summaryrefslogtreecommitdiff
path: root/src/or/buffers.c
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2005-09-24 21:56:04 +0000
committerRoger Dingledine <arma@torproject.org>2005-09-24 21:56:04 +0000
commitfba01c3cc0613155f16d017d9d2be0950869b039 (patch)
tree824fdb75dd8f6a143e0db26a5d3532c867defc86 /src/or/buffers.c
parent3cc460c9f99c1d2ef71b324688aee90b37fc24f7 (diff)
downloadtor-fba01c3cc0613155f16d017d9d2be0950869b039.tar.gz
tor-fba01c3cc0613155f16d017d9d2be0950869b039.zip
bugfix: we were whining about using socks4 or socks5-with-local-lookup
even when they used an IP in the "virtual" range we designed exactly for this case. svn:r5142
Diffstat (limited to 'src/or/buffers.c')
-rw-r--r--src/or/buffers.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c
index c3863b2886..ccd5f48511 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -949,7 +949,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
strlcpy(req->address,tmpbuf,sizeof(req->address));
req->port = ntohs(*(uint16_t*)(buf->cur+8));
buf_remove_from_front(buf, 10);
- if (!have_warned_about_unsafe_socks) {
+ if (!address_is_in_virtual_range(req->address) &&
+ !have_warned_about_unsafe_socks) {
log_fn(LOG_WARN,"Your application (using socks5 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS", req->port);
// have_warned_about_unsafe_socks = 1; // (for now, warn every time)
}
@@ -1019,7 +1020,9 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
tor_assert(next < buf->cur+buf->datalen);
startaddr = NULL;
- if (socks4_prot != socks4a && !have_warned_about_unsafe_socks) {
+ if (socks4_prot != socks4a &&
+ !address_is_in_virtual_range(tmpbuf) &&
+ !have_warned_about_unsafe_socks) {
log_fn(LOG_WARN,"Your application (using socks4 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.", req->port);
// have_warned_about_unsafe_socks = 1; // (for now, warn every time)
}