Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Rate-limit unsafe socks warning

Pick 5 seconds as the limit. 5 seconds is a compromise here between
making sure the user notices that the bad behaviour is (still) happening
and not spamming their log too much needlessly (the log message is
pretty long). We also keep warning every time if safesocks is
specified, because then the user presumably wants to hear about every
blocked instance.

(This is based on the original patch by Sebastian, then backported to
0.2.2 and with warnings split into their own function.)
Sebastian Hahn 13 years ago
parent
dbba84c917
commit
da3a6e724f
2 changed files with 41 additions and 35 deletions
Split View Show Diff Stats
  1. 3 0
      changes/bug2000
  2. 38 35
      src/or/buffers.c

+ 3 - 0
changes/bug2000
View File 

@@ -0,0 +1,3 @@
 
+  o Minor bugfixes:
 
+    - Rate-limit the "your application is giving Tor only an IP address"
 
+      warning. Fixes bug 2000; bugfix on 0.0.8pre2.

+ 38 - 35
src/or/buffers.c
View File 

@@ -1299,6 +1299,39 @@ fetch_from_buf_http(buf_t *buf,
 
   return 1;
 
 }
 
 
+/**
 
+ * Wait this many seconds before warning the user about using SOCKS unsafely
 
+ * again (requires that WarnUnsafeSocks is turned on). */
 
+#define SOCKS_WARN_INTERVAL 5
 
+
 
+/** Warn that the user application has made an unsafe socks request using
 
+ * protocol <b>socks_protocol</b> on port <b>port</b>.  Don't warn more than
 
+ * once per SOCKS_WARN_INTERVAL, unless <b>safe_socks</b> is set. */
 
+static void
 
+log_unsafe_socks_warning(int socks_protocol, uint16_t port, int safe_socks)
 
+{
 
+  static ratelim_t socks_ratelim = RATELIM_INIT(SOCKS_WARN_INTERVAL);
 
+
 
+  or_options_t *options = get_options();
 
+  char *m = NULL;
 
+  if (! options->WarnUnsafeSocks)
 
+    return;
 
+  if (safe_socks || (m = rate_limit_log(&socks_ratelim, approx_time()))) {
 
+    log_warn(LD_APP,
 
+             "Your application (using socks%d to port %d) is giving "
 
+             "Tor only an IP address. Applications that do DNS resolves "
 
+             "themselves may leak information. Consider using Socks4A "
 
+             "(e.g. via privoxy or socat) instead. For more information, "
 
+             "please see https://wiki.torproject.org/TheOnionRouter/"
 
+             "TorFAQ#SOCKSAndDNS.%s%s",
 
+             socks_protocol,
 
+             (int)port,
 
+             safe_socks ? " Rejecting." : "",
 
+             m ? m : "");
 
+    tor_free(m);
 
+  }
 
+}
 
+
 
 /** There is a (possibly incomplete) socks handshake on <b>buf</b>, of one
 
  * of the forms
 
  *  - socks4: "socksheader username\\0"
 
@@ -1337,10 +1370,6 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
 
   char *next, *startaddr;
 
   struct in_addr in;
 
 
-  /* If the user connects with socks4 or the wrong variant of socks5,
 
-   * then log a warning to let him know that it might be unwise. */
 
-  static int have_warned_about_unsafe_socks = 0;
 
-
 
   if (buf->datalen < 2) /* version and another byte */
 
     return 0;
 
 
@@ -1420,23 +1449,11 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
 
           req->port = ntohs(get_uint16(buf->head->data+4+addrlen));
 
           buf_remove_from_front(buf, 6+addrlen);
 
           if (req->command != SOCKS_COMMAND_RESOLVE_PTR &&
 
-              !addressmap_have_mapping(req->address,0) &&
 
-              !have_warned_about_unsafe_socks) {
 
-            if (get_options()->WarnUnsafeSocks) {
 
-              log_warn(LD_APP,
 
-                  "Your application (using socks5 to port %d) is giving "
 
-                  "Tor only an IP address. Applications that do DNS resolves "
 
-                  "themselves may leak information. Consider using Socks4A "
 
-                  "(e.g. via privoxy or socat) instead. For more information, "
 
-                  "please see https://wiki.torproject.org/TheOnionRouter/"
 
-                  "TorFAQ#SOCKSAndDNS.%s", req->port,
 
-                  safe_socks ? " Rejecting." : "");
 
-              /*have_warned_about_unsafe_socks = 1;*/
 
-                                      /*(for now, warn every time)*/
 
+              !addressmap_have_mapping(req->address,0)) {
 
+            log_unsafe_socks_warning(5, req->port, safe_socks);
 
             control_event_client_status(LOG_WARN,
 
                           "DANGEROUS_SOCKS PROTOCOL=SOCKS5 ADDRESS=%s:%d",
 
                           req->address, req->port);
 
-            }
 
             if (safe_socks)
 
               return -1;
 
           }
 
@@ -1536,23 +1553,9 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
 
 
       startaddr = NULL;
 
       if (socks4_prot != socks4a &&
 
-          !addressmap_have_mapping(tmpbuf,0) &&
 
-          !have_warned_about_unsafe_socks) {
 
-        if (get_options()->WarnUnsafeSocks) {
 
-          log_warn(LD_APP,
 
-                 "Your application (using socks4 to port %d) is giving Tor "
 
-                 "only an IP address. Applications that do DNS resolves "
 
-                 "themselves may leak information. Consider using Socks4A "
 
-                 "(e.g. via privoxy or socat) instead. For more information, "
 
-                 "please see https://wiki.torproject.org/TheOnionRouter/"
 
-                 "TorFAQ#SOCKSAndDNS.%s", req->port,
 
-                 safe_socks ? " Rejecting." : "");
 
-          /*have_warned_about_unsafe_socks = 1;*/
 
-          /*(for now, warn every time)*/
 
-          control_event_client_status(LOG_WARN,
 
-                        "DANGEROUS_SOCKS PROTOCOL=SOCKS4 ADDRESS=%s:%d",
 
-                        tmpbuf, req->port);
 
-        }
 
+          !addressmap_have_mapping(tmpbuf,0)) {
 
+        log_unsafe_socks_warning(4, req->port, safe_socks);
 
+
 
         if (safe_socks)
 
           return -1;
 
       }