From c4bb3c8d447400573eb45f3e2076e6b80187f1b9 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 12 Feb 2014 15:32:50 -0500 Subject: [PATCH] Log only one message for dangerous log settings. We log only one message, containing a complete list of what's wrong. We log the complete list whenever any of the possible things that could have gotten wrong gets worse. Fix for #9870. Bugfix on 10480dff01bece13fab, which we merged in 0.2.5.1-alpha. --- changes/bug9870 | 5 +++++ src/or/config.c | 38 +++++++++++++++++++++++++------------- 2 files changed, 30 insertions(+), 13 deletions(-) create mode 100644 changes/bug9870 diff --git a/changes/bug9870 b/changes/bug9870 new file mode 100644 index 0000000000..b4b2c2df2a --- /dev/null +++ b/changes/bug9870 @@ -0,0 +1,5 @@ + o Minor bugfixes: + + - Log only one message when we start logging in an unsafe + way. Previously, we would log as many messages as we had + problems. Fix for #9870; bugfix on 0.2.5.1-alpha. diff --git a/src/or/config.c b/src/or/config.c index d2981771c0..dcbe88dccd 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1148,12 +1148,31 @@ options_act_reversible(const or_options_t *old_options, char **msg) tor_free(severity); tor_log_update_sigsafe_err_fds(); } - if (get_min_log_level() >= LOG_INFO && - get_min_log_level() != old_min_log_level) { - log_warn(LD_GENERAL, "Your log may contain sensitive information: you're " - "logging more than \"notice\". Please log safely. Don't log " - "unless it serves an important reason, and overwrite the log " - "afterwards."); + + { + const char *badness = NULL; + int bad_safelog = 0, bad_severity = 0, new_badness = 0; + if (options->SafeLogging_ != SAFELOG_SCRUB_ALL) { + bad_safelog = 1; + if (!old_options || old_options->SafeLogging_ != options->SafeLogging_) + new_badness = 1; + } + if (get_min_log_level() >= LOG_INFO) { + bad_severity = 1; + if (get_min_log_level() != old_min_log_level) + new_badness = 1; + } + if (bad_safelog && bad_severity) + badness = "you disabled SafeLogging, and " + "you're logging more than \"notice\""; + else if (bad_safelog) + badness = "you disabled SafeLogging"; + else + badness = "you're logging more than \"notice\""; + if (new_badness) + log_warn(LD_GENERAL, "Your log may contain sensitive information - %s. " + "Don't log unless it serves an important reason. " + "Overwrite the log afterwards.", badness); } SMARTLIST_FOREACH(replaced_listeners, connection_t *, conn, @@ -1341,13 +1360,6 @@ options_act(const or_options_t *old_options) } #endif - if (options->SafeLogging_ != SAFELOG_SCRUB_ALL && - (!old_options || old_options->SafeLogging_ != options->SafeLogging_)) { - log_warn(LD_GENERAL, "Your log may contain sensitive information - you " - "disabled SafeLogging. Please log safely. Don't log unless it " - "serves an important reason. Overwrite the log afterwards."); - } - if (options->Bridges) { mark_bridge_list(); for (cl = options->Bridges; cl; cl = cl->next) {