nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-30 23:53:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Consistently ignore multicast in internal reject private exit policies

Browse Source 
Consistently ignore multicast addresses when automatically
generating reject private exit policies.

Closes ticket 17763. Bug fix on 10a6390deb,
not in any released version of Tor. Patch by "teor".
This commit is contained in:
teor (Tim Wilson-Brown) 2015-12-07 14:44:23 +11:00
parent ee5337e904
commit 021958934f
4 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
changes/bug17763 Normal file
View File

@ -0,0 +1,5 @@
o Minor bug fixes (exit policies):
- Consistently ignore multicast addresses when automatically
generating reject private exit policies.
Closes ticket 17763. Bug fix on 10a6390deb3c9,
not in any released version of Tor. Patch by "teor".

2
src/common/address.c
View File

@ -1528,7 +1528,7 @@ get_interface_addresses_raw,(int severity))
} }
/** Return true iff <b>a</b> is a multicast address. */ /** Return true iff <b>a</b> is a multicast address. */
STATIC int int
tor_addr_is_multicast(const tor_addr_t *a) tor_addr_is_multicast(const tor_addr_t *a)
{ {
sa_family_t family = tor_addr_family(a); sa_family_t family = tor_addr_family(a);

2
src/common/address.h
View File

@ -221,6 +221,7 @@ int tor_addr_is_internal_(const tor_addr_t *ip, int for_listening,
const char *filename, int lineno); const char *filename, int lineno);
#define tor_addr_is_internal(addr, for_listening) \ #define tor_addr_is_internal(addr, for_listening) \
tor_addr_is_internal_((addr), (for_listening), SHORT_FILE__, __LINE__) tor_addr_is_internal_((addr), (for_listening), SHORT_FILE__, __LINE__)
int tor_addr_is_multicast(const tor_addr_t *a);
/** Longest length that can be required for a reverse lookup name. */ /** Longest length that can be required for a reverse lookup name. */
/* 32 nybbles, 32 dots, 8 characters of "ip6.arpa", 1 NUL: 73 characters. */ /* 32 nybbles, 32 dots, 8 characters of "ip6.arpa", 1 NUL: 73 characters. */
@ -311,7 +312,6 @@ tor_addr_port_t *tor_addr_port_new(const tor_addr_t *addr, uint16_t port);
#ifdef ADDRESS_PRIVATE #ifdef ADDRESS_PRIVATE
MOCK_DECL(smartlist_t *,get_interface_addresses_raw,(int severity)); MOCK_DECL(smartlist_t *,get_interface_addresses_raw,(int severity));
STATIC int tor_addr_is_multicast(const tor_addr_t *a);
MOCK_DECL(int,get_interface_address6_via_udp_socket_hack,(int severity, MOCK_DECL(int,get_interface_address6_via_udp_socket_hack,(int severity,
sa_family_t family, sa_family_t family,
tor_addr_t *addr)); tor_addr_t *addr));

3
src/or/policies.c
View File

@ -907,7 +907,8 @@ addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr)
static int static int
tor_addr_is_public_for_reject(const tor_addr_t *addr) tor_addr_is_public_for_reject(const tor_addr_t *addr)
{ {
return !tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0); return (!tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0)
&& !tor_addr_is_multicast(addr));
} }
/* Add "reject <b>addr</b>:*" to <b>dest</b>, creating the list as needed. /* Add "reject <b>addr</b>:*" to <b>dest</b>, creating the list as needed.