[tor-commits] [tor/master] Apply SafeLogging in connection_describe_peer().

[nickm at torproject.org]

commit 8fbafd14021c9c9ec9b2e3f57752b96b8d2c809d
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Jul 13 14:42:30 2020 -0400

    Apply SafeLogging in connection_describe_peer().
---
 src/core/mainloop/connection.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index a91bc6408f..bde002fd2e 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -389,6 +389,7 @@ connection_describe_peer_internal(const connection_t *conn,
   const tor_addr_t *addr = &conn->addr;
   const char *address = NULL;
   const char *prep;
+  bool scrub = false;
   char extra_buf[128];
   extra_buf[0] = 0;
 
@@ -423,6 +424,7 @@ connection_describe_peer_internal(const connection_t *conn,
     /* We report the IDs we're talking to... */
     if (fast_digest_is_zero(or_conn->identity_digest)) {
       strlcpy(id_buf, "unknown", sizeof(id_buf));
+      scrub = true; // This could be a client, so scrub it.
     } else {
       base16_encode(id_buf, sizeof(id_buf),
                     or_conn->identity_digest, DIGEST_LEN);
@@ -439,6 +441,7 @@ connection_describe_peer_internal(const connection_t *conn,
       }
     }
   } else if (conn->type == CONN_TYPE_EXIT) {
+    scrub = true; /* This is a client's request; scrub it with SafeLogging. */
     if (tor_addr_is_null(addr)) {
       address = conn->address;
       strlcpy(extra_buf, " (DNS lookup pending)", sizeof(extra_buf));
@@ -458,6 +461,10 @@ connection_describe_peer_internal(const connection_t *conn,
     }
   }
 
+  if (scrub) {
+    address = safe_str(address);
+  }
+
   const char *sp = include_preposition ? " " : "";
   if (! include_preposition)
     prep = "";