Bug #11944: Gobby in Stretch generates UDP:137 broadcasts on the LAN

Bug #11944

Gobby in Stretch generates UDP:137 broadcasts on the LAN

Added by anonym 2016-11-17 12:21:40 . Updated 2017-01-02 19:15:14 .

Status:

Resolved

Priority:

Normal

Assignee:

intrigeri

Category:

Target version:

Tails_3.0

Start date:

2016-11-17

Due date:

% Done:

100%

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

Note: UDP on port 137 is “NETBIOS Name Service”.

These tests:

cucumber features/tor_stream_isolation.feature:33 # Scenario: Gobby is using the default SocksPort
cucumber features/tor_stream_isolation.feature:52 # Scenario: Explicitly torify-wrapped applications are using the default SocksPort
cucumber features/tor_stream_isolation.feature:59 # Scenario: Explicitly torsocks-wrapped applications are using the default SocksPort

fail with something like this:

      Unexpected connections were made:
        #<OpenStruct mac_saddr="50:54:00:34:0d:63", mac_daddr="ff:ff:ff:ff:ff:ff", protocol="udp", saddr="10.2.1.103", daddr="10.2.1.255", sport=33601, dport=137>                                                                              
        #<OpenStruct mac_saddr="50:54:00:34:0d:63", mac_daddr="ff:ff:ff:ff:ff:ff", protocol="udp", saddr="10.2.1.103", daddr="10.2.1.255", sport=37802, dport=137>                                                                              
        #<OpenStruct mac_saddr="50:54:00:34:0d:63", mac_daddr="ff:ff:ff:ff:ff:ff", protocol="udp", saddr="10.2.1.103", daddr="10.2.1.255", sport=36172, dport=137>
        #<OpenStruct mac_saddr="50:54:00:34:0d:63", mac_daddr="ff:ff:ff:ff:ff:ff", protocol="udp", saddr="10.2.1.103", daddr="10.2.1.255", sport=42208, dport=137>
        #<OpenStruct mac_saddr="50:54:00:34:0d:63", mac_daddr="ff:ff:ff:ff:ff:ff", protocol="udp", saddr="10.2.1.103", daddr="10.2.1.255", sport=46939, dport=137>
        #<OpenStruct mac_saddr="50:54:00:34:0d:63", mac_daddr="ff:ff:ff:ff:ff:ff", protocol="udp", saddr="10.2.1.103", daddr="10.2.1.255", sport=54338, dport=137>.
[...]

Subtasks

History

#1 Updated by intrigeri 2017-01-02 18:29:14

Status changed from Confirmed to In Progress
% Done changed from 0 to 10
Type of work changed from Research to Code

Jessie has gobby 0.5.0-4, Stretch has 0.5.0-8. I see nothing in its debian/changelog that could explain this. It’s backend libraries (libinfinity-0.6-0 and libinfgtk3-0.6-0) have only been rebuilt without any source change. libavahi-client3 and libavahi-common3 were upgraded (0.6.31-5 to 0.6.32-1) though. I guess that’s where the change comes from.

This is about https://en.wikipedia.org/wiki/NetBIOS#Name_service, that allows registering and looking up names on a LAN. Best case, it gives a very nice UX for service discovery on the LAN (in this case: connecting to a local Gobby server), which can be super cool for teams working from a single location. Worst case, it leaks things like the hostname on the LAN. We’ve never made any serious attempt at supporting zeroconf and friends, so for now I’m going to explicitly drop datagrams sent to UDP:137 on the LAN. The only practical problem it might cause is making discovery of some network printers harder. Whatever, that’s not worth the risk of announcing our hostname, or worse.

#2 Updated by intrigeri 2017-01-02 19:15:14

Status changed from In Progress to Resolved
% Done changed from 10 to 100

Applied in changeset commit:b1099c14bdac572b85f96e474579301aa81061e4.