[tor-commits] [tor/release-0.3.2] Stop users configuring IPv6-only v3 single onion services

[nickm at torproject.org]

commit cc072b6fbfee7208f41309b76badec65adbca8ee
Author: teor <teor2345 at gmail.com>
Date:   Thu Oct 26 16:49:00 2017 +1100

    Stop users configuring IPv6-only v3 single onion services
    
    They are not yet implemented: they will upload descriptors, but won't be
    able to rendezvous, because IPv6 addresses in link specifiers are ignored.
    
    Part of #23820.
---
 src/or/hs_config.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index 5f9282ea7..fa5c1ab17 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -424,11 +424,19 @@ config_generic_service(const config_line_t *line_,
     }
   }
 
-  /* Check if we are configured in non anonymous mode and single hop mode
-   * meaning every service become single onion. */
-  if (rend_service_allow_non_anonymous_connection(options) &&
-      rend_service_non_anonymous_mode_enabled(options)) {
+  /* Check if we are configured in non anonymous mode meaning every service
+   * becomes a single onion service. */
+  if (rend_service_non_anonymous_mode_enabled(options)) {
     config->is_single_onion = 1;
+    /* We will add support for IPv6-only v3 single onion services in a future
+     * Tor version. This won't catch "ReachableAddresses reject *4", but that
+     * option doesn't work anyway. */
+    if (options->ClientUseIPv4 == 0 && config->version == HS_VERSION_THREE) {
+      log_warn(LD_CONFIG, "IPv6-only v3 single onion services are not "
+               "supported. Set HiddenServiceSingleHopMode 0 and "
+               "HiddenServiceNonAnonymousMode 0, or set ClientUseIPv4 1.");
+      goto err;
+    }
   }
 
   /* Success */