diff options
-rw-r--r-- | changes/bug27044 | 5 | ||||
-rw-r--r-- | doc/tor.1.txt | 2 | ||||
-rw-r--r-- | src/feature/rend/rendservice.c | 8 | ||||
-rw-r--r-- | src/test/test_controller.c | 7 | ||||
-rw-r--r-- | src/test/test_hs_config.c | 14 |
5 files changed, 35 insertions, 1 deletions
diff --git a/changes/bug27044 b/changes/bug27044 new file mode 100644 index 0000000000..0ce9c48b85 --- /dev/null +++ b/changes/bug27044 @@ -0,0 +1,5 @@ + o Minor bugfixes (configuration, Onion Services): + - In rend_service_parse_port_config(), disallow any input to + remain after address-port pair was parsed. This will catch + address and port being whitespace-separated by mistake of + the user. Fixes bug 27044; bugfix on 0.2.9.10. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 37c97dc3fa..869a8cedd7 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2804,7 +2804,7 @@ The following options are used to configure a hidden service. paths may be quoted, and may use standard C escapes.) You may also have multiple lines with the same VIRTPORT: when a user connects to that VIRTPORT, one of the TARGETs from those lines will be - chosen at random. + chosen at random. Note that address-port pairs have to be comma-separated. [[PublishHidServDescriptors]] **PublishHidServDescriptors** **0**|**1**:: If set to 0, Tor will run any hidden services you configure, but it won't diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c index 66a4fb5f4f..37e604d07d 100644 --- a/src/feature/rend/rendservice.c +++ b/src/feature/rend/rendservice.c @@ -451,11 +451,19 @@ rend_service_parse_port_config(const char *string, const char *sep, int is_unix; ret = port_cfg_line_extract_addrport(addrport_element, &addrport, &is_unix, &rest); + if (ret < 0) { tor_asprintf(&err_msg, "Couldn't process address <%s> from hidden " "service configuration", addrport_element); goto err; } + + if (rest && strlen(rest)) { + err_msg = tor_strdup("HiddenServicePort parse error: invalid port " + "mapping"); + goto err; + } + if (is_unix) { socket_path = addrport; is_unix_addr = 1; diff --git a/src/test/test_controller.c b/src/test/test_controller.c index d5d51758fb..0428ac6fce 100644 --- a/src/test/test_controller.c +++ b/src/test/test_controller.c @@ -346,6 +346,13 @@ test_rend_service_parse_port_config(void *arg) "in hidden service port configuration."); tor_free(err_msg); + /* Wrong target address and port separation */ + cfg = rend_service_parse_port_config("80,127.0.0.1 1234", sep, + &err_msg); + tt_ptr_op(cfg, OP_EQ, NULL); + tt_assert(err_msg); + tor_free(err_msg); + done: rend_service_port_config_free(cfg); tor_free(err_msg); diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c index 498d2df197..553b96758a 100644 --- a/src/test/test_hs_config.c +++ b/src/test/test_hs_config.c @@ -139,6 +139,20 @@ test_invalid_service(void *arg) teardown_capture_of_logs(); } + /* Bad target addr:port separation. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n" + "HiddenServiceVersion 2\n" + "HiddenServicePort 80 127.0.0.1 8000\n"; + setup_full_capture_of_logs(LOG_WARN); + ret = helper_config_service(conf, 1); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("HiddenServicePort parse error: " + "invalid port mapping"); + teardown_capture_of_logs(); + } + /* Out of order directives. */ { const char *conf = |