diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2019-06-18 17:28:32 +0200 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2019-06-18 17:28:44 +0200 |
| commit | 6c9d3c704f38600c68f897b1dff3ce19c1620be4 (patch) | |
| tree | 2f0700b541133605927349d8ae63e76754b53233 /src/torcontrol.cpp | |
| parent | 8777a80706c51cca2bb154b92e409fe80e35a960 (diff) | |
| parent | 8a2656702b4b5d53d1b8343c3215302e4305a038 (diff) | |
| download | bitcoin-6c9d3c704f38600c68f897b1dff3ce19c1620be4.tar.xz | |
Merge #15651: torcontrol: Use the default/standard network port for Tor hidden services, even if the internal port is set differently
8a2656702b4b5d53d1b8343c3215302e4305a038 torcontrol: Use the default/standard network port for Tor hidden services, even if the internal port is set differently (Luke Dashjr)
Pull request description:
Currently, the hidden service is published on the same port as the public listening port.
But if a non-standard port is configured, this can be used to guess (pretty reliably) that the public IP and the hidden service are the same node.
ACKs for top commit:
practicalswift:
utACK 8a2656702b4b5d53d1b8343c3215302e4305a038
naumenkogs:
utACK 8a26567
laanwj:
utACK 8a2656702b4b5d53d1b8343c3215302e4305a038
Tree-SHA512: 737c8da4f7c3f0bb22a338647d357987f5808156e3f38864168d0d8c2e2b171160812f7da4de11eef602902b304e357d76052950b72d7b3b83535b0fdd05fadc
Diffstat (limited to 'src/torcontrol.cpp')
| -rw-r--r-- | src/torcontrol.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp index 84f54da515..a1c730ba08 100644 --- a/src/torcontrol.cpp +++ b/src/torcontrol.cpp @@ -3,6 +3,7 @@ // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. +#include <chainparams.h> #include <torcontrol.h> #include <util/strencodings.h> #include <netbase.h> @@ -500,7 +501,7 @@ void TorController::add_onion_cb(TorControlConnection& _conn, const TorControlRe } return; } - service = LookupNumeric(std::string(service_id+".onion").c_str(), GetListenPort()); + service = LookupNumeric(std::string(service_id+".onion").c_str(), Params().GetDefaultPort()); LogPrintf("tor: Got service ID %s, advertising service %s\n", service_id, service.ToString()); if (WriteBinaryFile(GetPrivateKeyFile(), private_key)) { LogPrint(BCLog::TOR, "tor: Cached service private key to %s\n", GetPrivateKeyFile().string()); @@ -534,9 +535,8 @@ void TorController::auth_cb(TorControlConnection& _conn, const TorControlReply& if (private_key.empty()) // No private key, generate one private_key = "NEW:RSA1024"; // Explicitly request RSA1024 - see issue #9214 // Request hidden service, redirect port. - // Note that the 'virtual' port doesn't have to be the same as our internal port, but this is just a convenient - // choice. TODO; refactor the shutdown sequence some day. - _conn.Command(strprintf("ADD_ONION %s Port=%i,127.0.0.1:%i", private_key, GetListenPort(), GetListenPort()), + // Note that the 'virtual' port is always the default port to avoid decloaking nodes using other ports. + _conn.Command(strprintf("ADD_ONION %s Port=%i,127.0.0.1:%i", private_key, Params().GetDefaultPort(), GetListenPort()), std::bind(&TorController::add_onion_cb, this, std::placeholders::_1, std::placeholders::_2)); } else { LogPrintf("tor: Authentication failed\n"); |