Merge remote-tracking branch 'tor-github/pr/1862/head'

2024-09-20 21:16:22 +02:00 · 2020-04-24 08:14:59 -04:00 · 2020-04-24 08:14:59 -04:00 · 7f9eaec538
commit 7f9eaec538
parent b2849f449b 8c55d34e0a
3 changed files with 27 additions and 12 deletions
--- a/changes/bug33899
+++ b/changes/bug33899
@ -0,0 +1,9 @@
+  o Minor bugfixes (IPv6, relay):
+    - Consider IPv6 addresses when checking if a connection is canonical.
+      In 17604, relays assumed that a remote relay could consider an IPv6
+      connection canonical, but did not set the canonical flag on their side
+      of the connection. Fixes bug 33899; bugfix on 0.3.1.1-alpha.
+    - Log IPv6 addresses on connections where this relay is the responder.
+      Previously, responding relays would replace the remote IPv6 address with
+      the IPv4 address from the consensus.
+      Fixes bug 33899; bugfix on 0.3.1.1-alpha.
--- a/src/core/or/connection_or.c
+++ b/src/core/or/connection_or.c
@ -902,12 +902,21 @@ connection_or_check_canonicity(or_connection_t *conn, int started_here)
  }

  if (r) {
-    tor_addr_port_t node_ap;
-    node_get_pref_orport(r, &node_ap);
-    /* XXXX proposal 186 is making this more complex.  For now, a conn
-       is canonical when it uses the _preferred_ address. */
-    if (tor_addr_eq(&conn->base_.addr, &node_ap.addr))
+    tor_addr_port_t node_ipv4_ap;
+    tor_addr_port_t node_ipv6_ap;
+    node_get_prim_orport(r, &node_ipv4_ap);
+    node_get_pref_ipv6_orport(r, &node_ipv6_ap);
+    if (tor_addr_eq(&conn->base_.addr, &node_ipv4_ap.addr) ||
+        tor_addr_eq(&conn->base_.addr, &node_ipv6_ap.addr)) {
      connection_or_set_canonical(conn, 1);
+    }
+    /* Choose the correct canonical address and port. */
+    tor_addr_port_t *node_ap;
+    if (tor_addr_family(&conn->base_.addr) == AF_INET) {
+      node_ap = &node_ipv4_ap;
+    } else {
+      node_ap = &node_ipv6_ap;
+    }
    if (!started_here) {
      /* Override the addr/port, so our log messages will make sense.
       * This is dangerous, since if we ever try looking up a conn by
@ -919,13 +928,14 @@ connection_or_check_canonicity(or_connection_t *conn, int started_here)
       * right IP address and port 56244, that wouldn't be as helpful. now we
       * log the "right" port too, so we know if it's moria1 or moria2.
       */
-      tor_addr_copy(&conn->base_.addr, &node_ap.addr);
-      conn->base_.port = node_ap.port;
+      /* See #33898 for a ticket that resolves this technical debt. */
+      tor_addr_copy(&conn->base_.addr, &node_ap->addr);
+      conn->base_.port = node_ap->port;
    }
    tor_free(conn->nickname);
    conn->nickname = tor_strdup(node_get_nickname(r));
    tor_free(conn->base_.address);
-    conn->base_.address = tor_addr_to_str_dup(&node_ap.addr);
+    conn->base_.address = tor_addr_to_str_dup(&node_ap->addr);
  } else {
    tor_free(conn->nickname);
    conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
--- a/src/core/or/connection_or.h
+++ b/src/core/or/connection_or.h
@ -22,10 +22,6 @@ or_connection_t *TO_OR_CONN(connection_t *);
 void connection_or_clear_identity(or_connection_t *conn);
 void connection_or_clear_identity_map(void);
 void clear_broken_connection_map(int disable);
-or_connection_t *connection_or_get_for_extend(const char *digest,
-                                              const tor_addr_t *target_addr,
-                                              const char **msg_out,
-                                              int *launch_out);

 void connection_or_block_renegotiation(or_connection_t *conn);
 int connection_or_reached_eof(or_connection_t *conn);