[tor-commits] [tor/release-0.3.3] Stop logging link auth warnings on Single Onion Services and Tor2web

Mon, 30 Jul 2018 05:49:55 -0700 

commit 6443812e343635d0db6ea1aac58b817732b7f29a
Author: teor <t...@torproject.org>
Date:   Wed Jul 25 14:28:06 2018 +1000

    Stop logging link auth warnings on Single Onion Services and Tor2web
    
    Instead, log a protocol warning when single onion services or
    Tor2web clients fail to authenticate direct connections to relays.
    
    Fixes bug 26924; bugfix on 0.2.9.1-alpha.
---
 changes/bug26924       | 4 ++++
 src/or/connection_or.c | 6 +++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/changes/bug26924 b/changes/bug26924
new file mode 100644
index 000000000..882db56b4
--- /dev/null
+++ b/changes/bug26924
@@ -0,0 +1,4 @@
+  o Minor bugfixes (single onion services, Tor2web):
+    - Log a protocol warning when single onion services or Tor2web clients
+      fail to authenticate direct connections to relays.
+      Fixes bug 26924; bugfix on 0.2.9.1-alpha.
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 8beedcae7..a01d08627 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -47,6 +47,7 @@
 #include "nodelist.h"
 #include "reasons.h"
 #include "relay.h"
+#include "rendcommon.h"
 #include "rephist.h"
 #include "router.h"
 #include "routerlist.h"
@@ -1628,10 +1629,13 @@ connection_or_client_learned_peer_id(or_connection_t 
*conn,
                                                    conn->identity_digest);
     const int is_authority_fingerprint = router_digest_is_trusted_dir(
                                                    conn->identity_digest);
+    const int non_anonymous_mode = rend_non_anonymous_mode_enabled(options);
     int severity;
     const char *extra_log = "";
 
-    if (server_mode(options)) {
+    /* Relays, Single Onion Services, and Tor2web make direct connections using
+     * untrusted authentication keys. */
+    if (server_mode(options) || non_anonymous_mode) {
       severity = LOG_PROTOCOL_WARN;
     } else {
       if (using_hardcoded_fingerprints) {



_______________________________________________
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Reply via email to