diff options
author | David Kalnischkies <david@kalnischkies.de> | 2017-09-26 19:27:30 +0200 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2017-10-26 13:17:38 +0200 |
commit | fb73af35d69d998a75eefc946a8452e56c4ff99c (patch) | |
tree | a0a3eeab6846f90acef1dbfb44e88e45bc02b2b4 | |
parent | e9dca65c2ecd81678899e4e1fd47872488620fc1 (diff) |
proper error reporting for v3 onion services
APT connects just fine to any .onion address given, only if the connect
fails somehow it will perform checks on the sanity of which in this case
is checking the length as they are well defined and as the strings are
arbitrary a user typing them easily mistypes which apt should can be
slightly more helpful in figuring out by saying the onion hasn't the
required length.
(cherry picked from commit f3e34838d95132e5f318e85525326decbfb19e36)
-rw-r--r-- | methods/connect.cc | 6 | ||||
-rwxr-xr-x | test/integration/skip-method-http-socks-client | 28 |
2 files changed, 27 insertions, 7 deletions
diff --git a/methods/connect.cc b/methods/connect.cc index 949cd3f99..6a7b71c0b 100644 --- a/methods/connect.cc +++ b/methods/connect.cc @@ -523,13 +523,13 @@ bool UnwrapSocks(std::string Host, int Port, URI Proxy, std::unique_ptr<MethodFd else if (errcode == 0x01) { auto const prevdot = Host.rfind('.', lastdot - 1); - if (lastdot == 16 && prevdot == std::string::npos) + if (prevdot == std::string::npos && (lastdot == 16 || lastdot == 56)) ; // valid .onion address - else if (prevdot != std::string::npos && (lastdot - prevdot) == 17) + else if (prevdot != std::string::npos && ((lastdot - prevdot) == 17 || (lastdot - prevdot) == 57)) ; // valid .onion address with subdomain(s) else { - errstr = "Invalid hostname: onion service name must be 16 characters long"; + errstr = "Invalid hostname: onion service name must be either 16 or 56 characters long"; Owner->SetFailReason("SOCKS"); } } diff --git a/test/integration/skip-method-http-socks-client b/test/integration/skip-method-http-socks-client index f4146a6d1..b9e8393fd 100755 --- a/test/integration/skip-method-http-socks-client +++ b/test/integration/skip-method-http-socks-client @@ -143,19 +143,39 @@ testsuccess grep 'could not connect to ftp.vwakviie2ienjx6t.onion (0.0.0.0:0) du msgmsg 'tor: SOCKS user:pass request not granted too short' runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' runclient 'user:pass@' 'wakviie2ienjx6t.onion' -testsuccess grep 'could not connect to wakviie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be 16 characters long (1)' client.output +testsuccess grep 'could not connect to wakviie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output msgmsg 'tor: SOCKS user:pass request not granted too long' runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' runclient 'user:pass@' 'vwakviie2ienjx6t2.onion' -testsuccess grep 'could not connect to vwakviie2ienjx6t2.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be 16 characters long (1)' client.output +testsuccess grep 'could not connect to vwakviie2ienjx6t2.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output msgmsg 'tor: SOCKS user:pass request not granted too short subdomain' runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' runclient 'user:pass@' 'a.akviie2ienjx6t.onion' -testsuccess grep 'could not connect to a.akviie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be 16 characters long (1)' client.output +testsuccess grep 'could not connect to a.akviie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output msgmsg 'tor: SOCKS user:pass request not granted too short subdomains' runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' runclient 'user:pass@' 'a.a.viie2ienjx6t.onion' -testsuccess grep 'could not connect to a.a.viie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be 16 characters long (1)' client.output +testsuccess grep 'could not connect to a.a.viie2ienjx6t.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output + +msgmsg 'tor: SOCKS user:pass request not granted too short' +runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' +runclient 'user:pass@' 'l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67oro.onion' +testsuccess grep 'could not connect to l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67oro.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output + +msgmsg 'tor: SOCKS user:pass request not granted too long' +runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' +runclient 'user:pass@' 'l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad2.onion' +testsuccess grep 'could not connect to l5satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad2.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output + +msgmsg 'tor: SOCKS user:pass request not granted too short subdomain' +runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' +runclient 'user:pass@' 'a.satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion' +testsuccess grep 'could not connect to a.satjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output + +msgmsg 'tor: SOCKS user:pass request not granted too short subdomains' +runserver '05 02' '01 00' '05 01 00 01 00 00 00 00 00 00' +runclient 'user:pass@' 'a.a.tjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion' +testsuccess grep 'could not connect to a.a.tjgud6gucryazcyvyvhuxhr74u6ygigiuyixe3a6ysis67ororad.onion (0.0.0.0:0) due to: Invalid hostname: onion service name must be either 16 or 56 characters long (1)' client.output |