[tor-commits] [tor/master] Refactor fascist_firewall_allows_address without changing behaviour

[nickm at torproject.org]

commit a4eddfff666226014545efd6f5bf390173c0fdfa
Author: teor (Tim Wilson-Brown) <teor2345 at gmail.com>
Date:   Sat Feb 20 19:32:33 2016 +1100

    Refactor fascist_firewall_allows_address without changing behaviour
---
 src/or/policies.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/or/policies.c b/src/or/policies.c
index 2c24555..e8f4a82 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -399,20 +399,26 @@ fascist_firewall_allows_address(const tor_addr_t *addr,
                                 int pref_only, int pref_ipv6)
 {
   const or_options_t *options = get_options();
+  const int client_mode = !server_mode(options);
 
   if (!addr || tor_addr_is_null(addr) || !port) {
     return 0;
   }
 
-  if (!server_mode(options)) {
-    if (tor_addr_family(addr) == AF_INET &&
-        (!options->ClientUseIPv4 || (pref_only && pref_ipv6)))
-      return 0;
+  /* Clients stop using IPv4 if it's disabled. In most cases, clients also
+   * stop using IPv4 if it's not preferred.
+   * Servers must have IPv4 enabled and preferred. */
+  if (tor_addr_family(addr) == AF_INET && client_mode &&
+      (!options->ClientUseIPv4 || (pref_only && pref_ipv6))) {
+    return 0;
   }
 
+  /* Clients and Servers won't use IPv6 unless it's enabled (and in most
+   * cases, IPv6 must also be preferred before it will be used). */
   if (tor_addr_family(addr) == AF_INET6 &&
-      (!fascist_firewall_use_ipv6(options) || (pref_only && !pref_ipv6)))
+      (!fascist_firewall_use_ipv6(options) || (pref_only && !pref_ipv6))) {
     return 0;
+  }
 
   return addr_policy_permits_tor_addr(addr, port,
                                       firewall_policy);