summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug270445
-rw-r--r--doc/tor.1.txt2
-rw-r--r--src/feature/rend/rendservice.c8
-rw-r--r--src/test/test_controller.c7
-rw-r--r--src/test/test_hs_config.c14
5 files changed, 35 insertions, 1 deletions
diff --git a/changes/bug27044 b/changes/bug27044
new file mode 100644
index 0000000000..0ce9c48b85
--- /dev/null
+++ b/changes/bug27044
@@ -0,0 +1,5 @@
+ o Minor bugfixes (configuration, Onion Services):
+ - In rend_service_parse_port_config(), disallow any input to
+ remain after address-port pair was parsed. This will catch
+ address and port being whitespace-separated by mistake of
+ the user. Fixes bug 27044; bugfix on 0.2.9.10.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 37c97dc3fa..869a8cedd7 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2804,7 +2804,7 @@ The following options are used to configure a hidden service.
paths may be quoted, and may use standard C escapes.)
You may also have multiple lines with the same VIRTPORT: when a user
connects to that VIRTPORT, one of the TARGETs from those lines will be
- chosen at random.
+ chosen at random. Note that address-port pairs have to be comma-separated.
[[PublishHidServDescriptors]] **PublishHidServDescriptors** **0**|**1**::
If set to 0, Tor will run any hidden services you configure, but it won't
diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c
index 66a4fb5f4f..37e604d07d 100644
--- a/src/feature/rend/rendservice.c
+++ b/src/feature/rend/rendservice.c
@@ -451,11 +451,19 @@ rend_service_parse_port_config(const char *string, const char *sep,
int is_unix;
ret = port_cfg_line_extract_addrport(addrport_element, &addrport,
&is_unix, &rest);
+
if (ret < 0) {
tor_asprintf(&err_msg, "Couldn't process address <%s> from hidden "
"service configuration", addrport_element);
goto err;
}
+
+ if (rest && strlen(rest)) {
+ err_msg = tor_strdup("HiddenServicePort parse error: invalid port "
+ "mapping");
+ goto err;
+ }
+
if (is_unix) {
socket_path = addrport;
is_unix_addr = 1;
diff --git a/src/test/test_controller.c b/src/test/test_controller.c
index d5d51758fb..0428ac6fce 100644
--- a/src/test/test_controller.c
+++ b/src/test/test_controller.c
@@ -346,6 +346,13 @@ test_rend_service_parse_port_config(void *arg)
"in hidden service port configuration.");
tor_free(err_msg);
+ /* Wrong target address and port separation */
+ cfg = rend_service_parse_port_config("80,127.0.0.1 1234", sep,
+ &err_msg);
+ tt_ptr_op(cfg, OP_EQ, NULL);
+ tt_assert(err_msg);
+ tor_free(err_msg);
+
done:
rend_service_port_config_free(cfg);
tor_free(err_msg);
diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c
index 498d2df197..553b96758a 100644
--- a/src/test/test_hs_config.c
+++ b/src/test/test_hs_config.c
@@ -139,6 +139,20 @@ test_invalid_service(void *arg)
teardown_capture_of_logs();
}
+ /* Bad target addr:port separation. */
+ {
+ const char *conf =
+ "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n"
+ "HiddenServiceVersion 2\n"
+ "HiddenServicePort 80 127.0.0.1 8000\n";
+ setup_full_capture_of_logs(LOG_WARN);
+ ret = helper_config_service(conf, 1);
+ tt_int_op(ret, OP_EQ, -1);
+ expect_log_msg_containing("HiddenServicePort parse error: "
+ "invalid port mapping");
+ teardown_capture_of_logs();
+ }
+
/* Out of order directives. */
{
const char *conf =