Update ExitPolicy when interface addresses change

Tor exit relays reject local interface addresses in their exit policy.

Make sure those policies are updated when interface addresses change.
This commit is contained in:
teor (Tim Wilson-Brown) 2016-02-02 15:05:59 +11:00
parent f09d03c384
commit 92b1c3b604
2 changed files with 15 additions and 2 deletions

5
changes/bug18208 Normal file
View File

@ -0,0 +1,5 @@
o Minor bug fixes (exit policies, security):
- Refresh an exit relay's exit policy when interface addresses change.
Previously, tor only refreshed the exit policy when the configured
external address changed.
Closes ticket 18208 on tor 0.2.7.3. Patch by "teor".

View File

@ -2195,7 +2195,10 @@ got_libevent_error(void)
void
ip_address_changed(int at_interface)
{
int server = server_mode(get_options());
const or_options_t *options = get_options();
int server = server_mode(options);
int exit_reject_private = (server && options->ExitRelay
&& options->ExitPolicyRejectPrivate);
if (at_interface) {
if (! server) {
@ -2209,10 +2212,15 @@ ip_address_changed(int at_interface)
reset_bandwidth_test();
stats_n_seconds_working = 0;
router_reset_reachability();
mark_my_descriptor_dirty("IP address changed");
}
}
/* Exit relays incorporate interface addresses in their exit policies when
* ExitPolicyRejectPrivate is set */
if (exit_reject_private || (server && !at_interface)) {
mark_my_descriptor_dirty("IP address changed");
}
dns_servers_relaunch_checks();
}