config: Remove WarnUnsafeSocks option

Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>

5 files changed, 4 insertions, 17 deletions

diff --git a/changes/bug22060 b/changes/bug22060
index 5b064277a3..e7d14b01a9 100644
--- a/changes/bug22060
+++ b/changes/bug22060
@@ -15,3 +15,5 @@
     - CloseHSServiceRendCircuitsImmediatelyOnTimeout was deprecated in
       0.2.9.2-alpha and now has been rendered obsolete. Code has been removed
       and feature no longer exists.
+    - WarnUnsafeSocks was deprecated in 0.2.9.2-alpha and now has been
+      rendered obsolete. Code has been removed and feature no longer exists.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 03943c9ed8..590ded34de 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1271,12 +1271,6 @@ The following options are useful only for clients (that is, if
     helps to determine whether an application using Tor is possibly leaking
     DNS requests. (Default: 0)
 
-[[WarnUnsafeSocks]] **WarnUnsafeSocks** **0**|**1**::
-    When this option is enabled, Tor will warn whenever a request is
-    received that only contains an IP address instead of a hostname. Allowing
-    applications to do DNS resolves themselves is usually a bad idea and
-    can leak your location to attackers. (Default: 1)
-
 [[VirtualAddrNetworkIPv4]] **VirtualAddrNetworkIPv4** __Address__/__bits__ +
 
 [[VirtualAddrNetworkIPv6]] **VirtualAddrNetworkIPv6** [__Address__]/__bits__::
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 4f22935d26..58cfdeee84 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1319,7 +1319,7 @@ fetch_from_buf_http(buf_t *buf,
 
 /**
  * Wait this many seconds before warning the user about using SOCKS unsafely
- * again (requires that WarnUnsafeSocks is turned on). */
+ * again. */
 #define SOCKS_WARN_INTERVAL 5
 
 /** Warn that the user application has made an unsafe socks request using
@@ -1331,9 +1331,6 @@ log_unsafe_socks_warning(int socks_protocol, const char *address,
 {
   static ratelim_t socks_ratelim = RATELIM_INIT(SOCKS_WARN_INTERVAL);
 
-  const or_options_t *options = get_options();
-  if (! options->WarnUnsafeSocks)
-    return;
   if (safe_socks) {
     log_fn_ratelim(&socks_ratelim, LOG_WARN, LD_APP,
              "Your application (using socks%d to port %d) is giving "
diff --git a/src/or/config.c b/src/or/config.c
index 5b6932987c..1af554a3fa 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -402,7 +402,7 @@ static config_var_t option_vars_[] = {
   VPORT(NATDPort),
   V(Nickname,                    STRING,   NULL),
   V(PredictedPortsRelevanceTime,  INTERVAL, "1 hour"),
-  V(WarnUnsafeSocks,              BOOL,     "1"),
+  OBSOLETE("WarnUnsafeSocks"),
   VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
   V(NumCPUs,                     UINT,     "0"),
   V(NumDirectoryGuards,          UINT,     "0"),
@@ -664,8 +664,6 @@ static const config_deprecation_t option_deprecation_notes_[] = {
     "a wide variety of application-level attacks." },
   { "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
     "easier to fingerprint, and may open you to esoteric attacks." },
-  { "WarnUnsafeSocks", "Changing this option makes it easier for you "
-    "to accidentally lose your anonymity by leaking DNS information" },
   { "TLSECGroup", "The default is a nice secure choice; the other option "
     "is less secure." },
   { "ControlListenAddress", "Use ControlPort instead." },
diff --git a/src/or/or.h b/src/or/or.h
index 1cdfd1b458..da3285038a 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4110,10 +4110,6 @@ typedef struct {
    * selection. */
   int AllowDotExit;
 
-  /** If true, we will warn if a user gives us only an IP address
-   * instead of a hostname. */
-  int WarnUnsafeSocks;
-
   /** If true, we're configured to collect statistics on clients
    * requesting network statuses from us as directory. */
   int DirReqStatistics_option;