mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Add warning when trying to connect to deprecated v2 onions.
This commit is contained in:
parent
f230beadf4
commit
5e836eb80c
3
changes/ticket40373
Normal file
3
changes/ticket40373
Normal file
@ -0,0 +1,3 @@
|
||||
o Minor features (onion services):
|
||||
- Add warning message when connecting to deprecated v2 onions.
|
||||
Closes ticket 40373.
|
@ -2242,7 +2242,7 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
|
||||
}
|
||||
|
||||
/* Now, we handle everything that isn't a .onion address. */
|
||||
if (addresstype != ONION_V3_HOSTNAME) {
|
||||
if (addresstype != ONION_V3_HOSTNAME && addresstype != ONION_V2_HOSTNAME) {
|
||||
/* Not a hidden-service request. It's either a hostname or an IP,
|
||||
* possibly with a .exit that we stripped off. We're going to check
|
||||
* if we're allowed to connect/resolve there, and then launch the
|
||||
@ -2527,6 +2527,19 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
|
||||
return 0;
|
||||
} else {
|
||||
/* If we get here, it's a request for a .onion address! */
|
||||
|
||||
/* We don't support v2 onions anymore. Log a warning and bail. */
|
||||
if (addresstype == ONION_V2_HOSTNAME) {
|
||||
log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but this "
|
||||
"version of Tor no longer supports them. Please encourage the "
|
||||
"site operator to upgrade. For more information see "
|
||||
"https://blog.torproject.org/v2-deprecation-timeline.");
|
||||
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
|
||||
escaped(socks->address));
|
||||
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
|
||||
return -1;
|
||||
}
|
||||
|
||||
tor_assert(addresstype == ONION_V3_HOSTNAME);
|
||||
tor_assert(!automap);
|
||||
return connection_ap_handle_onion(conn, socks, circ);
|
||||
|
Loading…
Reference in New Issue
Block a user