[tor-bugs] #21310 [Core Tor/Tor]: Fix IPv6Exit support in connection_exit_begin_conn()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 25 00:27:05 UTC 2017
#21310: Fix IPv6Exit support in connection_exit_begin_conn()
------------------------------+------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: ipv6
Actual Points: | Parent ID:
Points: 1 | Reviewer:
Sponsor: |
------------------------------+------------------------------
This code is wrong for at least two reasons:
* it should also unset BEGIN_FLAG_IPV6_OK, and
* it's way too early in the function: we might end up resolving an
IPv6-only hostname, learn that it doesn't match our exit policy, and send
the address back in the REASON_EXITPOLICY RELAY_END cell
(See https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt#n1436 )
{{{
if (! options->IPv6Exit) {
/* I don't care if you prefer IPv6; I can't give you any. */
bcell.flags &= ~BEGIN_FLAG_IPV6_PREFERRED;
/* If you don't want IPv4, I can't help. */
if (bcell.flags & BEGIN_FLAG_IPV4_NOT_OK) {
tor_free(address);
relay_send_end_cell_from_edge(rh.stream_id, circ,
END_STREAM_REASON_EXITPOLICY, NULL);
return 0;
}
}
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21310>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list