Connecting to an onion service leaks DNS requests to clearnet (#9573) · Issues · gajim / gajim

Connecting to an onion service leaks DNS requests to clearnet

Upon connecting to any .onion account/server the client performs a DNS lookup for _xmppconnect.[...].onion which leaks the requested onion service to the users DNS resolver and its upstreams.

You can watch this happen by running sudo tcpdump udp port 53 -vv -X in any terminal window and then connecting to any (valid or not) .onion.

I don't python, but a patch like the following should fix the issue

diff --git a/gajim/common/connection.py b/gajim/common/connection.py
index 571e00d30..90b0bafd0 100644
--- a/gajim/common/connection.py
+++ b/gajim/common/connection.py
@@ -1078,12 +1078,16 @@ class Connection(CommonConnection, ConnectionHandlers):
         h = hostname
         p = 5222
         ssl_p = 5223
+        use_txt = True
         if use_custom:
             h = custom_h
             p = custom_p
             ssl_p = custom_p
             if not self.redirected:
                 use_srv = False
+        if h.endswith('.onion'):
+            use_srv = False
+            use_txt = False
 
         self.redirected = None
         # SRV resolver
@@ -1095,7 +1099,7 @@ class Connection(CommonConnection, ConnectionHandlers):
         ]
         self._hostname = hostname
 
-        if h:
+        if h and use_txt:
             app.resolver.resolve('_xmppconnect.' + helpers.idn_to_ascii(h),
                                  self._on_resolve_txt, type_='txt')

Upon connecting to any .onion account/server the client performs a DNS lookup for _xmppconnect.[...].onion which leaks the requested onion service to the users DNS resolver and its upstreams.

You can watch this happen by running `sudo tcpdump udp port 53 -vv -X` in any terminal window and then connecting to any (valid or not) .onion.

I don't python, but a patch like the following should fix the issue

```patch
diff --git a/gajim/common/connection.py b/gajim/common/connection.py
index 571e00d30..90b0bafd0 100644
--- a/gajim/common/connection.py
+++ b/gajim/common/connection.py
@@ -1078,12 +1078,16 @@ class Connection(CommonConnection, ConnectionHandlers):
         h = hostname
         p = 5222
         ssl_p = 5223
+        use_txt = True
         if use_custom:
             h = custom_h
             p = custom_p
             ssl_p = custom_p
             if not self.redirected:
                 use_srv = False
+        if h.endswith('.onion'):
+            use_srv = False
+            use_txt = False
 
         self.redirected = None
         # SRV resolver
@@ -1095,7 +1099,7 @@ class Connection(CommonConnection, ConnectionHandlers):
         ]
         self._hostname = hostname
 
-        if h:
+        if h and use_txt:
             app.resolver.resolve('_xmppconnect.' + helpers.idn_to_ascii(h),
                                  self._on_resolve_txt, type_='txt')
```

Edited Feb 08, 2019 by Ghost User