From b3918b3bbbfa9097246d63746c8b540eff2ec8e8 Mon Sep 17 00:00:00 2001
From: Sebastian Hahn <sebastian@torproject.org>
Date: Sun, 6 Mar 2011 18:20:28 +0100
Subject: [PATCH 1/3] Disallow reject6 and accept6 lines in descriptors

This fixes a remotely triggerable assert on directory authorities, who
don't handle descriptors with ipv6 contents well yet. We will want to
revert this once we're ready to handle ipv6.

Issue raised by lorth on #tor, who wasn't able to use Tor anymore.
Analyzed with help from Christian Fromme. Fix suggested by arma. Bugfix
on 0.2.1.3-alpha.
---
 src/or/routerparse.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index aa0687d883..d76b00698f 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -222,8 +222,6 @@ typedef struct token_rule_t {
 static token_rule_t routerdesc_token_table[] = {
   T0N("reject",              K_REJECT,              ARGS,    NO_OBJ ),
   T0N("accept",              K_ACCEPT,              ARGS,    NO_OBJ ),
-  T0N("reject6",             K_REJECT6,             ARGS,    NO_OBJ ),
-  T0N("accept6",             K_ACCEPT6,             ARGS,    NO_OBJ ),
   T1_START( "router",        K_ROUTER,              GE(5),   NO_OBJ ),
   T1( "signing-key",         K_SIGNING_KEY,         NO_ARGS, NEED_KEY_1024 ),
   T1( "onion-key",           K_ONION_KEY,           NO_ARGS, NEED_KEY_1024 ),

From fb421c00052cfebda33c4d42346c7eeef30f865f Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sun, 6 Mar 2011 13:15:32 -0500
Subject: [PATCH 2/3] Changes file for ipv6 parsing issue

---
 changes/ipv6_crash | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 changes/ipv6_crash

diff --git a/changes/ipv6_crash b/changes/ipv6_crash
new file mode 100644
index 0000000000..2b04355a57
--- /dev/null
+++ b/changes/ipv6_crash
@@ -0,0 +1,3 @@
+  o Major bugfixes (directory authority)
+    - Fix a crash in parsing router descriptors containing IPv6
+      addresses.  Bugfix on 0.2.1.3-alpha.

From 8b01fd7badc893b849d4394a2b72d422eecf7913 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sun, 6 Mar 2011 13:16:53 -0500
Subject: [PATCH 3/3] exit_policy_is_general_exit is IPv4 only; it should admit
 it.

---
 src/or/policies.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/or/policies.c b/src/or/policies.c
index 0a8fd7328e..f8c36c784b 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -880,6 +880,8 @@ exit_policy_is_general_exit(smartlist_t *policy)
 
   for (i = 0; i < 3; ++i) {
     SMARTLIST_FOREACH(policy, addr_policy_t *, p, {
+      if (tor_addr_family(&p->addr) != AF_INET)
+        continue; /* IPv4 only for now */
       if (p->prt_min > ports[i] || p->prt_max < ports[i])
         continue; /* Doesn't cover our port. */
       if (p->maskbits > 8)