From: Roger Dingledine <arma@torproject.org>
Date: Sat, 7 Aug 2004 00:19:14 +0000 (+0000)
Subject: reject tor-resolve requests for .onion addresses early
X-Git-Tag: tor-0.0.8pre3~41
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9952b37456c03b09e5768aaf7e3cf8baa2353d84;p=thirdparty%2Ftor.git

reject tor-resolve requests for .onion addresses early


svn:r2174
---

diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 2fe85e5416..f8cdbe139b 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -401,11 +401,20 @@ static int connection_ap_handshake_process_socks(connection_t *conn) {
     return connection_ap_handshake_attach_circuit(conn);
   } else {
     /* it's a hidden-service request */
-    /* XXX008 what does it mean to socks-resolve a hidden service? should
-     * we fail those right here? */
     rend_cache_entry_t *entry;
     int r;
 
+    if (socks->command == SOCKS_COMMAND_RESOLVE) {
+      /* if it's a resolve request, fail it right now, rather than
+       * building all the circuits and then realizing it won't work. */
+      connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL);
+      conn->socks_request->has_finished = 1;
+      conn->has_sent_end = 1;
+      connection_mark_for_close(conn);
+      conn->hold_open_until_flushed = 1;
+      return 0;
+    }
+
     strcpy(conn->rend_query, socks->address); /* this strcpy is safe -RD */
     log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query);
     /* see if we already have it cached */