Unverified Commit 6bfdd096 authored by teor's avatar teor
Browse files

Merge remote-tracking branch 'tor-github/pr/1343' into maint-0.3.5

parents 15d67842 bf4a27c0

changes/ticket31466

0 → 100644
+5 −0
Original line number Diff line number Diff line 
  o Minor bugfixes (logging):

    - Rate-limit our the logging message about the obsolete .exit notation.

      Previously, there was no limit on this warning, which could potentially

      be triggered many times by a hostile website. Fixes bug 31466;

      bugfix on 0.2.2.1-alpha.

src/core/or/connection_edge.c

+4 −2
Original line number Diff line number Diff line
@@ -1598,7 +1598,9 @@ connection_ap_handshake_rewrite(entry_connection_t *conn, 
   * disallowed when they're coming straight from the client, but you're

   * allowed to have them in MapAddress commands and so forth. */

  if (!strcmpend(socks->address, ".exit")) {

    log_warn(LD_APP, "The  \".exit\" notation is disabled in Tor due to "

    static ratelim_t exit_warning_limit = RATELIM_INIT(60*15);

    log_fn_ratelim(&exit_warning_limit, LOG_WARN, LD_APP,

                   "The  \".exit\" notation is disabled in Tor due to "

                   "security risks.");

    control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",

                                escaped(socks->address));