|
@@ -1186,9 +1186,11 @@ connection_ap_handshake_rewrite(entry_connection_t *conn,
|
|
|
* disallowed when they're coming straight from the client, but you're
|
|
|
* allowed to have them in MapAddress commands and so forth. */
|
|
|
if (!strcmpend(socks->address, ".exit") && !options->AllowDotExit) {
|
|
|
- log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to "
|
|
|
- "security risks. Set AllowDotExit in your torrc to enable "
|
|
|
- "it (at your own risk).");
|
|
|
+ static ratelim_t exit_warning_limit = RATELIM_INIT(60*15);
|
|
|
+ log_fn_ratelim(&exit_warning_limit, LOG_WARN, LD_APP,
|
|
|
+ "The \".exit\" notation is disabled in Tor due to "
|
|
|
+ "security risks. Set AllowDotExit in your torrc to enable "
|
|
|
+ "it (at your own risk).");
|
|
|
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
|
|
|
escaped(socks->address));
|
|
|
out->end_reason = END_STREAM_REASON_TORPROTOCOL;
|