Tor listeners should never see an STS cap. Add an undocumented 'hide-sts' key for listeners that hides the STS cap. This can be used if the listener is secured at layer 3 or 4 (VPNs, E2E mixnets). It will be necessary to add the relevant IPs to `secure-nets`.

3 년 전 · 7bdbb01238
--- a/irc/client.go
+++ b/irc/client.go
@@ -159,6 +159,7 @@ type Session struct {
 
				
				 	proxiedIP   net.IP
			
 
				
				 	rawHostname string
			
 
				
				 	isTor       bool
			
 
				
				+	hideSTS     bool
			
 
				
				 
			
 
				
				 	fakelag              Fakelag
			
 
				
				 	deferredFakelagCount int
			
@@ -376,6 +377,7 @@ func (server *Server) RunClient(conn IRCConn) {
 
				
				 		realIP:     realIP,
			
 
				
				 		proxiedIP:  proxiedIP,
			
 
				
				 		isTor:      wConn.Config.Tor,
			
 
				
				+		hideSTS:    wConn.Config.Tor || wConn.Config.HideSTS,
			
 
				
				 	}
			
 
				
				 	client.sessions = []*Session{session}
			
 
				
				 
			
--- a/irc/config.go
+++ b/irc/config.go
@@ -59,6 +59,7 @@ type listenerConfigBlock struct {
 
				
				 	Tor       bool
			
 
				
				 	STSOnly   bool `yaml:"sts-only"`
			
 
				
				 	WebSocket bool
			
 
				
				+	HideSTS   bool `yaml:"hide-sts"`
			
 
				
				 }
			
 
				
				 
			
 
				
				 type PersistentStatus uint
			
@@ -532,6 +533,7 @@ type Config struct {
 
				
				 		SecureNetDefs            []string                        `yaml:"secure-nets"`
			
 
				
				 		secureNets               []net.IPNet
			
 
				
				 		supportedCaps            *caps.Set
			
 
				
				+		supportedCapsWithoutSTS  *caps.Set
			
 
				
				 		capValues                caps.Values
			
 
				
				 		Casemapping              Casemapping
			
 
				
				 		EnforceUtf8              bool         `yaml:"enforce-utf8"`
			
@@ -834,6 +836,7 @@ func (conf *Config) prepareListeners() (err error) {
 
				
				 		}
			
 
				
				 		lconf.RequireProxy = block.TLS.Proxy || block.Proxy
			
 
				
				 		lconf.WebSocket = block.WebSocket
			
 
				
				+		lconf.HideSTS = block.HideSTS
			
 
				
				 		conf.Server.trueListeners[addr] = lconf
			
 
				
				 	}
			
 
				
				 	return nil
			
@@ -1371,6 +1374,11 @@ func LoadConfig(filename string) (config *Config, err error) {
 
				
				 		return nil, fmt.Errorf("failed to prepare listeners: %v", err)
			
 
				
				 	}
			
 
				
				 
			
 
				
				+	// #1428: Tor listeners should never see STS
			
 
				
				+	config.Server.supportedCapsWithoutSTS = caps.NewSet()
			
 
				
				+	config.Server.supportedCapsWithoutSTS.Union(config.Server.supportedCaps)
			
 
				
				+	config.Server.supportedCapsWithoutSTS.Disable(caps.STS)
			
 
				
				+
			
 
				
				 	return config, nil
			
 
				
				 }
			
 
				
				 
			
--- a/irc/handlers.go
+++ b/irc/handlers.go
@@ -442,6 +442,8 @@ func capHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Respo
 
				
				 	supportedCaps := config.Server.supportedCaps
			
 
				
				 	if client.isSTSOnly {
			
 
				
				 		supportedCaps = stsOnlyCaps
			
 
				
				+	} else if rb.session.hideSTS {
			
 
				
				+		supportedCaps = config.Server.supportedCapsWithoutSTS
			
 
				
				 	}
			
 
				
				 
			
 
				
				 	badCaps := false
			
--- a/irc/utils/proxy.go
+++ b/irc/utils/proxy.go
@@ -54,6 +54,7 @@ type ListenerConfig struct {
 
				
				 	Tor       bool
			
 
				
				 	STSOnly   bool
			
 
				
				 	WebSocket bool
			
 
				
				+	HideSTS   bool
			
 
				
				 }
			
 
				
				 
			
 
				
				 // read a PROXY header (either v1 or v2), ensuring we don't read anything beyond