Implement Jason Holt's SafeSocks config option.

Also put a URL in the warning message for unsafe socks4 use --
previously we'd only had the URL for unsafe socks5 use. Oops.


svn:r6190

src/or/buffers.c

@@ -897,11 +897,14 @@ fetch_from_buf_http(buf_t *buf,
  * If <b>log_sockstype</b> is non-zero, then do a notice-level log of whether
  * the connection is possibly leaking DNS requests locally or not.
  *
+ * If <b>safe_socks</b> is true, then reject unsafe socks protocols.
+ *
  * If returning 0 or -1, <b>req->address</b> and <b>req->port</b> are
  * undefined.
  */
 int
-fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
+fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
+                     int log_sockstype, int safe_socks)
 {
   unsigned char len;
   char tmpbuf[INET_NTOA_BUF_LEN];
@@ -984,8 +987,11 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
                 "themselves may leak information. Consider using Socks4A "
                 "(e.g. via privoxy or socat) instead.  For more information, "
                 "please see http://wiki.noreply.org/noreply/TheOnionRouter/"
-                "TorFAQ#SOCKSAndDNS", req->port);
+                "TorFAQ#SOCKSAndDNS.%s", req->port,
+                safe_socks ? " Rejecting." : "");
 //            have_warned_about_unsafe_socks = 1; // (for now, warn every time)
+            if (safe_socks)
+              return -1;
           }
           return 1;
         case 3: /* fqdn */
@@ -1075,8 +1081,13 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
                  "Your application (using socks4 on port %d) is giving Tor "
                  "only an IP address. Applications that do DNS resolves "
                  "themselves may leak information. Consider using Socks4A "
-                 "(e.g. via privoxy or socat) instead.", req->port);
+                 "(e.g. via privoxy or socat) instead. For more information, "
+                 "please see http://wiki.noreply.org/noreply/TheOnionRouter/"
+                 "TorFAQ#SOCKSAndDNS.%s", req->port,
+                 safe_socks ? " Rejecting." : "");
 //      have_warned_about_unsafe_socks = 1; // (for now, warn every time)
+        if (safe_socks)
+          return -1;
       }
       if (socks4_prot == socks4a) {
         if (next+1 == buf->cur+buf->datalen) {

src/or/config.c

@@ -218,6 +218,7 @@ static config_var_t _option_vars[] = {
   VAR("RunAsDaemon",         BOOL,     RunAsDaemon,          "0"),
   VAR("RunTesting",          BOOL,     RunTesting,           "0"),
   VAR("SafeLogging",         BOOL,     SafeLogging,          "1"),
+  VAR("SafeSocks",           BOOL,     SafeSocks,            "0"),
   VAR("ShutdownWaitLength",  INTERVAL, ShutdownWaitLength,   "30 seconds"),
   VAR("SocksListenAddress",  LINELIST, SocksListenAddress,   NULL),
   VAR("SocksPolicy",         LINELIST, SocksPolicy,          NULL),

src/or/or.h

@@ -1379,6 +1379,8 @@ typedef struct {
                            * long do we wait before exiting? */
   int SafeLogging; /**< Boolean: are we allowed to log sensitive strings
                     * such as addresses (0), or do we scrub them first (1)? */
+  int SafeSocks; /**< Boolean: should we outright refuse application
+                  * connections that use socks4 or socks5-with-local-dns? */
 #define LOG_PROTOCOL_WARN (get_options()->ProtocolWarnings ? \
                            LOG_WARN : LOG_INFO)
   int ProtocolWarnings; /**< Boolean: when other parties screw up the Tor
@@ -1471,7 +1473,8 @@ int fetch_from_buf_http(buf_t *buf,
                         char **headers_out, size_t max_headerlen,
                         char **body_out, size_t *body_used, size_t max_bodylen,
                         int force_complete);
-int fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype);
+int fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
+                         int log_sockstype, int safe_socks);
 int fetch_from_buf_control0(buf_t *buf, uint32_t *len_out, uint16_t *type_out,
                             char **body_out, int check_for_v1);
 int fetch_from_buf_line(buf_t *buf, char *data_out, size_t *data_len);