commit 96fab4aaa60cacd123b3125d7b7c2e68704f8df1
parent 511c9006867926cbfcc824567b37e78856fa46d9
Author: Nick Mathewson <nickm@torproject.org>
Date: Wed, 24 May 2017 10:32:38 -0400
Improve clarity, safety, and rate of dns spoofing log msg
Closes ticket 3056.
Diffstat:
2 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/changes/bug3056 b/changes/bug3056
@@ -0,0 +1,3 @@
+ o Minor features (exit relay, DNS):
+ - Improve the clarity and safety of the log message from evdns when
+ receiving an apparent spoofed DNS reply. Closes ticket 3056.
diff --git a/src/or/dns.c b/src/or/dns.c
@@ -182,6 +182,18 @@ evdns_log_cb(int warn, const char *msg)
} else if (!strcmp(msg, "All nameservers have failed")) {
control_event_server_status(LOG_WARN, "NAMESERVER_ALL_DOWN");
all_down = 1;
+ } else if (!strcmpstart(msg, "Address mismatch on received DNS")) {
+ static ratelim_t mismatch_limit = RATELIM_INIT(3600);
+ const char *src = strstr(msg, " Apparent source");
+ if (!src || get_options()->SafeLogging) {
+ src = "";
+ }
+ log_fn_ratelim(&mismatch_limit, severity, LD_EXIT,
+ "eventdns: Received a DNS packet from "
+ "an IP address to which we did not send a request. This "
+ "could be a DNS spoofing attempt, or some kind of "
+ "misconfiguration.%s", src);
+ return;
}
tor_log(severity, LD_EXIT, "eventdns: %s", msg);
}
