[tor-bugs] #21346 [Core Tor/Tor]: Clients with NoIPv4Traffic should only choose IPv6-supporting Exits

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu May 3 01:41:55 UTC 2018 

#21346: Clients with NoIPv4Traffic should only choose IPv6-supporting Exits
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ipv6, 031-deferred-20170425,         |  Actual Points:
  032-unreached                                  |
Parent ID:  #21311                               |         Points:  0.5
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:4 neel]:
 > in `connection_ap_get_begincell_flags()`, would it be okay that in:
 >
 > {{{
 >   if (!ap_conn->entry_cfg.ipv4_traffic)
 >     flags |= BEGIN_FLAG_IPV4_NOT_OK;
 > }}}
 >
 > I add an `||` with `options->NoIPv4Traffic` in the `if` statement.
 >
 > And here:
 >
 > {{{
 >   if (ap_conn->entry_cfg.ipv6_traffic && exitnode) {
 >     tor_addr_t a;
 >     tor_addr_make_null(&a, AF_INET6);
 >     if (compare_tor_addr_to_node_policy(&a,
 ap_conn->socks_request->port,
 >                                         exitnode)
 >         != ADDR_POLICY_REJECTED) {
 >       /* Only say "IPv6 OK" if the exit node supports IPv6. Otherwise
 there's
 >        * no point. */
 >       flags |= BEGIN_FLAG_IPV6_OK;
 >     }
 >   }
 > }}}
 >
 > I add an `&&` with `!options->NoIPv6Traffic` in the `if` statement.
 >
 > Is this correct, or should I do something else instead?
 >
 > **UPDATE:** correct a paragraph.

 NoIPv4Traffic is not in options.

 It is a SOCKSPort option flag, and it is the same as
 `!ap_conn->entry_cfg.ipv4_traffic` and `ap_conn->entry_cfg.ipv6_traffic`.

 You need to:
 * modify exit selection before the circuit so that only exits that support
 IPv6 are chosen when `!ap_conn->entry_cfg.ipv4_traffic`
 * modify stream attachment after the circuit is built so that only streams
 with exits that support IPv6 are chosen when
 `!ap_conn->entry_cfg.ipv4_traffic`

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21346#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list