diff options
author | David Goulet <dgoulet@torproject.org> | 2021-10-06 13:25:08 -0400 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2021-10-06 13:25:08 -0400 |
commit | fd640bbeae9cd36b3b202f3d64474e68c9fd38cf (patch) | |
tree | a8c947dcf48d86d3b7dc7e96cbbc02be76dc8cfe | |
parent | fb7c8325973d704ca84546a04c24244e50d46b6f (diff) | |
parent | 82b7939d197e64cd21e5246060499018dcb95f2c (diff) | |
download | tor-fd640bbeae9cd36b3b202f3d64474e68c9fd38cf.tar.gz tor-fd640bbeae9cd36b3b202f3d64474e68c9fd38cf.zip |
Merge branch 'maint-0.4.6' into release-0.4.6
-rw-r--r-- | changes/ticket40474 | 5 | ||||
-rw-r--r-- | src/core/or/connection_edge.c | 13 |
2 files changed, 14 insertions, 4 deletions
diff --git a/changes/ticket40474 b/changes/ticket40474 new file mode 100644 index 0000000000..d2a7231106 --- /dev/null +++ b/changes/ticket40474 @@ -0,0 +1,5 @@ + o Minor bugfixes (onion service, TROVE-2021-008): + - Only log once any v2 access attempts in order to not pollute the logs + with warnings and avoid recording the times on disk when v2 access was + attempted. Important to note that the onion address was _never_ logged. + That is a Low security issue. Fixes bug 40474; bugfix on 0.4.5.8. diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c index 6f6f22a0d4..d3979b3a7e 100644 --- a/src/core/or/connection_edge.c +++ b/src/core/or/connection_edge.c @@ -2530,10 +2530,15 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, /* We don't support v2 onions anymore. Log a warning and bail. */ if (addresstype == ONION_V2_HOSTNAME) { - log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but this " - "version of Tor no longer supports them. Please encourage the " - "site operator to upgrade. For more information see " - "https://blog.torproject.org/v2-deprecation-timeline."); + static bool log_once = false; + if (!log_once) { + log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but " + "this version of Tor no longer supports them. Please " + "encourage the site operator to upgrade. For more " + "information see " + "https://blog.torproject.org/v2-deprecation-timeline."); + log_once = true; + } control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s", escaped(socks->address)); /* Send back the 0xF6 extended code indicating a bad hostname. This is |