Loading changes/ticket31466 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor bugfixes (logging): - Rate-limit our the logging message about the obsolete .exit notation. Previously, there was no limit on this warning, which could potentially be triggered many times by a hostile website. Fixes bug 31466; bugfix on 0.2.2.1-alpha. src/or/connection_edge.c +5 −3 Original line number Diff line number Diff line Loading @@ -1186,7 +1186,9 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, * disallowed when they're coming straight from the client, but you're * allowed to have them in MapAddress commands and so forth. */ if (!strcmpend(socks->address, ".exit") && !options->AllowDotExit) { log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to " static ratelim_t exit_warning_limit = RATELIM_INIT(60*15); log_fn_ratelim(&exit_warning_limit, LOG_WARN, LD_APP, "The \".exit\" notation is disabled in Tor due to " "security risks. Set AllowDotExit in your torrc to enable " "it (at your own risk)."); control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s", Loading Loading
changes/ticket31466 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor bugfixes (logging): - Rate-limit our the logging message about the obsolete .exit notation. Previously, there was no limit on this warning, which could potentially be triggered many times by a hostile website. Fixes bug 31466; bugfix on 0.2.2.1-alpha.
src/or/connection_edge.c +5 −3 Original line number Diff line number Diff line Loading @@ -1186,7 +1186,9 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, * disallowed when they're coming straight from the client, but you're * allowed to have them in MapAddress commands and so forth. */ if (!strcmpend(socks->address, ".exit") && !options->AllowDotExit) { log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to " static ratelim_t exit_warning_limit = RATELIM_INIT(60*15); log_fn_ratelim(&exit_warning_limit, LOG_WARN, LD_APP, "The \".exit\" notation is disabled in Tor due to " "security risks. Set AllowDotExit in your torrc to enable " "it (at your own risk)."); control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s", Loading
