aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2021-10-19 10:43:54 -0400
committerDavid Goulet <dgoulet@torproject.org>2021-10-19 10:59:19 -0400
commitd455f9e18a9cef290b9976974065c83f13e16832 (patch)
tree4623887fab08b68da2cb3ac31c5844e876247cb5
parent2a705e81a33879aad658ad2c824aeaa8e7f03eed (diff)
downloadtor-d455f9e18a9cef290b9976974065c83f13e16832.tar.gz
tor-d455f9e18a9cef290b9976974065c83f13e16832.zip
hs: v2 address are now considered a bad hostname
This means that at this commit, tor will stop logging that v2 is deprecated and treat a v2 address as a bad hostname that we can't use. Part of #40476 Signed-off-by: David Goulet <dgoulet@torproject.org>
-rw-r--r--changes/ticket4047611
-rw-r--r--src/core/or/connection_edge.c24
-rw-r--r--src/core/or/connection_edge.h1
3 files changed, 6 insertions, 30 deletions
diff --git a/changes/ticket40476 b/changes/ticket40476
index 062e36f9bc..7179d8b1c6 100644
--- a/changes/ticket40476
+++ b/changes/ticket40476
@@ -1,8 +1,7 @@
- o Major feature (onion service v2):
- - Tor does NOT allow anymore to create v2 services, to connect as a client
- to a v2 service and for a relay to be a v2 HSDir or introduction point.
- This effectively disable onion service version 2 tor wide. Closes 40476.
- - The control port command HSFETCH and HSPOST don't allow version 2 as well.
- It is also not possible to create a v2 service with ADD_ONION.
+ o Minor feature (onion service v2):
+ - Onion service v2 address are now not recognized anymore by tor meaning a
+ bad hostname is returned when attempting to pass it on a SOCKS
+ connection. No more deprecation log is emitted client side. Closes
+ ticket 40476.
- See https://blog.torproject.org/v2-deprecation-timeline for details on
how to transition from v2 to v3.
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index 40816dbe66..ea4bf00735 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -2233,7 +2233,7 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
}
/* Now, we handle everything that isn't a .onion address. */
- if (addresstype != ONION_V3_HOSTNAME && addresstype != ONION_V2_HOSTNAME) {
+ if (addresstype != ONION_V3_HOSTNAME) {
/* Not a hidden-service request. It's either a hostname or an IP,
* possibly with a .exit that we stripped off. We're going to check
* if we're allowed to connect/resolve there, and then launch the
@@ -2518,28 +2518,6 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
return 0;
} else {
/* If we get here, it's a request for a .onion address! */
-
- /* We don't support v2 onions anymore. Log a warning and bail. */
- if (addresstype == ONION_V2_HOSTNAME) {
- static bool log_once = false;
- if (!log_once) {
- log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but "
- "this version of Tor no longer supports them. Please "
- "encourage the site operator to upgrade. For more "
- "information see "
- "https://blog.torproject.org/v2-deprecation-timeline.");
- log_once = true;
- }
- control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
- escaped(socks->address));
- /* Send back the 0xF6 extended code indicating a bad hostname. This is
- * mostly so Tor Browser can make a proper UX with regards to v2
- * addresses. */
- conn->socks_request->socks_extended_error_code = SOCKS5_HS_BAD_ADDRESS;
- connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
- return -1;
- }
-
tor_assert(addresstype == ONION_V3_HOSTNAME);
tor_assert(!automap);
return connection_ap_handle_onion(conn, socks, circ);
diff --git a/src/core/or/connection_edge.h b/src/core/or/connection_edge.h
index 72869f348b..966a9391d8 100644
--- a/src/core/or/connection_edge.h
+++ b/src/core/or/connection_edge.h
@@ -80,7 +80,6 @@ typedef enum hostname_type_t {
BAD_HOSTNAME,
EXIT_HOSTNAME,
NORMAL_HOSTNAME,
- ONION_V2_HOSTNAME,
ONION_V3_HOSTNAME,
} hostname_type_t;