- o Major feature (onion service v2):
- - Tor does NOT allow anymore to create v2 services, to connect as a client
- to a v2 service and for a relay to be a v2 HSDir or introduction point.
- This effectively disable onion service version 2 tor wide. Closes 40476.
- - The control port command HSFETCH and HSPOST don't allow version 2 as well.
- It is also not possible to create a v2 service with ADD_ONION.
- - See https://blog.torproject.org/v2-deprecation-timeline for details on
- how to transition from v2 to v3.
+ o Minor bugfix (onion service):
+ - Improve logging when a bad HS version is given. Fixes bug 40476; bugfix on
+ 0.4.6.1-alpha.
return 0;
}
+/** Return true iff <b>query</b> is a syntactically valid service ID (as
+ * generated by rend_get_service_id). */
+static int
+rend_valid_v2_service_id(const char *query)
+{
+ /** Length of 'y' portion of 'y.onion' URL. */
+#define REND_SERVICE_ID_LEN_BASE32 16
+
+ if (strlen(query) != REND_SERVICE_ID_LEN_BASE32)
+ return 0;
+
+ if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN_BASE32)
+ return 0;
+
+ return 1;
+}
+
/** Parse the given hostname in address. Returns true if the parsing was
* successful and type_out contains the type of the hostname. Else, false is
* returned which means it was not recognized and type_out is set to
if (q != address) {
memmove(address, q, strlen(q) + 1 /* also get \0 */);
}
+ /* v2 onion address check. */
+ if (strlen(query) == REND_SERVICE_ID_LEN_BASE32) {
+ *type_out = ONION_V2_HOSTNAME;
+ if (rend_valid_v2_service_id(query)) {
+ goto success;
+ }
+ goto failed;
+ }
/* v3 onion address check. */
if (strlen(query) == HS_SERVICE_ADDR_LEN_BASE32) {
failed:
/* otherwise, return to previous state and return 0 */
*s = '.';
- const bool is_onion = (*type_out == ONION_V3_HOSTNAME);
+ const bool is_onion = (*type_out == ONION_V2_HOSTNAME) ||
+ (*type_out == ONION_V3_HOSTNAME);
log_warn(LD_APP, "Invalid %shostname %s; rejecting",
is_onion ? "onion " : "",
safe_str_client(address));
char *url = NULL;
const or_options_t *options = get_options();
- (void) body_len;
-
log_debug(LD_DIRSERV,"Received POST command.");
conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;
tt_assert(parse_extended_hostname(address4, &type));
tt_int_op(type, OP_EQ, NORMAL_HOSTNAME);
- tt_assert(!parse_extended_hostname(address5, &type));
- tt_int_op(type, OP_EQ, BAD_HOSTNAME);
+ tt_assert(parse_extended_hostname(address5, &type));
+ tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME);
+ tt_str_op(address5, OP_EQ, "abcdefghijklmnop");
- tt_assert(!parse_extended_hostname(address6, &type));
- tt_int_op(type, OP_EQ, BAD_HOSTNAME);
+ tt_assert(parse_extended_hostname(address6, &type));
+ tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME);
+ tt_str_op(address6, OP_EQ, "abcdefghijklmnop");
tt_assert(!parse_extended_hostname(address7, &type));
tt_int_op(type, OP_EQ, BAD_HOSTNAME);
projects / thirdparty / tor.git / commitdiff
