mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-20 21:16:22 +02:00
list the port and socks version when complaining about unsafe socks
svn:r2188
This commit is contained in:
parent
bc24c3f47d
commit
dbf150bd4e
@ -484,10 +484,7 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
|
||||
log_fn(LOG_DEBUG,"socks5: ipv4 address type");
|
||||
if(buf->datalen < 10) /* ip/port there? */
|
||||
return 0; /* not yet */
|
||||
if(!have_warned_about_unsafe_socks) {
|
||||
log_fn(LOG_WARN,"Your application is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.");
|
||||
// have_warned_about_unsafe_socks = 1; // (for now, warn every time)
|
||||
}
|
||||
|
||||
destip = ntohl(*(uint32_t*)(buf->mem+4));
|
||||
in.s_addr = htonl(destip);
|
||||
tmpbuf = inet_ntoa(in);
|
||||
@ -499,6 +496,10 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
|
||||
strcpy(req->address,tmpbuf);
|
||||
req->port = ntohs(*(uint16_t*)(buf->mem+8));
|
||||
buf_remove_from_front(buf, 10);
|
||||
if(!have_warned_about_unsafe_socks) {
|
||||
log_fn(LOG_WARN,"Your application (socks5, on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.", req->port);
|
||||
// have_warned_about_unsafe_socks = 1; // (for now, warn every time)
|
||||
}
|
||||
return 1;
|
||||
case 3: /* fqdn */
|
||||
log_fn(LOG_DEBUG,"socks5: fqdn address type");
|
||||
@ -565,7 +566,7 @@ int fetch_from_buf_socks(buf_t *buf, socks_request_t *req) {
|
||||
|
||||
startaddr = next+1;
|
||||
if(socks4_prot != socks4a && !have_warned_about_unsafe_socks) {
|
||||
log_fn(LOG_WARN,"Your application is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.");
|
||||
log_fn(LOG_WARN,"Your application (socks4, on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.", req->port);
|
||||
// have_warned_about_unsafe_socks = 1; // (for now, warn every time)
|
||||
}
|
||||
if(socks4_prot == socks4a) {
|
||||
|
Loading…
Reference in New Issue
Block a user