diff options
| author | David Goulet <dgoulet@torproject.org> | 2021-02-17 08:39:12 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2021-02-19 13:20:49 -0500 |
| commit | 8ccfd4a51ad55e9834cffcc91cbaa13e1f19c8ff (patch) | |
| tree | 8d62d926a51c2d07535b01eabd37dec263f835fc /src/feature/hs | |
| parent | 6e6ad44262f63938164b85377408416bab5a3da0 (diff) | |
| download | tor-8ccfd4a51ad55e9834cffcc91cbaa13e1f19c8ff.tar.gz tor-8ccfd4a51ad55e9834cffcc91cbaa13e1f19c8ff.zip | |
hs-v2: Warn of v2 obsolete if configured
For a user using "HiddenServiceVersion 2", a log warning is emitted indicating
that v2 is now obsolete instead of a confusing message saying that the version
is not supported.
Also, if an introduction point gets a legacy (v2) ESTABLISH_INTRO, we'll
simply close the circuit without emitting a protocol warning log onto the
relay.
Related to #40266
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/feature/hs')
| -rw-r--r-- | src/feature/hs/hs_config.c | 6 | ||||
| -rw-r--r-- | src/feature/hs/hs_intropoint.c | 5 |
2 files changed, 11 insertions, 0 deletions
diff --git a/src/feature/hs/hs_config.c b/src/feature/hs/hs_config.c index e2e1756f21..75c417c3ef 100644 --- a/src/feature/hs/hs_config.c +++ b/src/feature/hs/hs_config.c @@ -436,6 +436,12 @@ config_generic_service(const hs_opts_t *hs_opts, /* Protocol version for the service. */ if (hs_opts->HiddenServiceVersion == -1) { /* No value was set; stay with the default. */ + } else if (hs_opts->HiddenServiceVersion == 2) { + log_warn(LD_CONFIG, "Onion services version 2 are obsolete. Please see " + "https://blog.torproject.org/v2-deprecation-timeline " + "for more details and for instructions on how to " + "transition to version 3."); + goto err; } else if (CHECK_OOB(hs_opts, HiddenServiceVersion, HS_VERSION_MIN, HS_VERSION_MAX)) { goto err; diff --git a/src/feature/hs/hs_intropoint.c b/src/feature/hs/hs_intropoint.c index 7ae6deffa2..d567201c77 100644 --- a/src/feature/hs/hs_intropoint.c +++ b/src/feature/hs/hs_intropoint.c @@ -512,6 +512,11 @@ hs_intro_received_establish_intro(or_circuit_t *circ, const uint8_t *request, * ESTABLISH_INTRO and pass it to the appropriate cell handler */ const uint8_t first_byte = request[0]; switch (first_byte) { + case TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY0: + case TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_LEGACY1: + /* Likely version 2 onion service which is now obsolete. Avoid a + * protocol warning considering they still exists on the network. */ + goto err; case TRUNNEL_HS_INTRO_AUTH_KEY_TYPE_ED25519: return handle_establish_intro(circ, request, request_len); default: |