Commit 417d7786 authored by Ravi Chandra Padmala's avatar Ravi Chandra Padmala Committed by Nick Mathewson
Browse files

Respond meaningfully to HTTP requests on the control port. Fix #1667

  (Squashed with bufferevents portions removed, by nickm)
parent 884c0ffe
Loading
Loading
Loading
Loading

changes/bug1667

0 → 100644
+4 −0
Original line number Diff line number Diff line
  o Minor features:
    - If the control port is used as the HTTP proxy, responds with
      a meaningful "This is the Tor control port" message, and logs
      the event. Fixes bug 1667.
+25 −0
Original line number Diff line number Diff line
@@ -2022,6 +2022,31 @@ parse_socks_client(const uint8_t *data, size_t datalen,
  return -1;
}

/** Return true if <b>cmd</b> looks like a HTTP (proxy) request. */
int
peek_buf_has_http_command(buf_t *buf)
{
  if (peek_buf_startswith(buf, "CONNECT ") ||
      peek_buf_startswith(buf, "DELETE ") ||
      peek_buf_startswith(buf, "GET ") ||
      peek_buf_startswith(buf, "POST ") ||
      peek_buf_startswith(buf, "PUT " ))
    return 1;
  return 0;
}

/** Return 1 iff <b>buf</b> starts with <b>cmd</b>. <b>cmd</b> must be a null
 * terminated string */
int
peek_buf_startswith(buf_t *buf, const char *cmd)
{
  int clen = strlen(cmd);
  if (buf->datalen >= clen)
    if (!strncasecmp((buf->head)->data, cmd, (size_t) clen))
      return 1;
  return 0;
}

/** Return 1 iff buf looks more like it has an (obsolete) v0 controller
 * command on it than any valid v1 controller command. */
int
+2 −0
Original line number Diff line number Diff line
@@ -53,6 +53,8 @@ int fetch_from_buf_socks_client(buf_t *buf, int state, char **reason);
int fetch_from_buf_line(buf_t *buf, char *data_out, size_t *data_len);

int peek_buf_has_control0_command(buf_t *buf);
int peek_buf_startswith(buf_t *buf, const char *cmd);
int peek_buf_has_http_command(buf_t *buf);

int fetch_ext_or_command_from_buf(buf_t *buf, ext_or_cmd_t **out);

+38 −0
Original line number Diff line number Diff line
@@ -4882,6 +4882,12 @@ peek_connection_has_control0_command(connection_t *conn)
  return peek_buf_has_control0_command(conn->inbuf);
}

static int
peek_connection_has_http_command(connection_t *conn)
{
  return peek_buf_has_http_command(conn->inbuf);
}

/** Called when data has arrived on a v1 control connection: Try to fetch
 * commands from conn->inbuf, and execute them.
 */
@@ -4921,6 +4927,38 @@ connection_control_process_inbuf(control_connection_t *conn)
    return 0;
  }

  /* If the user has the HTTP proxy port and the control port confused. */
  if (conn->_base.state == CONTROL_CONN_STATE_NEEDAUTH &&
      peek_connection_has_http_command(TO_CONN(conn))) {
    connection_write_str_to_buf("HTTP/1.0 501 Tor ControlPort is not a proxy"
"\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n"
"<html>\n"
"<head>\n"
"<title>Tor's ControlPort is not proxy</title>\n"
"</head>\n"
"<body>\n"
"<h1>Tor's ControlPort is not a proxy</h1>\n"
"<p>\n"
"It appears you have configured your web browser to use Tor's control port"
" as an HTTP proxy.\n"
"This is not correct: Tor's default SOCKS proxy port is 9050.\n"
"Please configure your client accordingly.\n"
"</p>\n"
"<p>\n"
"See <a href=\"https://www.torproject.org/documentation.html\">"
           "https://www.torproject.org/documentation.html</a> for more "
           "information.\n"
"<!-- Plus this comment, to make the body response more than 512 bytes, so "
"     IE will be willing to display it. Comment comment comment comment "
"     comment comment comment comment comment comment comment comment.-->\n"
"</p>\n"
"</body>\n"
"</html>\n", conn);
    log_notice(LD_CONTROL, "Received HTTP request on ControlPort");
    connection_mark_and_flush(TO_CONN(conn));
    return 0;
  }

 again:
  while (1) {
    size_t last_idx;