-
-
Notifications
You must be signed in to change notification settings - Fork 989
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libtorrent 1.1.x privacy leak - connects directly to peers instead of via interface configured in listen_on() #1605
Comments
Here is example output from client.py on v1.1.1 (IP addresses redacted):
You can see that it is connecting to peers anyways:
|
On 1.0.9. output is similar:
But no peers are actually connected:
|
If you have a Fedora system and want to repro, you can do so easily simply by switching between these RPMs: |
The listen interface controls which interface the listen socket binds to. That's incoming connections, as far as I know, it has never meant to affect outgoing connections. I don't believe it's been documented as anything other than that. There's a different setting, in RC_1_1, In RC_1_1 (and I believe 1.1.1) there is some code to attempt to use (platform specific) bind-to-device, to force a socket to communicate over a specific nic. Would you mind rerunning your test and make sure you set the |
I noticed that in the docs and was testing it as well -- but I still see my ISP's IP in the Sample I used:
edit -- it looks to me like the |
You need to use the new settings_pack: http://libtorrent.org/reference-Settings.html#settings_pack
|
That works, thanks! Setting it to an lo or a non-existent interface prevents outgoing connections too, which is the behaviour I was after. Given #1609, would be great to have additional documentation around use of |
There is nothing different in the documentation about using the settings_pack in the bindings, that particular ticket is more to do with an edge use-case. Oh if your issue is resolved could you close this issue. |
This one can be closed and I see the |
libtorrent 1.1.1 ignores its bound interface on start (e.g.
127.0.0.1
) and will initiate connections to peers directly on the default interface anyways, causing privacy leaks when using a VPN.I was able to reproduce this using deluge-daemon (based on Python2 bindings) as well as from the sample client
bindings/python/client.py
(version from libtorrent-1_1_1 git tag) after modifying itslisten_on()
call to initialize to use 127.0.0.1.When binding to 127.0.0.1 or other non-Internet connected interfaces, tracker announces fail and peer connectivity fails as expected but somehow the torrent will have DL/UL traffic anyways.
This issue is NOT present with libtorrent 1.0.9,
OS: Fedora 24 (libtorrent 1.0.9), Fedora 25 (libtorrent 1.1.1)
Arch: x86_64
Compiler: gcc-6.x
The text was updated successfully, but these errors were encountered: