From 9604980733c30cabbdeee818e82ea647ace5b0c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Mon, 22 May 2017 15:52:41 +0000 Subject: [PATCH] Log a warning if we receive a disallowed compression method for an anonymous connection. See: https://bugs.torproject.org/22305 --- src/or/directory.c | 13 +++++++++++++ src/or/directory.h | 1 + 2 files changed, 14 insertions(+) diff --git a/src/or/directory.c b/src/or/directory.c index e75c501cd8..6d66ac1db9 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -2356,6 +2356,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn) * compression method that is not allowed for anonymous connections. */ if (anonymized_connection && ! allowed_anonymous_connection_compression_method(compression)) { + warn_disallowed_anonymous_compression_method(compression); rv = -1; goto done; } @@ -2368,6 +2369,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn) * differently, try that. */ if (anonymized_connection && ! allowed_anonymous_connection_compression_method(guessed)) { + warn_disallowed_anonymous_compression_method(guessed); rv = -1; goto done; } @@ -3887,6 +3889,17 @@ allowed_anonymous_connection_compression_method(compress_method_t method) return 0; } +/** Log a warning when a remote server have send us a document using a + * compression method that is not allowed for anonymous directory requests. */ +STATIC void +warn_disallowed_anonymous_compression_method(compress_method_t method) +{ + log_fn(LOG_PROTOCOL_WARN, LD_HTTP, + "Received a %s HTTP response, which is not " + "allowed for anonymous directory requests.", + compression_method_get_human_name(method)); +} + /** Encodes the results of parsing a consensus request to figure out what * consensus, and possibly what diffs, the user asked for. */ typedef struct { diff --git a/src/or/directory.h b/src/or/directory.h index fecc8bd912..14d5ae9ef4 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -164,6 +164,7 @@ STATIC int handle_get_hs_descriptor_v3(dir_connection_t *conn, STATIC int directory_handle_command(dir_connection_t *conn); STATIC char *accept_encoding_header(void); STATIC int allowed_anonymous_connection_compression_method(compress_method_t); +STATIC void warn_disallowed_anonymous_compression_method(compress_method_t); #endif