diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 10 |
2 files changed, 9 insertions, 4 deletions
@@ -12,6 +12,9 @@ Changes in version 0.2.2.9-alpha - 2010-??-?? when it updates its libraries in a security patch. - Fix static compilation by listing the openssl libraries in the right order. Fixes bug 1237. + - Actually reject .exit hostnames when we're supposed to be rejecting + them; do not pass them on to the exit server. Bugfix on 0.2.2.7-alpha; + found and diagnosed by Scott Bennett and Downie on or-talk. o Code simplifications and refactoring: - Generate our manpage and HTML documentation using Asciidoc. This diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index d7e8394614..8447853fc1 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -2935,10 +2935,12 @@ parse_extended_hostname(char *address, int allowdotexit) if (allowdotexit) { *s = 0; /* NUL-terminate it */ return EXIT_HOSTNAME; /* .exit */ - } /* else */ - log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to " - "security risks. Set AllowDotExit in your torrc to enable it."); - /* FFFF send a controller event too to notify Vidalia users */ + } else { + log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to " + "security risks. Set AllowDotExit in your torrc to enable it."); + /* FFFF send a controller event too to notify Vidalia users */ + return BAD_HOSTNAME; + } } if (strcmp(s+1,"onion")) return NORMAL_HOSTNAME; /* neither .exit nor .onion, thus normal */ |