diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/connection_edge.c | 8 | ||||
| -rw-r--r-- | src/or/or.h | 2 | ||||
| -rw-r--r-- | src/or/test.c | 4 |
3 files changed, 11 insertions, 3 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 844b6f04c3..c4a01f1392 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -911,6 +911,12 @@ static int connection_ap_handshake_process_socks(connection_t *conn) { */ addresstype = parse_extended_hostname(socks->address); + if (addresstype == BAD_HOSTNAME) { + log_fn(LOG_WARN, "Invalid hostname %s; rejecting", socks->address); + connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL); + return -1; + } + if (addresstype == EXIT_HOSTNAME) { /* foo.exit -- modify conn->chosen_exit_node to specify the exit * node, and conn->address to hold only the address portion.*/ @@ -1712,6 +1718,6 @@ parse_extended_hostname(char *address) { failed: /* otherwise, return to previous state and return 0 */ *s = '.'; - return NORMAL_HOSTNAME; + return BAD_HOSTNAME; } diff --git a/src/or/or.h b/src/or/or.h index ad7ae7597a..916476cf7e 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1377,7 +1377,7 @@ int socks_policy_permits_address(uint32_t addr); void set_exit_redirects(smartlist_t *lst); typedef enum hostname_type_t { - NORMAL_HOSTNAME, ONION_HOSTNAME, EXIT_HOSTNAME + NORMAL_HOSTNAME, ONION_HOSTNAME, EXIT_HOSTNAME, BAD_HOSTNAME } hostname_type_t; hostname_type_t parse_extended_hostname(char *address); diff --git a/src/or/test.c b/src/or/test.c index 6bc162463c..c41cf98742 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -1384,6 +1384,7 @@ test_rend_fns(void) char address1[] = "fooaddress.onion"; char address2[] = "aaaaaaaaaaaaaaaa.onion"; char address3[] = "fooaddress.exit"; + char address4[] = "tor.eff.org"; rend_service_descriptor_t *d1, *d2; char *encoded; size_t len; @@ -1412,9 +1413,10 @@ test_rend_fns(void) test_streq(d2->intro_points[1], "crow"); test_streq(d2->intro_points[2], "joel"); - test_eq(NORMAL_HOSTNAME, parse_extended_hostname(address1)); + test_eq(BAD_HOSTNAME, parse_extended_hostname(address1)); test_eq(ONION_HOSTNAME, parse_extended_hostname(address2)); test_eq(EXIT_HOSTNAME, parse_extended_hostname(address3)); + test_eq(NORMAL_HOSTNAME, parse_extended_hostname(address4)); rend_service_descriptor_free(d1); rend_service_descriptor_free(d2); |