From 8dc4abdafec7985319ba2fd2294ca8f0916d9cea Mon Sep 17 00:00:00 2001 From: tobtoht Date: Fri, 12 May 2023 12:39:00 +0200 Subject: [PATCH] common: do not use DNS to determine if address is local Co-authored-by: j-berman --- src/common/util.cpp | 35 ++++++++++------------- tests/unit_tests/CMakeLists.txt | 1 + tests/unit_tests/util.cpp | 50 +++++++++++++++++++++++++++++++++ 3 files changed, 66 insertions(+), 20 deletions(-) create mode 100644 tests/unit_tests/util.cpp diff --git a/src/common/util.cpp b/src/common/util.cpp index f0de73a06..4b5e2adb8 100644 --- a/src/common/util.cpp +++ b/src/common/util.cpp @@ -882,13 +882,6 @@ std::string get_nix_version_display_string() bool is_local_address(const std::string &address) { - // always assume Tor/I2P addresses to be untrusted by default - if (is_privacy_preserving_network(address)) - { - MDEBUG("Address '" << address << "' is Tor/I2P, non local"); - return false; - } - // extract host epee::net_utils::http::url_content u_c; if (!epee::net_utils::parse_url(address, u_c)) @@ -902,20 +895,22 @@ std::string get_nix_version_display_string() return false; } - // resolve to IP - boost::asio::io_service io_service; - boost::asio::ip::tcp::resolver resolver(io_service); - boost::asio::ip::tcp::resolver::query query(u_c.host, ""); - boost::asio::ip::tcp::resolver::iterator i = resolver.resolve(query); - while (i != boost::asio::ip::tcp::resolver::iterator()) + if (u_c.host == "localhost" || boost::ends_with(u_c.host, ".localhost")) { // RFC 6761 (6.3) + MDEBUG("Address '" << address << "' is local"); + return true; + } + + boost::system::error_code ec; + const auto parsed_ip = boost::asio::ip::address::from_string(u_c.host, ec); + if (ec) { + MDEBUG("Failed to parse '" << address << "' as IP address: " << ec.message() << ". Considering it not local"); + return false; + } + + if (parsed_ip.is_loopback()) { - const boost::asio::ip::tcp::endpoint &ep = *i; - if (ep.address().is_loopback()) - { - MDEBUG("Address '" << address << "' is local"); - return true; - } - ++i; + MDEBUG("Address '" << address << "' is local"); + return true; } MDEBUG("Address '" << address << "' is not local"); diff --git a/tests/unit_tests/CMakeLists.txt b/tests/unit_tests/CMakeLists.txt index 2efa931bc..147b38dd4 100644 --- a/tests/unit_tests/CMakeLists.txt +++ b/tests/unit_tests/CMakeLists.txt @@ -90,6 +90,7 @@ set(unit_tests_sources hardfork.cpp unbound.cpp uri.cpp + util.cpp varint.cpp ver_rct_non_semantics_simple_cached.cpp ringct.cpp diff --git a/tests/unit_tests/util.cpp b/tests/unit_tests/util.cpp new file mode 100644 index 000000000..9285d2000 --- /dev/null +++ b/tests/unit_tests/util.cpp @@ -0,0 +1,50 @@ +// Copyright (c) 2023-2023, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "gtest/gtest.h" + +#include "common/util.h" + +TEST(LocalAddress, localhost) { ASSERT_TRUE(tools::is_local_address("localhost")); } +TEST(LocalAddress, localhost_port) { ASSERT_TRUE(tools::is_local_address("localhost:18081")); } +TEST(LocalAddress, localhost_suffix) { ASSERT_TRUE(tools::is_local_address("test.localhost")); } +TEST(LocalAddress, loopback) { ASSERT_TRUE(tools::is_local_address("127.0.0.1")); } +TEST(LocalAddress, loopback_port) { ASSERT_TRUE(tools::is_local_address("127.0.0.1:18081")); } +TEST(LocalAddress, loopback_protocol) { ASSERT_TRUE(tools::is_local_address("http://127.0.0.1")); } +TEST(LocalAddress, loopback_hi) { ASSERT_TRUE(tools::is_local_address("127.255.255.255")); } +TEST(LocalAddress, loopback_lo) { ASSERT_TRUE(tools::is_local_address("127.0.0.0")); } +TEST(LocalAddress, loopback_ipv6) { ASSERT_TRUE(tools::is_local_address("[0:0:0:0:0:0:0:1]")); } + +TEST(LocalAddress, onion) { ASSERT_FALSE(tools::is_local_address("vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion")); } +TEST(LocalAddress, i2p) { ASSERT_FALSE(tools::is_local_address("xmrto2bturnore26xmrto2bturnore26xmrto2bturnore26xmr2.b32.i2p")); } +TEST(LocalAddress, valid_ip) { ASSERT_FALSE(tools::is_local_address("1.2.3.4")); } +TEST(LocalAddress, valid_ipv6) { ASSERT_FALSE(tools::is_local_address("[0:0:0:0:0:0:0:2]")); } +TEST(LocalAddress, valid_domain) { ASSERT_FALSE(tools::is_local_address("getmonero.org")); } +TEST(LocalAddress, local_prefix) { ASSERT_FALSE(tools::is_local_address("localhost.com")); } +TEST(LocalAddress, invalid) { ASSERT_FALSE(tools::is_local_address("test")); } +TEST(LocalAddress, empty) { ASSERT_FALSE(tools::is_local_address("")); }