mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 10:12:15 +01:00
Code Issues Projects Releases Wiki Activity

fix an assert: check the sockspolicy before we make/add the connection,

Browse Source 
else we close a connection without assigning it a state, which is bad
because it fails assert_conn_ok()


svn:r2156
This commit is contained in:
Roger Dingledine 2004-08-06 09:56:36 +00:00
parent 9467f5fc4f
commit 276d953b22
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/or/connection.c
View File

@ -412,6 +412,17 @@ static int connection_handle_listener_read(connection_t *conn, int new_type) {
set_socket_nonblocking(news);
/* process entrance policies here, before we even create the connection */
if(new_type == CONN_TYPE_AP) {
/* check sockspolicy to see if we should accept it */
if(socks_policy_permits_address(ntohl(remote.sin_addr.s_addr)) == 0) {
log_fn(LOG_WARN,"Denying socks connection from untrusted address %s.",
inet_ntoa(remote.sin_addr));
tor_close_socket(news);
return 0;
}
}
newconn = connection_new(new_type);
newconn->s = news;
@ -442,11 +453,6 @@ static int connection_init_accepted_conn(connection_t *conn) {
case CONN_TYPE_OR:
return connection_tls_start_handshake(conn, 1);
case CONN_TYPE_AP:
/* check sockspolicy to see if we should accept it */
if(socks_policy_permits_address(conn->addr) == 0) {
log_fn(LOG_WARN,"Denying socks connection from untrusted address %s.", conn->address);
return -1;
}
conn->state = AP_CONN_STATE_SOCKS_WAIT;
break;
case CONN_TYPE_DIR: