commit c3e50f0fde701c01d68ebea60e8b9e978937a201
parent cdbf756b90b05fcf8211d6fea302652923af4171
Author: David Goulet <dgoulet@torproject.org>
Date: Wed, 6 Oct 2021 13:25:08 -0400
Merge branch 'maint-0.4.6'
Diffstat:
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/changes/ticket40474 b/changes/ticket40474
@@ -0,0 +1,5 @@
+ o Minor bugfixes (onion service, TROVE-2021-008):
+ - Only log once any v2 access attempts in order to not pollute the logs
+ with warnings and avoid recording the times on disk when v2 access was
+ attempted. Important to note that the onion address was _never_ logged.
+ That is a Low security issue. Fixes bug 40474; bugfix on 0.4.5.8.
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
@@ -2561,10 +2561,15 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
/* We don't support v2 onions anymore. Log a warning and bail. */
if (addresstype == ONION_V2_HOSTNAME) {
- log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but this "
- "version of Tor no longer supports them. Please encourage the "
- "site operator to upgrade. For more information see "
- "https://blog.torproject.org/v2-deprecation-timeline.");
+ static bool log_once = false;
+ if (!log_once) {
+ log_warn(LD_PROTOCOL, "Tried to connect to a v2 onion address, but "
+ "this version of Tor no longer supports them. Please "
+ "encourage the site operator to upgrade. For more "
+ "information see "
+ "https://blog.torproject.org/v2-deprecation-timeline.");
+ log_once = true;
+ }
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
escaped(socks->address));
/* Send back the 0xF6 extended code indicating a bad hostname. This is
