diff options
| author | Roger Dingledine <arma@torproject.org> | 2008-01-20 05:54:15 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2008-01-20 05:54:15 +0000 |
| commit | ff62154ba3cb79b4b38f937552fdced04d2d950d (patch) | |
| tree | 537dc1c42f159314af9e97a848bffab12840a3e9 /src/or/connection_edge.c | |
| parent | a1f2817307ee2d4b4754db1d76f96f8019f5e857 (diff) | |
| download | tor-ff62154ba3cb79b4b38f937552fdced04d2d950d.tar tor-ff62154ba3cb79b4b38f937552fdced04d2d950d.tar.gz | |
New config options WarnPlaintextPorts and RejectPlaintextPorts so
Tor can warn and/or refuse connections to ports commonly used with
vulnerable-plaintext protocols.
We still need to figure out some good defaults for them.
svn:r13198
Diffstat (limited to 'src/or/connection_edge.c')
| -rw-r--r-- | src/or/connection_edge.c | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 9fc8da8fb..8b5c7d608 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -32,6 +32,7 @@ static int connection_ap_handshake_process_socks(edge_connection_t *conn); static int connection_ap_process_natd(edge_connection_t *conn); static int connection_exit_connect_dir(edge_connection_t *exitconn); static int address_is_in_virtual_range(const char *addr); +static int consider_plaintext_ports(edge_connection_t *conn, uint16_t port); /** An AP stream has failed/finished. If it hasn't already sent back * a socks reply, send one now (based on endreason). Also set @@ -470,6 +471,7 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info) { if (conn->marked_for_close || conn->type != CONN_TYPE_AP || + conn->state != AP_CONN_STATE_CIRCUIT_WAIT || !conn->chosen_exit_optional) continue; edge_conn = TO_EDGE_CONN(conn); @@ -482,6 +484,9 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info) escaped_safe_str(edge_conn->socks_request->address)); conn->chosen_exit_optional = 0; tor_free(edge_conn->chosen_exit_name); /* clears it */ + /* if this port is dangerous, warn or reject it now that we don't + * think it'll be using an enclave. */ + consider_plaintext_ports(edge_conn, edge_conn->socks_request->port); } }); } @@ -1182,6 +1187,32 @@ addressmap_get_mappings(smartlist_t *sl, time_t min_expires, } } +/** Check if <b>conn</b> is using a dangerous port. Then warn and/or + * reject depending on our config options. */ +static int +consider_plaintext_ports(edge_connection_t *conn, uint16_t port) +{ + or_options_t *options = get_options(); + int reject = smartlist_string_num_isin(options->RejectPlaintextPorts, port); + + if (smartlist_string_num_isin(options->WarnPlaintextPorts, port)) { + log_warn(LD_APP, "Application request to port %d: this port is " + "commonly used for unencrypted protocols. Please make sure " + "you don't send anything you would mind the rest of the " + "Internet reading!%s", port, reject ? " Closing." : ""); + control_event_client_status(LOG_WARN, "DANGEROUS_PORT PORT=%d RESULT=%s", + port, reject ? "REJECT" : "WARN"); + } + + if (reject) { + log_info(LD_APP, "Port %d listed in RejectPlaintextPorts. Closing.", port); + connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY); + return -1; + } + + return 0; +} + /** Connection <b>conn</b> just finished its socks handshake, or the * controller asked us to take care of it. If <b>circ</b> is defined, * then that's where we'll want to attach it. Otherwise we have to @@ -1396,6 +1427,11 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn, } } + /* warn or reject if it's using a dangerous port */ + if (!conn->use_begindir && !conn->chosen_exit_name && !circ) + if (consider_plaintext_ports(conn, socks->port) < 0) + return -1; + if (!conn->use_begindir) { /* help predict this next time */ rep_hist_note_used_port(socks->port, time(NULL)); |