mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
Merge remote-tracking branch 'yawning-schwanenlied/bug20261'
This commit is contained in:
commit
d25fed5174
4
changes/bug20261
Normal file
4
changes/bug20261
Normal file
@ -0,0 +1,4 @@
|
||||
o Minor bugfixes (client, unix domain sockets):
|
||||
- Disable IsolateClientAddr when using AF_UNIX backed SocksPorts
|
||||
as the client address is meaningless. Fixes bug 20261; bugfix on
|
||||
0.2.6.3-alpha.
|
@ -1046,8 +1046,9 @@ The following options are useful only for clients (that is, if
|
||||
another. Recognized isolation flags are:
|
||||
**IsolateClientAddr**;;
|
||||
Don't share circuits with streams from a different
|
||||
client address. (On by default and strongly recommended;
|
||||
you can disable it with **NoIsolateClientAddr**.)
|
||||
client address. (On by default and strongly recommended when
|
||||
supported; you can disable it with **NoIsolateClientAddr**.
|
||||
Unsupported and force-disabled when using Unix domain sockets.)
|
||||
**IsolateSOCKSAuth**;;
|
||||
Don't share circuits with streams for which different
|
||||
SOCKS authentication was provided. (On by default;
|
||||
|
@ -1041,6 +1041,10 @@ tor_addr_copy_tight(tor_addr_t *dest, const tor_addr_t *src)
|
||||
* Different address families (IPv4 vs IPv6) are always considered unequal if
|
||||
* <b>how</b> is CMP_EXACT; otherwise, IPv6-mapped IPv4 addresses are
|
||||
* considered equivalent to their IPv4 equivalents.
|
||||
*
|
||||
* As a special case, all AF_UNIX addresses are always considered equal
|
||||
* since tor_addr_t currently does not contain the information required to
|
||||
* make the comparison.
|
||||
*/
|
||||
int
|
||||
tor_addr_compare(const tor_addr_t *addr1, const tor_addr_t *addr2,
|
||||
@ -1114,6 +1118,18 @@ tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2,
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
case AF_UNIX:
|
||||
/* HACKHACKHACKHACKHACK:
|
||||
* tor_addr_t doesn't contain a copy of sun_path, so it's not
|
||||
* possible to comapre this at all.
|
||||
*
|
||||
* Since the only time we currently actually should be comparing
|
||||
* 2 AF_UNIX addresses is when dealing with ISO_CLIENTADDR (which
|
||||
* is diesabled for AF_UNIX SocksPorts anyway), this just returns 0.
|
||||
*
|
||||
* See: #20261.
|
||||
*/
|
||||
return 0;
|
||||
default:
|
||||
/* LCOV_EXCL_START */
|
||||
tor_fragile_assert();
|
||||
|
@ -6838,6 +6838,13 @@ parse_port_config(smartlist_t *out,
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (unix_socket_path && (isolation & ISO_CLIENTADDR)) {
|
||||
/* `IsolateClientAddr` is nonsensical in the context of AF_LOCAL.
|
||||
* just silently remove the isolation flag.
|
||||
*/
|
||||
isolation &= ~ISO_CLIENTADDR;
|
||||
}
|
||||
|
||||
if (out && port) {
|
||||
size_t namelen = unix_socket_path ? strlen(unix_socket_path) : 0;
|
||||
port_cfg_t *cfg = port_cfg_new(namelen);
|
||||
|
Loading…
Reference in New Issue
Block a user