diff options
| author | George Kadianakis <desnacked@riseup.net> | 2021-05-05 11:10:28 +0300 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2021-05-07 08:41:46 -0400 |
| commit | 5e836eb80c31b97f87b152351b6a7a932aeffaed (patch) | |
| tree | ba33d20f7c66fb1ba5ee01d6cb78ab1f47835788 | |
| parent | f230beadf469e300c783791847a346c593033dd0 (diff) | |
| download | tor-5e836eb80c31b97f87b152351b6a7a932aeffaed.tar.gz tor-5e836eb80c31b97f87b152351b6a7a932aeffaed.zip | |
Add warning when trying to connect to deprecated v2 onions.
| -rw-r--r-- | changes/ticket40373 | 3 | ||||
| -rw-r--r-- | src/core/or/connection_edge.c | 15 |
2 files changed, 17 insertions, 1 deletions
diff --git a/changes/ticket40373 b/changes/ticket40373 new file mode 100644 index 0000000000..3b2edd0652 --- /dev/null +++ b/changes/ticket40373 @@ -0,0 +1,3 @@ + o Minor features (onion services): + - Add warning message when connecting to deprecated v2 onions. + Closes ticket 40373.
\ No newline at end of file diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c index 8e13161348..a307249967 100644 --- a/src/core/or/connection_edge.c +++ b/src/core/or/connection_edge.c @@ -2242,7 +2242,7 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, } /* Now, we handle everything that isn't a .onion address. */ - if (addresstype != ONION_V3_HOSTNAME) { + if (addresstype != ONION_V3_HOSTNAME && addresstype != ONION_V2_HOSTNAME) { /* Not a hidden-service request. It's either a hostname or an IP, * possibly with a .exit that we stripped off. We're going to check * if we're allowed to connect/resolve there, and then launch the @@ -2527,6 +2527,19 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, return 0; } else { /* If we get here, it's a request for a .onion address! */ + + /* We don't support v2 onions anymore. Log a warning and bail. */ + if (addresstype == ONION_V2_HOSTNAME) { + log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but this " + "version of Tor no longer supports them. Please encourage the " + "site operator to upgrade. For more information see " + "https://blog.torproject.org/v2-deprecation-timeline."); + control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s", + escaped(socks->address)); + connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL); + return -1; + } + tor_assert(addresstype == ONION_V3_HOSTNAME); tor_assert(!automap); return connection_ap_handle_onion(conn, socks, circ); |