o Major bugfixes (compilation):
- Try to fix win32 compilation again: Improve checking for ipv6 types.
+ o Minor featuers (security):
+ - Warn about unsafe ControlPort configurations.
+
Changes in version 0.2.0.4-alpha - 2007-08-01
o Major security fixes:
if (options->HashedControlPassword && options->CookieAuthentication)
REJECT("Cannot set both HashedControlPassword and CookieAuthentication");
+ if (options->ControlListenAddress) {
+ int all_are_local = 1;
+ config_line_t *ln;
+ for (ln = options->ControlListenAddress; ln; ln = ln->next) {
+ if (strcmpstart(ln->value, "127."))
+ all_are_local = 0;
+ }
+ if (!all_are_local) {
+ if (!options->HashedControlPassword && !options->CookieAuthentication) {
+ log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
+ "connections from a non-local address. This means that "
+ "any program on the internet can reconfigure your Tor. "
+ "That's so bad that I'm closing your ControlPort for you.");
+ options->ControlPort = 0;
+ } else {
+ log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
+ "connections from a non-local address. This means that "
+ "programs not running on your computer can reconfigure your "
+ "Tor. That's pretty bad!");
+ }
+ }
+ }
+
+ if (options->ControlPort && !options->HashedControlPassword &&
+ !options->CookieAuthentication) {
+ log_warn(LD_CONFIG, "ControlPort is open, but no authentication method "
+ "has been configured. This means that any program on your "
+ "computer can reconfigure your Tor. That's bad! You should "
+ "upgrade your Tor controller as soon as possible.");
+ }
+
if (options->UseEntryGuards && ! options->NumEntryGuards)
REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0");
projects / thirdparty / tor.git / commitdiff
