[tor-bugs] #17027 [Tor]: policies_parse_exit_policy_internal should block all IPv4 and IPv6 local addresses
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Sep 15 09:02:46 UTC 2015
#17027: policies_parse_exit_policy_internal should block all IPv4 and IPv6 local
addresses
-------------------------+-------------------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: unspecified
Resolution: | Keywords: TorCoreTeam201509 security
Actual Points: | 026-backport
Points: | Parent ID:
-------------------------+-------------------------------------------------
Comment (by teor):
See my branch `bug17027-reject-private-all-interfaces-squashed` on
https://github.com/teor2345/tor.git
Commits:
* Add get_interface_address[6]_list by refactoring get_interface_address6
(with unit tests)
* ExitPolicyRejectInternal rejects a relay's published IPv6 address (if
we're an IPv6 Exit), and publicly routable IPv4 & IPv6 interface addresses
(with unit tests)
* Log an info-level message for each local IP address blocked this way
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17027#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list