Consistently ignore multicast in internal reject private exit policies

Consistently ignore multicast addresses when automatically generating reject private exit policies. Closes ticket 17763. Bug fix on 10a6390deb, not in any released version of Tor. Patch by "teor".
2024-11-27 22:03:31 +01:00 · 2015-12-07 14:44:23 +11:00 · 2015-12-07 14:44:23 +11:00 · 021958934f
commit 021958934f
parent ee5337e904
4 changed files with 9 additions and 3 deletions
--- a/changes/bug17763
+++ b/changes/bug17763
@ -0,0 +1,5 @@
+  o Minor bug fixes (exit policies):
+    - Consistently ignore multicast addresses when automatically
+      generating reject private exit policies.
+      Closes ticket 17763. Bug fix on 10a6390deb3c9,
+      not in any released version of Tor. Patch by "teor".
--- a/src/common/address.c
+++ b/src/common/address.c
@ -1528,7 +1528,7 @@ get_interface_addresses_raw,(int severity))
 }

 /** Return true iff <b>a</b> is a multicast address.  */
-STATIC int
+int
 tor_addr_is_multicast(const tor_addr_t *a)
 {
  sa_family_t family = tor_addr_family(a);
--- a/src/common/address.h
+++ b/src/common/address.h
@ -221,6 +221,7 @@ int tor_addr_is_internal_(const tor_addr_t *ip, int for_listening,
                          const char *filename, int lineno);
 #define tor_addr_is_internal(addr, for_listening) \
  tor_addr_is_internal_((addr), (for_listening), SHORT_FILE__, __LINE__)
+int tor_addr_is_multicast(const tor_addr_t *a);

 /** Longest length that can be required for a reverse lookup name. */
 /* 32 nybbles, 32 dots, 8 characters of "ip6.arpa", 1 NUL: 73 characters. */
@ -311,7 +312,6 @@ tor_addr_port_t *tor_addr_port_new(const tor_addr_t *addr, uint16_t port);

 #ifdef ADDRESS_PRIVATE
 MOCK_DECL(smartlist_t *,get_interface_addresses_raw,(int severity));
-STATIC int tor_addr_is_multicast(const tor_addr_t *a);
 MOCK_DECL(int,get_interface_address6_via_udp_socket_hack,(int severity,
                                                          sa_family_t family,
                                                          tor_addr_t *addr));
--- a/src/or/policies.c
+++ b/src/or/policies.c
@ -907,7 +907,8 @@ addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr)
 static int
 tor_addr_is_public_for_reject(const tor_addr_t *addr)
 {
-  return !tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0);
+  return (!tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0)
+          && !tor_addr_is_multicast(addr));
 }

 /* Add "reject <b>addr</b>:*" to <b>dest</b>, creating the list as needed.