diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-01-11 16:02:39 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-01-11 16:02:39 +0000 |
| commit | c1b5f53679af75a98b46f4dc7dc0f356de8ddb73 (patch) | |
| tree | f95a49ccd92e7d104f4e764c0a5c41a8d5dbb68a /src/or/dns.c | |
| parent | 3dfeaaaf6ef977bb833672c6cce15aa71838aae0 (diff) | |
| download | tor-c1b5f53679af75a98b46f4dc7dc0f356de8ddb73.tar.gz tor-c1b5f53679af75a98b46f4dc7dc0f356de8ddb73.zip | |
r11938@Kushana: nickm | 2007-01-11 11:02:28 -0500
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
Diffstat (limited to 'src/or/dns.c')
| -rw-r--r-- | src/or/dns.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/or/dns.c b/src/or/dns.c index d5f5ef5829..7897075356 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -584,6 +584,20 @@ dns_resolve(edge_connection_t *exitconn, or_circuit_t *oncirc) send_resolved_cell(exitconn, oncirc, RESOLVED_TYPE_IPV4); return 1; } + if (address_is_invalid_destination(exitconn->_base.address, 0)) { + log(LOG_PROTOCOL_WARN, LD_EXIT, + "Rejecting invalid destination address %s", + escaped_safe_str(exitconn->_base.address)); + if (is_resolve) + send_resolved_cell(exitconn, oncirc, RESOLVED_TYPE_ERROR); + /* XXXX012 send error in connect case? -NM */ + circ = circuit_get_by_edge_conn(exitconn); + if (circ) + circuit_detach_stream(circ, exitconn); + if (!exitconn->_base.marked_for_close) + connection_free(TO_CONN(exitconn)); + return -1; + } /* then take this opportunity to see if there are any expired * resolves in the hash table. */ |