Unverified Commit 6bfdd096 authored by teor's avatar teor
Browse files

Merge remote-tracking branch 'tor-github/pr/1343' into maint-0.3.5

parents 15d67842 bf4a27c0
o Minor bugfixes (logging):
- Rate-limit our the logging message about the obsolete .exit notation.
Previously, there was no limit on this warning, which could potentially
be triggered many times by a hostile website. Fixes bug 31466;
bugfix on
......@@ -1598,8 +1598,10 @@ connection_ap_handshake_rewrite(entry_connection_t *conn,
* disallowed when they're coming straight from the client, but you're
* allowed to have them in MapAddress commands and so forth. */
if (!strcmpend(socks->address, ".exit")) {
log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to "
"security risks.");
static ratelim_t exit_warning_limit = RATELIM_INIT(60*15);
log_fn_ratelim(&exit_warning_limit, LOG_WARN, LD_APP,
"The \".exit\" notation is disabled in Tor due to "
"security risks.");
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment