[tor-bugs] #17027 [Tor]: policies_parse_exit_policy_internal should block all IPv4 and IPv6 local addresses
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 17 03:39:24 UTC 2015
#17027: policies_parse_exit_policy_internal should block all IPv4 and IPv6 local
addresses
-------------------------------------------------+-------------------------
Reporter: teor | Owner:
Type: defect | Status:
Priority: High | needs_review
Component: Tor | Milestone: Tor:
Severity: Normal | 0.2.6.x-final
Keywords: TorCoreTeam201511, security, | Version: Tor:
026-backport, 027-backport | unspecified
Parent ID: | Resolution:
Sponsor: | Actual Points:
| Points:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:25 teor]:
> {{{
> nickm
> teor: other suggestion: instead of adding a bunch of tor_addr_t
arguments to policies_parse_exit_policy() etc, why not have them take a
const smartlist of "local" addresses?
> }}}
Please see my branch bug17027-reject-private-027-v5 which implements this
suggested change.
It also unifies the rejection list handling code, and does some extra
error checks.
The unit tests have also been updated.
(It turns out that when you get everything as a list, it all works very
neatly.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17027#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list