Prevent leaking of tor relay IP

- when running a hidden service, the IP of the tor relay was a part of
  the verack message. In setups where it's not 127.0.0.1 it may leak
  info about network topology
- thanks for an anonymous bug report
This commit is contained in:
Peter Šurda 2016-06-10 13:21:31 +02:00
parent fbed1eff31
commit b0446f412a
Signed by: PeterSurda
GPG Key ID: 0C5F50C0B5F37D87

View File

@ -263,8 +263,12 @@ def assembleVersionMessage(remoteHost, remotePort, myStreamNumber, server = Fals
payload += pack(
'>q', 1) # boolservices of remote connection; ignored by the remote host.
payload += encodeHost(remoteHost)
payload += pack('>H', remotePort) # remote IPv6 and port
if checkSocksIP(remoteHost) and server: # prevent leaking of tor outbound IP
payload += encodeHost('127.0.0.1')
payload += pack('>H', 8444)
else:
payload += encodeHost(remoteHost)
payload += pack('>H', remotePort) # remote IPv6 and port
payload += pack('>q', 1) # bitflags of the services I offer.
payload += '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFF\xFF' + pack(