diff options
| author | Roger Dingledine <arma@torproject.org> | 2005-12-09 02:46:46 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2005-12-09 02:46:46 +0000 |
| commit | a438f2abcd3252ca786a15042b597714a99b1ab1 (patch) | |
| tree | fc9a69c683a322335a194e060bc1bcf044e3d593 | |
| parent | c0a6e2232cb7ca4a2c14ca8153f184f5a43cdc15 (diff) | |
| download | tor-a438f2abcd3252ca786a15042b597714a99b1ab1.tar.gz tor-a438f2abcd3252ca786a15042b597714a99b1ab1.zip | |
let the user configure a sockslistenaddress on other private IPs
besides 127.x.y.z without complaining.
and give a better message in the log.
svn:r5544
| -rw-r--r-- | src/or/config.c | 24 | ||||
| -rw-r--r-- | src/or/dirserv.c | 2 |
2 files changed, 12 insertions, 14 deletions
diff --git a/src/or/config.c b/src/or/config.c index 31a279c58e..14f09fe306 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1420,7 +1420,7 @@ resolve_my_address(or_options_t *options, uint32_t *addr_out, char **hostname_ou } tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf)); - if (is_internal_IP(htonl(in.s_addr)) && !options->NoPublish) { + if (is_internal_IP(htonl(in.s_addr), 0) && !options->NoPublish) { /* make sure we're ok with publishing an internal IP */ if (!options->DirServers) { /* if they are using the default dirservers, disallow internal IPs always. */ @@ -1744,8 +1744,8 @@ options_validate(or_options_t *old_options, or_options_t *options) int result = 0; config_line_t *cl; addr_policy_t *addr_policy=NULL; -#define REJECT(arg) do { log(LOG_WARN, LD_CONFIG, arg); result = -1; } while (0) -#define COMPLAIN(arg) do { log(LOG_WARN, LD_CONFIG, arg); } while (0) +#define REJECT(arg...) do { log(LOG_WARN, LD_CONFIG, arg); result = -1; } while (0) +#define COMPLAIN(arg...) do { log(LOG_WARN, LD_CONFIG, arg); } while (0) if (options->ORPort < 0 || options->ORPort > 65535) REJECT("ORPort option out of bounds."); @@ -1764,20 +1764,18 @@ options_validate(or_options_t *old_options, or_options_t *options) if (options->SocksListenAddress) { config_line_t *line = NULL; - int binding_on_public_addr = 0; + char *address = NULL; for (line = options->SocksListenAddress; line; line = line->next) { uint16_t port; uint32_t addr; - if (parse_addr_port(line->value, NULL, &addr, &port)<0) + if (parse_addr_port(line->value, &address, &addr, &port)<0) continue; /* We'll warn about this later. */ - if ((addr & 0xff000000u) != 0x7f000000u) - binding_on_public_addr = 1; - } - if (binding_on_public_addr && - (!old_options || !config_lines_eq(old_options->SocksListenAddress, - options->SocksListenAddress))) { - /* XXXX This should be a better warning. */ - COMPLAIN("Binding to a public address for SOCKS listener."); + if (!is_internal_IP(addr, 1) && + (!old_options || !config_lines_eq(old_options->SocksListenAddress, + options->SocksListenAddress))) { + COMPLAIN("You specified a public address '%s' for a SOCKS listener. Other people on the Internet might find your computer and use it as an open SOCKS proxy. Please don't allow this unless you have a good reason.", address); + } + tor_free(address); } } diff --git a/src/or/dirserv.c b/src/or/dirserv.c index b2a3c3cfd0..3dbe204286 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -399,7 +399,7 @@ dirserv_router_has_valid_address(routerinfo_t *ri) ri->nickname, ri->address); return -1; } - if (is_internal_IP(ntohl(iaddr.s_addr))) { + if (is_internal_IP(ntohl(iaddr.s_addr), 0)) { info(LD_DIRSERV, "Router '%s' published internal IP address '%s'. Refusing.", ri->nickname, ri->address); |