diff options
author | Nick Mathewson <nickm@torproject.org> | 2014-02-12 15:32:50 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2014-02-12 15:32:50 -0500 |
commit | c4bb3c8d447400573eb45f3e2076e6b80187f1b9 (patch) | |
tree | 43d3c9e9334baa481d35a5d505cc6903eb7bbb92 | |
parent | 2c0088b8aa360c8dfa4c38c45d50542fa9aae8fb (diff) | |
download | tor-c4bb3c8d447400573eb45f3e2076e6b80187f1b9.tar.gz tor-c4bb3c8d447400573eb45f3e2076e6b80187f1b9.zip |
Log only one message for dangerous log settings.
We log only one message, containing a complete list of what's
wrong. We log the complete list whenever any of the possible things
that could have gotten wrong gets worse.
Fix for #9870. Bugfix on 10480dff01bece13fab, which we merged in
0.2.5.1-alpha.
-rw-r--r-- | changes/bug9870 | 5 | ||||
-rw-r--r-- | src/or/config.c | 38 |
2 files changed, 30 insertions, 13 deletions
diff --git a/changes/bug9870 b/changes/bug9870 new file mode 100644 index 0000000000..b4b2c2df2a --- /dev/null +++ b/changes/bug9870 @@ -0,0 +1,5 @@ + o Minor bugfixes: + + - Log only one message when we start logging in an unsafe + way. Previously, we would log as many messages as we had + problems. Fix for #9870; bugfix on 0.2.5.1-alpha. diff --git a/src/or/config.c b/src/or/config.c index d2981771c0..dcbe88dccd 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1148,12 +1148,31 @@ options_act_reversible(const or_options_t *old_options, char **msg) tor_free(severity); tor_log_update_sigsafe_err_fds(); } - if (get_min_log_level() >= LOG_INFO && - get_min_log_level() != old_min_log_level) { - log_warn(LD_GENERAL, "Your log may contain sensitive information: you're " - "logging more than \"notice\". Please log safely. Don't log " - "unless it serves an important reason, and overwrite the log " - "afterwards."); + + { + const char *badness = NULL; + int bad_safelog = 0, bad_severity = 0, new_badness = 0; + if (options->SafeLogging_ != SAFELOG_SCRUB_ALL) { + bad_safelog = 1; + if (!old_options || old_options->SafeLogging_ != options->SafeLogging_) + new_badness = 1; + } + if (get_min_log_level() >= LOG_INFO) { + bad_severity = 1; + if (get_min_log_level() != old_min_log_level) + new_badness = 1; + } + if (bad_safelog && bad_severity) + badness = "you disabled SafeLogging, and " + "you're logging more than \"notice\""; + else if (bad_safelog) + badness = "you disabled SafeLogging"; + else + badness = "you're logging more than \"notice\""; + if (new_badness) + log_warn(LD_GENERAL, "Your log may contain sensitive information - %s. " + "Don't log unless it serves an important reason. " + "Overwrite the log afterwards.", badness); } SMARTLIST_FOREACH(replaced_listeners, connection_t *, conn, @@ -1341,13 +1360,6 @@ options_act(const or_options_t *old_options) } #endif - if (options->SafeLogging_ != SAFELOG_SCRUB_ALL && - (!old_options || old_options->SafeLogging_ != options->SafeLogging_)) { - log_warn(LD_GENERAL, "Your log may contain sensitive information - you " - "disabled SafeLogging. Please log safely. Don't log unless it " - "serves an important reason. Overwrite the log afterwards."); - } - if (options->Bridges) { mark_bridge_list(); for (cl = options->Bridges; cl; cl = cl->next) { |