bugfix: we were whining about using socks4 or socks5-with-local-lookup

even when they used an IP in the "virtual" range we designed exactly
for this case.


svn:r5142

src/or/buffers.c

@@ -949,7 +949,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
           strlcpy(req->address,tmpbuf,sizeof(req->address));
           req->port = ntohs(*(uint16_t*)(buf->cur+8));
           buf_remove_from_front(buf, 10);
-          if (!have_warned_about_unsafe_socks) {
+          if (!address_is_in_virtual_range(req->address) &&
+              !have_warned_about_unsafe_socks) {
             log_fn(LOG_WARN,"Your application (using socks5 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.  For more information, please see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#SOCKSAndDNS", req->port);
 //            have_warned_about_unsafe_socks = 1; // (for now, warn every time)
           }
@@ -1019,7 +1020,9 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req)
       tor_assert(next < buf->cur+buf->datalen);
 
       startaddr = NULL;
-      if (socks4_prot != socks4a && !have_warned_about_unsafe_socks) {
+      if (socks4_prot != socks4a &&
+          !address_is_in_virtual_range(tmpbuf) &&
+          !have_warned_about_unsafe_socks) {
         log_fn(LOG_WARN,"Your application (using socks4 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.", req->port);
 //      have_warned_about_unsafe_socks = 1; // (for now, warn every time)
       }

src/or/connection_edge.c

@@ -18,7 +18,6 @@ static addr_policy_t *socks_policy = NULL;
 static smartlist_t *redirect_exit_list = NULL;
 
 static int connection_ap_handshake_process_socks(connection_t *conn);
-static int address_is_in_virtual_range(const char *addr);
 
 /** An AP stream has failed/finished. If it hasn't already sent back
  * a socks reply, send one now (based on endreason). Also set
@@ -735,7 +734,7 @@ client_dns_set_addressmap(const char *address, uint32_t val, const char *exitnam
  * Return true iff <b>addr</b> is likely to have been returned by
  * client_dns_get_unused_address.
  **/
-static int
+int
 address_is_in_virtual_range(const char *addr)
 {
   struct in_addr in;

src/or/or.h

@@ -783,7 +783,7 @@ typedef struct {
   int num_unreachable_notifications;
 } routerinfo_t;
 
-/** Contents of a single per-router entry in a network status object.
+/** Contents of a single router entry in a network status object.
  */
 typedef struct routerstatus_t {
   time_t published_on; /**< When was this router published? */
@@ -1599,6 +1599,7 @@ void addressmap_register(const char *address, char *new_address, time_t expires)
 int client_dns_incr_failures(const char *address);
 void client_dns_clear_failures(const char *address);
 void client_dns_set_addressmap(const char *address, uint32_t val, const char *exitname, int ttl);
+int address_is_in_virtual_range(const char *addr);
 const char *addressmap_register_virtual_address(int type, char *new_address);
 void addressmap_get_mappings(smartlist_t *sl, time_t min_expires, time_t max_expires);