diff options
author | Nick Mathewson <nickm@torproject.org> | 2016-08-03 12:24:04 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-08-03 12:24:07 -0400 |
commit | f3314aa6e1e307467a684f1477e2af1568a728b6 (patch) | |
tree | b2000f6e7298dedd552303970e46e079483f3585 /src/or | |
parent | 9b6ff4c882431dd9733a1c36fc3a2b662fa5f11a (diff) | |
download | tor-f3314aa6e1e307467a684f1477e2af1568a728b6.tar.gz tor-f3314aa6e1e307467a684f1477e2af1568a728b6.zip |
Deprecate some SocksPort sub-options.
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/config.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c index a5428aa231..b6ea089c4e 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6186,6 +6186,20 @@ config_parse_unix_port(const char *addrport, char **path_out) } #endif /* defined(HAVE_SYS_UN_H) */ +static void +warn_client_dns_cache(const char *option, int disabling) +{ + if (disabling) + return; + + warn_deprecated_option(option, + "Client-side DNS cacheing enables a wide variety of route-" + "capture attacks. If a single bad exit node lies to you about " + "an IP address, cacheing that address would make you visit " + "an address of the attacker's choice every time you connected " + "to your destination."); +} + /** * Parse port configuration for a single port type. * @@ -6554,21 +6568,27 @@ parse_port_config(smartlist_t *out, } } if (!strcasecmp(elt, "CacheIPv4DNS")) { + warn_client_dns_cache(elt, no); cache_ipv4 = ! no; continue; } else if (!strcasecmp(elt, "CacheIPv6DNS")) { + warn_client_dns_cache(elt, no); cache_ipv6 = ! no; continue; } else if (!strcasecmp(elt, "CacheDNS")) { + warn_client_dns_cache(elt, no); cache_ipv4 = cache_ipv6 = ! no; continue; } else if (!strcasecmp(elt, "UseIPv4Cache")) { + warn_client_dns_cache(elt, no); use_cached_ipv4 = ! no; continue; } else if (!strcasecmp(elt, "UseIPv6Cache")) { + warn_client_dns_cache(elt, no); use_cached_ipv6 = ! no; continue; } else if (!strcasecmp(elt, "UseDNSCache")) { + warn_client_dns_cache(elt, no); use_cached_ipv4 = use_cached_ipv6 = ! no; continue; } else if (!strcasecmp(elt, "PreferIPv6Automap")) { |