[tor-bugs] #29570 [Core Tor/Tor]: Enforce mutually exclusive logic for IPv6 ORPort flags
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Feb 28 21:44:38 UTC 2019
#29570: Enforce mutually exclusive logic for IPv6 ORPort flags
-------------------------------------------+-------------------------------
Reporter: s7r | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: tor-relay, ipv6, reachability | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------+-------------------------------
Comment (by s7r):
In this particular case, if only `ORPort 0.0.0.0:9050` was set, and it was
just HAProxy that listened on the IPv6 address and forwarded to the NAT
IPv4 address ORPort, while indeed strange and not recommended, would be
totally transparent to Tor / directory authorities and would of course not
be a bug.
But if you can have only a line: `ORPort [ipv6:address]:9050 NoListen` and
no following IPv6 ORPort with NoAdvertise, this is a bug as in config
parameters are not properly sanitized.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29570#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list