[or-cvs] absolutely refuse to let people pick internal IP addresses if

arma at seul.org arma at seul.org
Wed Jun 8 20:32:24 UTC 2005 

Update of /home2/or/cvsroot/tor/src/or
In directory moria:/home/arma/work/onion/cvs/tor/src/or

Modified Files:
	config.c 
Log Message:
absolutely refuse to let people pick internal IP addresses if
they're using the default dirservers.

we're getting a big pile of a dozen or so servers that have picked
private IP addresses despite the warning (presumably they don't even
know they have logs)


Index: config.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/config.c,v
retrieving revision 1.355
retrieving revision 1.356
diff -u -d -r1.355 -r1.356
--- config.c	8 Jun 2005 16:26:44 -0000	1.355
+++ config.c	8 Jun 2005 20:32:22 -0000	1.356
@@ -944,8 +944,9 @@
 }
 
 /**
- * Based on <b>address</b>, guess our public IP address and put it
- * in <b>addr</b>.
+ * Based on <b>options-\>Address</b>, guess our public IP address and put it
+ * in *<b>addr</b>. Return 0 if all is well, or -1 if we can't find a
+ * suitable public IP address.
  */
 int
 resolve_my_address(or_options_t *options, uint32_t *addr)
@@ -994,12 +995,23 @@
   }
 
   tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf));
-  if (!explicit_ip && is_internal_IP(htonl(in.s_addr))) {
-    log_fn(LOG_WARN,"Address '%s' resolves to private IP '%s'. "
-           "Please set the Address config option to be the IP you want to use.",
-           hostname, tmpbuf);
-    if (!options->NoPublish)
+  if (is_internal_IP(htonl(in.s_addr)) && !options->NoPublish) {
+    /* make sure we're ok with publishing an internal IP */
+    if (!options->DirServers) {
+      /* if they are using the default dirservers, disallow internal IPs always. */
+      log_fn(LOG_WARN,"Address '%s' resolves to private IP '%s'. "
+             "Servers must use public IP addresses.",
+             hostname, tmpbuf);
       return -1;
+    }
+    if (!explicit_ip) {
+      /* even if they've set their own dirservers, require an explicit IP if
+       * they're using an internal address. */
+      log_fn(LOG_WARN,"Address '%s' resolves to private IP '%s'. "
+             "Please set the Address config option to be the IP you want to use.",
+             hostname, tmpbuf);
+      return -1;
+    }
   }
 
   log_fn(LOG_DEBUG, "Resolved Address to %s.", tmpbuf);

More information about the tor-commits mailing list