echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

i2ptunnel: More localhost checks

Browse Source
This commit is contained in:
zzz
2019-02-01 13:03:40 +00:00
parent 316011e047
commit ec5e2dba94
3 changed files with 15 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelConnectClient.java
View File

@ -203,7 +203,8 @@ public class I2PTunnelConnectClient extends I2PTunnelHTTPClientBase implements R
restofline = request.substring(pos); // ":80 HTTP/1.1" or " HTTP/1.1"
}
if (host.toLowerCase(Locale.US).endsWith(".i2p")) {
String hostLowerCase = host.toLowerCase(Locale.US);
if (hostLowerCase.endsWith(".i2p")) {
// Destination gets the host name
destination = host;
} else if (host.contains(".") || host.startsWith("[")) {
@ -235,7 +236,9 @@ public class I2PTunnelConnectClient extends I2PTunnelHTTPClientBase implements R
usingWWWProxy = true;
newRequest.append("CONNECT ").append(host).append(restofline).append("\r\n"); // HTTP spec
}
} else if (host.toLowerCase(Locale.US).equals("localhost")) {
} else if (hostLowerCase.equals("localhost") || host.equals("127.0.0.1") ||
hostLowerCase.endsWith(".localhost") ||
host.startsWith("192.168.") || host.equals("[::1]")) {
writeErrorMessage(ERR_LOCALHOST, out);
return;
} else { // full b64 address (hopefully)

7
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/socks/SOCKS4aServer.java
View File

@ -210,7 +210,8 @@ class SOCKS4aServer extends SOCKSServer {
I2PSocket destSock;
try {
if (connHostName.toLowerCase(Locale.US).endsWith(".i2p")) {
String hostLowerCase = connHostName.toLowerCase(Locale.US);
if (hostLowerCase.endsWith(".i2p")) {
Destination dest = _context.namingService().lookup(connHostName);
if (dest == null) {
try {
@ -224,7 +225,9 @@ class SOCKS4aServer extends SOCKSServer {
I2PSocketOptions sktOpts = t.buildOptions(overrides);
sktOpts.setPort(connPort);
destSock = t.createI2PSocket(dest, sktOpts);
} else if ("localhost".equals(connHostName) || "127.0.0.1".equals(connHostName)) {
} else if ("localhost".equals(hostLowerCase) || "127.0.0.1".equals(connHostName) ||
hostLowerCase.endsWith(".localhost") ||
connHostName.startsWith("192.168.") || connHostName.equals("[::1]")) {
String err = "No localhost accesses allowed through the Socks Proxy";
_log.error(err);
try {

7
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/socks/SOCKS5Server.java
View File

@ -369,7 +369,8 @@ class SOCKS5Server extends SOCKSServer {
I2PSocket destSock;
try {
if (connHostName.toLowerCase(Locale.US).endsWith(".i2p")) {
String hostLowerCase = connHostName.toLowerCase(Locale.US);
if (hostLowerCase.endsWith(".i2p")) {
// Let's not do a new Dest for every request, huh?
//I2PSocketManager sm = I2PSocketManagerFactory.createManager();
//destSock = sm.connect(I2PTunnel.destFromName(connHostName), null);
@ -386,7 +387,9 @@ class SOCKS5Server extends SOCKSServer {
I2PSocketOptions sktOpts = t.buildOptions(overrides);
sktOpts.setPort(connPort);
destSock = t.createI2PSocket(dest, sktOpts);
} else if ("localhost".equals(connHostName) || "127.0.0.1".equals(connHostName)) {
} else if (hostLowerCase.equals("localhost") || connHostName.equals("127.0.0.1") ||
hostLowerCase.endsWith(".localhost") ||
connHostName.startsWith("192.168.") || connHostName.equals("[::1]")) {
String err = "No localhost accesses allowed through the Socks Proxy";
_log.error(err);
try {