summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2009-06-18 11:08:10 -0400
committerNick Mathewson <nickm@torproject.org>2009-06-18 11:08:10 -0400
commit298dc95dfd84877f1e231426322c02240303815e (patch)
tree22c0fd1b094b7fb6c47353ef6e623bd5ee238e14
parent3847f54945933a11d14053b80427f268ffcfd8ad (diff)
downloadtor-298dc95dfd84877f1e231426322c02240303815e.tar.gz
tor-298dc95dfd84877f1e231426322c02240303815e.zip
tor-resolve: Don't automatically refuse .onion addresses.
If the Tor is running with AutomapHostsOnResolve set, it _is_ reasonable to do a DNS lookup on a .onion address. So instead we make tor-resolve willing to try to resolve anything. Only if Tor refuses to resolve it do we suggest to the user that resolving a .onion address may not work. Fix for bug 1005.
-rw-r--r--ChangeLog2
-rw-r--r--src/tools/tor-resolve.c28
2 files changed, 20 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index f9457edf0e..f2da854be8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,8 @@ Changes in version 0.2.1.16-?? - 2009-??-??
o Minor features:
- Update to the "June 3 2009" ip-to-country file.
+ - Do not have tor-resolve automatically refuse all .onion addresses;
+ if AutomapHostsOnResolve is set, this will work fine.
o Minor bugfixes (on 0.2.0.x):
- Log correct error messages for DNS-related network errors on
diff --git a/src/tools/tor-resolve.c b/src/tools/tor-resolve.c
index ca75a5a56c..fe4e882416 100644
--- a/src/tools/tor-resolve.c
+++ b/src/tools/tor-resolve.c
@@ -107,7 +107,8 @@ build_socks_resolve_request(char **out,
* Return 0 on success, -1 on error.
*/
static int
-parse_socks4a_resolve_response(const char *response, size_t len,
+parse_socks4a_resolve_response(const char *hostname,
+ const char *response, size_t len,
uint32_t *addr_out)
{
uint8_t status;
@@ -129,6 +130,13 @@ parse_socks4a_resolve_response(const char *response, size_t len,
}
if (status != 90) {
log_warn(LD_NET,"Got status response '%d': socks request failed.", status);
+ if (!strcasecmpend(hostname, ".onion")) {
+ log_warn(LD_NET,
+ "%s is a hidden service; those don't have IP addresses. "
+ "To connect to a hidden service, you need to send the hostname "
+ "to Tor; we suggest an application that uses SOCKS 4a.",hostname);
+ return -1;
+ }
return -1;
}
@@ -241,7 +249,8 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
log_err(LD_NET, "Error reading SOCKS4 response.");
return -1;
}
- if (parse_socks4a_resolve_response(reply_buf, RESPONSE_LEN_4,
+ if (parse_socks4a_resolve_response(hostname,
+ reply_buf, RESPONSE_LEN_4,
result_addr)<0){
return -1;
}
@@ -260,6 +269,13 @@ do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
log_warn(LD_NET,"Got SOCKS5 status response '%u': %s",
(unsigned)reply_buf[1],
socks5_reason_to_string(reply_buf[1]));
+ if (reply_buf[1] == 4 && !strcasecmpend(hostname, ".onion")) {
+ log_warn(LD_NET,
+ "%s is a hidden service; those don't have IP addresses. "
+ "To connect to a hidden service, you need to send the hostname "
+ "to Tor; we suggest an application that uses SOCKS 4a.",
+ hostname);
+ }
return -1;
}
if (reply_buf[3] == 1) {
@@ -396,14 +412,6 @@ main(int argc, char **argv)
usage();
}
- if (!strcasecmpend(arg[0], ".onion") && !force) {
- fprintf(stderr,
- "%s is a hidden service; those don't have IP addresses.\n\n"
- "To connect to a hidden service, you need to send the hostname\n"
- "to Tor; we suggest an application that uses SOCKS 4a.\n", arg[0]);
- return 1;
- }
-
if (network_init()<0) {
log_err(LD_BUG,"Error initializing network; exiting.");
return 1;