Give a more appropriate "I'm not an HTTP proxy" message when we get an HTTP request on the control port

Right now if you accidentally configure your applications to use the control port as an HTTP proxy or a SOCKS proxy, the applications don't get any useful feedback, and the log messages aren't too helpful. They might tell you that something weird happened, but they won't say what.

When possible, then, the control port should detect HTTP and SOCKS requests. It should respond to HTTP request with a "Tor isn't an HTTP Proxy" message to the HTTP request-maker, and should in both cases log the fact that the control port was used as the wrong kind of proxy.

changed milestone to %Tor: 0.3.2.x-final

added component::core tor/tor milestone::Tor: 0.3.2.x-final owner::nickm points::0.2 priority::very low resolution::implemented review-group-19 reviewer::dgoulet severity::normal status::closed tor-client type::enhancement labels

Trac:
Keywords: N/A deleted, easy added

Trac:
Milestone: N/A to Tor: unspecified

Trac:
Status: new to closed
Actualpointsdone: N/A to N/A
Resolution: N/A to fixed
Actualpoints: N/A to N/A
Points: N/A to N/A
Pointsdone: N/A to N/A

Still present in 0.2.3.0-alpha-dev (git-32796bbe823909b2).

Trac:
Status: closed to reopened
Resolution: fixed to N/A

Now checks for GET, POST and CONNECT requests on the control port and responds/logs appropriately.

My Git branch with the fix: http://repo.or.cz/w/tor/neena.git/shortlog/refs/heads/fix-1667

Trac:
Cc: N/A to neenaoffline@gmail.com
Status: reopened to needs_review

I think we want to send back an HTTP response, not a raw string, right?

We don't want to do this unless the GET/POST/CONNECT/DELETE/whatever comes as the first thing on the control port; I think this patch might make a GET/POST/CONNECT get treated as HTTP at any point on the control port.

Connection_mark_and_flush() seems right here; we don't want to close the connection until it is done flushing.

We usually write multiline strings as "a string on one line\n" "followed by a string on another line\n".

Let's try to get something like this into 0.2.4.x?

Trac:
Status: needs_review to needs_revision

Pushed a commit with the suggested modifications. The same link should work.

I'm not sure if I like what the message looks like right now. I could do with some help with that.

Trac:
Milestone: Tor: unspecified to N/A

Trac:
Milestone: N/A to Tor: unspecified

Trac:
Status: needs_revision to needs_review

TBB no longer includes an HTTP proxy.

According to the message which Tor's SOCKSPort emits when someone attempts to use it as an HTTP proxy/server, you need to send a larger response in order to ensure that Internet Explorer will display it.

Now the control port will silently eat commands with certain names. It should send a reply.

This still might send an HTTP-like response even if the HTTP-request-like line isn't the first thing send on a connection.

strcasecmp should be the wrong function. Perhaps you want strcasecmpstart?

Trac:
Status: needs_review to needs_revision

Replying to rransom:

According to the message which Tor's SOCKSPort emits when someone attempts to use it as an HTTP proxy/server, you need to send a larger response in order to ensure that Internet Explorer will display it.

Looked at it. It helped me understand a lot of things. Also, used the same message, with a few modifications.

Now the control port will silently eat commands with certain names. It should send a reply.

This still might send an HTTP-like response even if the HTTP-request-like line isn't the first thing send on a connection.

I misunderstood something the last time. Should be right now.

strcasecmp should be the wrong function. Perhaps you want strcasecmpstart?

Used a switch-case, like the "Tor is not an HTTP Proxy" code instead.

Trac:
Status: needs_revision to needs_review

Replying to neena:

Replying to rransom:

strcasecmp should be the wrong function. Perhaps you want strcasecmpstart?

Used a switch-case, like the "Tor is not an HTTP Proxy" code instead.

This would be fine except that almost every controller we care about starts its control connections by sending “PROTOCOLINFO\r\n”. You really do need to use something like strcasecmpstart (defined in src/common/util.h and .c; hopefully I'm spelling its name correctly) to compare the first chunk of data with “GET ”, “POST ”, etc.. (The SOCKSPort code only looks at the first byte because the first byte sent on a SOCKS connection must be the SOCKS version number.)

Other than that, looks good!

Replying to rransom:

This would be fine except that almost every controller we care about starts its control connections by sending “PROTOCOLINFO\r\n”. You really do need to use something like strcasecmpstart (defined in src/common/util.h and .c; hopefully I'm spelling its name correctly) to compare the first chunk of data with “GET ”, “POST ”, etc.. (The SOCKSPort code only looks at the first byte because the first byte sent on a SOCKS connection must be the SOCKS version number.)

Made the change. I had (incorrectly) assumed that TC connections begin with an AUTHENTICATE command. So, I decided to use the switch-case in the "not an HTTP Proxy" code instead of strcasecmpstart.

Trac:
Owner: N/A to neena
Status: needs_review to accepted

Trac:
Status: accepted to needs_review

Looks good to me too. Copying your branch into my public repo for archival. We should merge this once 0.2.4.x is open.

Hm. Actually, the strcmpstart() stuff in the last couple of commits isn't right yet. strcmpstart can fail if it gets something other than a NUL-terminated string, and neither buf->data nor the output of inspect_evbuffer() is guaranteed to be NUL-terminated. Also, if you want N characters from inspect_evbuffer, you need to tell it to give you N characters: right now, it is only guaranteed to give one character.

Trac:
Status: needs_review to needs_revision

Replying to nickm:

Hm. Actually, the strcmpstart() stuff in the last couple of commits isn't right yet. strcmpstart can fail if it gets something other than a NUL-terminated string, and neither buf->data nor the output of inspect_evbuffer() is guaranteed to be NUL-terminated. Also, if you want N characters from inspect_evbuffer, you need to tell it to give you N characters: right now, it is only guaranteed to give one character.

Fixed. I think.

Trac:
Status: needs_revision to needs_review

Trac:
Keywords: easy deleted, easy tor-client added

Trac:
Component: Tor Client to Tor

Trac:
Sponsor: N/A to N/A
Severity: N/A to Normal
Points: N/A to small

Trac:
Reviewer: N/A to N/A
Milestone: Tor: unspecified to Tor: 0.3.2.x-final

Trac:
Keywords: easy tor-client deleted, easy, tor-client, review-group-18 added

Trac:
Owner: neena to nickm
Status: needs_review to assigned

I've rebased and squashed neena's original branch, and made a couple of fixes, in branch neena-fix-1667 in my public repository. But now I need another review. :)

Trac:
Keywords: easy, review-group-18 deleted, N/A added
Status: assigned to needs_review

Trac:
Keywords: N/A deleted, review-group-19 added

The fix looks good but tbh I would have put that pile of html in a static const char above the function or something. Else, it increase the size of this function and kind of clobbers the indentation. No strong opinion, just esthetic.

oups... putting in needs_revision but if you are not convinced, that's fine, merge it :).

Trac:
Status: needs_review to needs_revision
Reviewer: N/A to dgoulet
Points: small to 0.2

I've extracted both the "not an HTTP Proxy" messages (this one and the one in buffers.c). Now merging!

Trac:
Resolution: N/A to implemented
Status: needs_revision to closed

I also merged a85ee62e74905af0c685d378be9dfc8ae1935af5 to make the strings static.

closed

changed time estimate to 1h 36m

mentioned in issue #6060 (moved)

moved to tpo/core/tor#1667 (closed)

mentioned in issue tpo/core/tor#6060 (closed)