commit 10480dff01bece13fabb1d81fa847f95c3e839f0 Author: Marek Majkowski marek@popcount.org Date: Thu Jun 13 17:29:14 2013 +0100
Fix #5584 - raise awareness of safer logging - warn about potentially unsafe config options --- changes/bug5584 | 4 ++++ src/or/config.c | 15 +++++++++++++++ 2 files changed, 19 insertions(+)
diff --git a/changes/bug5584 b/changes/bug5584 new file mode 100644 index 0000000..a81be00 --- /dev/null +++ b/changes/bug5584 @@ -0,0 +1,4 @@ + o Minor features: + - Raise awareness of safer logging - notice user of potentially + unsafe configuration options: logging above "notice" or + clearning SafeLogging flag. Fixes #5584. diff --git a/src/or/config.c b/src/or/config.c index e3ffbf2..09cbdcf 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1005,6 +1005,7 @@ options_act_reversible(const or_options_t *old_options, char **msg) int set_conn_limit = 0; int r = -1; int logs_marked = 0; + int old_min_log_level = get_min_log_level();
/* Daemonize _first_, since we only want to open most of this stuff in * the subprocess. Libevent bases can't be reliably inherited across @@ -1153,6 +1154,13 @@ options_act_reversible(const or_options_t *old_options, char **msg) control_adjust_event_log_severity(); tor_free(severity); } + if (get_min_log_level() >= LOG_INFO && + get_min_log_level() != old_min_log_level) { + log_warn(LD_GENERAL, "Your log may contain sensitive information - you're " + "logging above "notice". Please log safely. Don't log unless " + "it serves an important reason. Overwrite the log afterwards."); + } + SMARTLIST_FOREACH(replaced_listeners, connection_t *, conn, { log_notice(LD_NET, "Closing old %s on %s:%d", @@ -1335,6 +1343,13 @@ options_act(const or_options_t *old_options) } #endif
+ if (options->SafeLogging_ != SAFELOG_SCRUB_ALL && + (!old_options || old_options->SafeLogging_ != options->SafeLogging_)) { + log_warn(LD_GENERAL, "Your log may contain sensitive information - you " + "disabled SafeLogging. Please log safely. Don't log unless it " + "serves an important reason. Overwrite the log afterwards."); + } + if (options->Bridges) { mark_bridge_list(); for (cl = options->Bridges; cl; cl = cl->next) {