From b0446f412aaab194a1bc0115eade88ce4ee131a1 Mon Sep 17 00:00:00 2001 From: Peter Surda Date: Fri, 10 Jun 2016 13:21:31 +0200 Subject: [PATCH] Prevent leaking of tor relay IP - when running a hidden service, the IP of the tor relay was a part of the verack message. In setups where it's not 127.0.0.1 it may leak info about network topology - thanks for an anonymous bug report --- src/shared.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/shared.py b/src/shared.py index 2665c4de..87d8d2b5 100644 --- a/src/shared.py +++ b/src/shared.py @@ -263,8 +263,12 @@ def assembleVersionMessage(remoteHost, remotePort, myStreamNumber, server = Fals payload += pack( '>q', 1) # boolservices of remote connection; ignored by the remote host. - payload += encodeHost(remoteHost) - payload += pack('>H', remotePort) # remote IPv6 and port + if checkSocksIP(remoteHost) and server: # prevent leaking of tor outbound IP + payload += encodeHost('127.0.0.1') + payload += pack('>H', 8444) + else: + payload += encodeHost(remoteHost) + payload += pack('>H', remotePort) # remote IPv6 and port payload += pack('>q', 1) # bitflags of the services I offer. payload += '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFF\xFF' + pack(