Add an AssumeReachableIPv6 autobool option.

This option tells Tor that our IPv6 orport is reachable, and doesn't need to be checked. Closes the rest of 33224.
2024-11-27 13:53:31 +01:00 · 2020-06-24 15:12:57 -04:00 · 2020-06-24 15:12:57 -04:00 · edb023b1e7
commit edb023b1e7
parent 6edf7f6710
6 changed files with 32 additions and 8 deletions
--- a/changes/ticket33224
+++ b/changes/ticket33224
@ -0,0 +1,3 @@
+  o Minor features (relay, IPv6):
+    - Add an AssumeReachableIPv6 option to disable self-checking IPv6
+      reachability. Closes part of ticket 33224.
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -2146,7 +2146,12 @@ is non-zero):
    don't do self-reachability testing; just upload your server descriptor
    immediately. If **AuthoritativeDirectory** is also set, this option
    instructs the dirserver to bypass remote reachability testing too and list
-    all connected servers as running.
+    all connected servers as running. (Default: 0)
+
+[[AssumeReachableIPv6]] **AssumeReachableIPv6** **0**|**1**|**auto**::
+    Like **AssumeReachable**, but affects only the relay's own IPv6 ORPort.
+    If this value is set to "auto", then Tor will look at **AssumeReachable**
+    instead. (Default: auto)

 [[BridgeRelay]] **BridgeRelay** **0**|**1**::
    Sets the relay to act as a "bridge" with respect to relaying connections
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@ -323,6 +323,7 @@ static const config_var_t option_vars_[] = {
  V(AlternateDirAuthority,       LINELIST, NULL),
  OBSOLETE("AlternateHSAuthority"),
  V(AssumeReachable,             BOOL,     "0"),
+  V(AssumeReachableIPv6,         AUTOBOOL, "auto"),
  OBSOLETE("AuthDirBadDir"),
  OBSOLETE("AuthDirBadDirCCs"),
  V(AuthDirBadExit,              LINELIST, NULL),
@ -3229,6 +3230,10 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
    REJECT("TokenBucketRefillInterval must be between 1 and 1000 inclusive.");
  }

+  if (options->AssumeReachable && options->AssumeReachableIPv6 == 0) {
+    REJECT("Cannot set AssumeReachable 1 and AssumeReachableIPv6 0.");
+  }
+
  if (options->ExcludeExitNodes || options->ExcludeNodes) {
    options->ExcludeExitNodesUnion_ = routerset_new();
    routerset_union(options->ExcludeExitNodesUnion_,options->ExcludeExitNodes);
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@ -195,7 +195,14 @@ struct or_options_t {
  unsigned int HTTPTunnelPort_set : 1;
  /**@}*/

-  int AssumeReachable; /**< Whether to publish our descriptor regardless. */
+  /** Whether to publish our descriptor regardless of all our self-tests
+   */
+  int AssumeReachable;
+  /** Whether to publish our descriptor regardless of IPv6 self-tests.
+   *
+   * This is an autobool; when set to AUTO, it uses AssumeReachable.
+   **/
+  int AssumeReachableIPv6;
  int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
  int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory
                           * for version 3 directories? */
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@ -1374,13 +1374,13 @@ decide_if_publishable_server(void)
    return 1;
  if (!router_get_advertised_or_port(options))
    return 0;
-  if (!router_orport_seems_reachable(AF_INET)) {
+  if (!router_orport_seems_reachable(options, AF_INET)) {
    // We have an ipv4 orport, and it doesn't seem reachable.
    if (!publish_even_when_ipv4_orport_unreachable) {
      return 0;
    }
  }
-  if (!router_orport_seems_reachable(AF_INET6)) {
+  if (!router_orport_seems_reachable(options, AF_INET6)) {
    // We have an ipv6 orport, and it doesn't seem reachable.
    if (!publish_even_when_ipv6_orport_unreachable) {
      return 0;
--- a/src/feature/relay/selftest.c
+++ b/src/feature/relay/selftest.c
@ -86,9 +86,8 @@ router_reachability_checks_disabled(const or_options_t *options)
 * orport checks.
 */
 int
-router_orport_seems_reachable(
-                                                const or_options_t *options,
-                                                int family)
+router_orport_seems_reachable(const or_options_t *options,
+                              int family)
 {
  tor_assert_nonfatal(family == AF_INET || family == AF_INET6 || family == 0);
  int reach_checks_disabled = router_reachability_checks_disabled(options);
@ -96,6 +95,11 @@ router_orport_seems_reachable(
    return true;
  }

+  // Note that we do a == 1 here, not just a boolean check.  This value
+  // is also an autobool, so CFG_AUTO does not mean that we should
+  // assume IPv6 ports are reachable.
+  const bool ipv6_assume_reachable = (options->AssumeReachableIPv6 == 1);
+
  // Which reachability flags should we look at?
  const bool checking_ipv4 = (family == AF_INET || family == 0);
  const bool checking_ipv6 = (family == AF_INET6 || family == 0);
@ -105,7 +109,7 @@ router_orport_seems_reachable(
      return false;
    }
  }
-  if (checking_ipv6) {
+  if (checking_ipv6 && !ipv6_assume_reachable) {
    if (have_orport_for_family(AF_INET6) && !can_reach_or_port_ipv6) {
      return false;
    }