summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2004-08-07 00:19:14 +0000
committerRoger Dingledine <arma@torproject.org>2004-08-07 00:19:14 +0000
commit9952b37456c03b09e5768aaf7e3cf8baa2353d84 (patch)
tree4c3c08d04575193b32c2c8db9e5fb815c57e9f50
parent810ebc80d0e7b2ff63628a207382cae24e110d0a (diff)
downloadtor-9952b37456c03b09e5768aaf7e3cf8baa2353d84.tar.gz
tor-9952b37456c03b09e5768aaf7e3cf8baa2353d84.zip
reject tor-resolve requests for .onion addresses early
svn:r2174
Diffstat
-rw-r--r--src/or/connection_edge.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 2fe85e5416..f8cdbe139b 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -401,11 +401,20 @@ static int connection_ap_handshake_process_socks(connection_t *conn) {
return connection_ap_handshake_attach_circuit(conn);
} else {
/* it's a hidden-service request */
- /* XXX008 what does it mean to socks-resolve a hidden service? should
- * we fail those right here? */
rend_cache_entry_t *entry;
int r;
+ if (socks->command == SOCKS_COMMAND_RESOLVE) {
+ /* if it's a resolve request, fail it right now, rather than
+ * building all the circuits and then realizing it won't work. */
+ connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL);
+ conn->socks_request->has_finished = 1;
+ conn->has_sent_end = 1;
+ connection_mark_for_close(conn);
+ conn->hold_open_until_flushed = 1;
+ return 0;
+ }
+
strcpy(conn->rend_query, socks->address); /* this strcpy is safe -RD */
log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query);
/* see if we already have it cached */
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion