nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 22:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Slightly better messages on ControlListenAddress 0.0.0.0

Browse Source 
svn:r17963
This commit is contained in:
Nick Mathewson 2009-01-06 16:57:42 +00:00
parent fe040342e7
commit 6f1ceaefaa
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/or/config.c
View File

@ -3390,16 +3390,24 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (!options->HashedControlPassword &&
!options->HashedControlSessionPassword &&
!options->CookieAuthentication) {
log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
"connections from a non-local address. This means that "
"any program on the internet can reconfigure your Tor. "
"That's so bad that I'm closing your ControlPort for you.");
log_warn(LD_CONFIG,
"You have a ControlListenAddress set to accept "
"unauthenticated connections from a non-local address. "
"This means that programs not running on your computer "
"can reconfigure your Tor, without even having to guess a "
"password. That's so bad that I'm closing your ControlPort "
"for you. If you need to control your Tor remotely, try "
"enabling authentication and using a tool like stunnel or "
"ssh to encrypt remote access.");
options->ControlPort = 0;
} else {
log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
"connections from a non-local address. This means that "
"programs not running on your computer can reconfigure your "
"Tor. That's pretty bad!");
"Tor. That's pretty bad, since the controller "
"protocol isn't encrypted! Maybe you should just listen on "
"127.0.0.1 and use a tool like stunnel or ssh to encrypt "
"remote connections to your control port.");
}
}
}