From d9a7d4779887dbd2cba082c2a5daa535fe0d36ce Mon Sep 17 00:00:00 2001
From: Neel Chauhan <neel@neelc.org>
Date: Fri, 19 Jul 2019 12:56:02 -0400
Subject: [PATCH] Check for private IPv6 addresses in
 dirserv_router_has_valid_address()

---
 src/feature/dirauth/process_descs.c | 16 +++++++++++++---
 src/feature/dirauth/process_descs.h |  4 ++++
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c
index a68d155651..e1a02179b0 100644
--- a/src/feature/dirauth/process_descs.c
+++ b/src/feature/dirauth/process_descs.c
@@ -428,7 +428,7 @@ dirserv_free_fingerprint_list(void)
 
 /** Return -1 if <b>ri</b> has a private or otherwise bad address,
  * unless we're configured to not care. Return 0 if all ok. */
-static int
+STATIC int
 dirserv_router_has_valid_address(routerinfo_t *ri)
 {
   tor_addr_t addr;
@@ -436,12 +436,22 @@ dirserv_router_has_valid_address(routerinfo_t *ri)
     return 0; /* whatever it is, we're fine with it */
   tor_addr_from_ipv4h(&addr, ri->addr);
 
-  if (tor_addr_is_internal(&addr, 0)) {
+  if (tor_addr_is_internal(&addr, 0) || tor_addr_is_null(&addr)) {
     log_info(LD_DIRSERV,
-             "Router %s published internal IP address. Refusing.",
+             "Router %s published internal IPv4 address. Refusing.",
              router_describe(ri));
     return -1; /* it's a private IP, we should reject it */
   }
+  /* We only check internal v6 on non-null addresses because we do not require
+   * IPv6 and null IPv6 is normal. */
+  if (tor_addr_is_internal(&ri->ipv6_addr, 0) &&
+      !tor_addr_is_null(&ri->ipv6_addr)) {
+    log_info(LD_DIRSERV,
+             "Router %s published internal IPv6 address. Refusing.",
+             router_describe(ri));
+    return -1; /* it's a private IP, we should reject it */
+  }
+
   return 0;
 }
 
diff --git a/src/feature/dirauth/process_descs.h b/src/feature/dirauth/process_descs.h
index 001c866eba..1d4085b091 100644
--- a/src/feature/dirauth/process_descs.h
+++ b/src/feature/dirauth/process_descs.h
@@ -36,4 +36,8 @@ void dirserv_set_node_flags_from_authoritative_status(node_t *node,
 
 int dirserv_would_reject_router(const routerstatus_t *rs);
 
+#ifdef TOR_UNIT_TESTS
+STATIC int dirserv_router_has_valid_address(routerinfo_t *ri);
+#endif /* defined(TOR_UNIT_TESTS) */
+
 #endif /* !defined(TOR_RECV_UPLOADS_H) */