| commit | 411ec3c0f8cd4786233a3bc274cb2b766d4bfe7c | |
| author | Nick Mathewson <nickm@torproject.org> | |
| Wed, 26 Jan 2011 01:39:44 +0000 (25 20:39 -0500) | ||
| committer | Nick Mathewson <nickm@torproject.org> | |
| Wed, 26 Jan 2011 01:39:44 +0000 (25 20:39 -0500) | ||
| tree | f48f77c8f33b73f9d386c87026c87b0d1a2055d1 | treesnapshot (tar.gz zip) |
| parent | 85da676108f0de765301f961bc58aebd139a5564 | commitdiff |
Add client code to detect attempts to connect to 127.0.0.1 etc
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).
This can also help detect forwarding loop requests.
Found as part of bug2279.
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).
This can also help detect forwarding loop requests.
Found as part of bug2279.