12 @@ char *hostname = NULL; is_resolve = exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE;

• r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);

• routerinfo_t *me = router_get_my_routerinfo();
• if (is_resolve && me &&

•  policy_is_reject_star(me->exit_policy)) /* non-exit */

• r = -1;
• else
• r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname); switch (r) { case 1: /* We got an answer without a lookup -- either the answer was @@ -659,9 +664,12 @@ * .in-addr.arpa address but this isn't a resolve request, kill the * connection. */

• if ((r = parse_inaddr_arpa_address(exitconn->_base.address, NULL)) != 0) {
• if (r == 1)

• if ((r = parse_inaddr_arpa_address(exitconn->_base.address, &in)) != 0) {

• if (r == 1) { is_reverse = 1;

•     if (is_internal_IP(ntohl(in.s_addr), 0)) /* internal address */

•       return -1;

• }

  if (!is_reverse || !is_resolve) { if (!is_reverse)

[Automatically added by flyspray2trac: Operating System: All]