Merge remote-tracking branch 'tor-gitlab/mr/296' into maint-0.4.5

This commit is contained in:
Nick Mathewson 2021-02-08 14:30:11 -05:00
commit 758000aa98
2 changed files with 23 additions and 14 deletions

4
changes/ticket40279 Normal file
View File

@ -0,0 +1,4 @@
o Major bugfixes (IPv6, relay):
- Fix a bug that prevented a relay to publish its descriptor in the case of
an auto-discovered IPv6 that was found unreachable for which we always
publish if the IPv4 is correct. Fixes bug 40279; bugfix on 0.4.5.1-alpha.

View File

@ -138,6 +138,18 @@ static authority_cert_t *legacy_key_certificate = NULL;
* used by tor-gencert to sign new signing keys and make new key * used by tor-gencert to sign new signing keys and make new key
* certificates. */ * certificates. */
/** Indicate if the IPv6 address should be omitted from the descriptor when
* publishing it. This can happen if the IPv4 is reachable but the
* auto-discovered IPv6 is not. We still publish the descriptor.
*
* Only relays should look at this and only for their descriptor.
*
* XXX: The real harder fix is to never put in the routerinfo_t a non
* reachable address and instead use the last resolved address cache to do
* reachability test or anything that has to do with what address tor thinks
* it has. */
static bool omit_ipv6_on_publish = false;
/** Return a readonly string with human readable description /** Return a readonly string with human readable description
* of <b>err</b>. * of <b>err</b>.
*/ */
@ -1396,7 +1408,11 @@ decide_if_publishable_server(void)
return 0; return 0;
} }
} }
if (!router_orport_seems_reachable(options, AF_INET6)) { /* We could be flagged to omit the IPv6 and if so, don't check for
* reachability on the IPv6. This can happen if the address was
* auto-discovered but turns out to be non reachable. */
if (!omit_ipv6_on_publish &&
!router_orport_seems_reachable(options, AF_INET6)) {
// We have an ipv6 orport, and it doesn't seem reachable. // We have an ipv6 orport, and it doesn't seem reachable.
if (!publish_even_when_ipv6_orport_unreachable) { if (!publish_even_when_ipv6_orport_unreachable) {
return 0; return 0;
@ -2085,7 +2101,8 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t **ri_out))
ri->ipv4_dirport = routerconf_find_dir_port(options, 0); ri->ipv4_dirport = routerconf_find_dir_port(options, 0);
/* Optionally check for an IPv6. We still publish without one. */ /* Optionally check for an IPv6. We still publish without one. */
if (relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG, if (!omit_ipv6_on_publish &&
relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG,
&ri->ipv6_addr)) { &ri->ipv6_addr)) {
ri->ipv6_orport = routerconf_find_or_port(options, AF_INET6); ri->ipv6_orport = routerconf_find_or_port(options, AF_INET6);
router_check_descriptor_address_consistency(&ri->ipv6_addr); router_check_descriptor_address_consistency(&ri->ipv6_addr);
@ -2459,18 +2476,6 @@ router_new_consensus_params(const networkstatus_t *ns)
publish_even_when_ipv6_orport_unreachable = ar || ar6; publish_even_when_ipv6_orport_unreachable = ar || ar6;
} }
/** Indicate if the IPv6 address should be omitted from the descriptor when
* publishing it. This can happen if the IPv4 is reachable but the
* auto-discovered IPv6 is not. We still publish the descriptor.
*
* Only relays should look at this and only for their descriptor.
*
* XXX: The real harder fix is to never put in the routerinfo_t a non
* reachable address and instead use the last resolved address cache to do
* reachability test or anything that has to do with what address tor thinks
* it has. */
static bool omit_ipv6_on_publish = false;
/** Mark our descriptor out of data iff the IPv6 omit status flag is flipped /** Mark our descriptor out of data iff the IPv6 omit status flag is flipped
* it changes from its previous value. * it changes from its previous value.
* *