You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/wgengine/tsdns
Christine Dodrill b89c757817 wgengine/tsdns: explicitly reject .onion lookups
Tor has a location-hidden service feature that enables users to host services
from inside the Tor network. Each of these gets a unique DNS name that ends with
.onion. As it stands now, if a misbehaving application somehow manages to make
a .onion DNS request to our DNS server, we will forward that to the DNS server,
which could leak that to malicious third parties. See the recent bug Brave had
with this[1] for more context.

RFC 7686 suggests that name resolution APIs and libraries MUST respond with
NXDOMAIN unless they can actually handle Tor lookups. We can't handle .onion
lookups, so we reject them.

[1]: https://twitter.com/albinowax/status/1362737949872431108

Fixes tailscale/corp#1351

Signed-off-by: Christine Dodrill <xe@tailscale.com>
4 years ago
..
forwarder.go wgengine/tsdns: use netns to obtain a socket 4 years ago
map.go ipn: delete domainsForProxying, require explicit DNS search domains (mapver 9) (#1078) 4 years ago
map_test.go tailcfg, tsdns: derive root domains from list of nodes (#708) 4 years ago
neterr_darwin.go wgengine/tsdns: replace connections when net link changes (macOS) 4 years ago
neterr_other.go ipn, wgengine, magicsock, tsdns: be quieter and less aggressive when offline 4 years ago
neterr_windows.go ipn, wgengine, magicsock, tsdns: be quieter and less aggressive when offline 4 years ago
tsdns.go wgengine/tsdns: explicitly reject .onion lookups 4 years ago
tsdns_server_test.go wgengine/tsdns: skip test that requires local IPv6 when IPv6 unavailable 4 years ago
tsdns_test.go wgengine/tsdns: explicitly reject .onion lookups 4 years ago