bugfix: we were whining about using socks4 or socks5-with-local-lookup

even when they used an IP in the "virtual" range we designed exactly
for this case.


svn:r5142

1 files changed, 5 insertions, 2 deletions

diff --git a/src/or/buffers.c b/src/or/buffers.c
index c3863b2886..ccd5f48511 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -949,7 +949,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
           strlcpy(req->address,tmpbuf,sizeof(req->address));
           req->port = ntohs(*(uint16_t*)(buf->cur+8));
           buf_remove_from_front(buf, 10);
-          if (!have_warned_about_unsafe_socks) {
+          if (!address_is_in_virtual_range(req->address) &&
+              !have_warned_about_unsafe_socks) {
             log_fn(LOG_WARN,"Your application (using socks5 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.  For more information, please see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS", req->port);
 //            have_warned_about_unsafe_socks = 1; // (for now, warn every time)
           }
@@ -1019,7 +1020,9 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
       tor_assert(next < buf->cur+buf->datalen);
 
       startaddr = NULL;
-      if (socks4_prot != socks4a && !have_warned_about_unsafe_socks) {
+      if (socks4_prot != socks4a &&
+          !address_is_in_virtual_range(tmpbuf) &&
+          !have_warned_about_unsafe_socks) {
         log_fn(LOG_WARN,"Your application (using socks4 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.", req->port);
 //      have_warned_about_unsafe_socks = 1; // (for now, warn every time)
       }