relay: Don't allow DirPort on non-IPv4

Our code doesn't allow it and so this prevents an assert() crash if the
DirPort is for instance IPv6 only.

Fixes #40494

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/changes/ticket40494 b/changes/ticket40494
new file mode 100644 (file)
index 0000000..a0e6c38
--- /dev/null
+++ b/changes/ticket40494
@@ -0,0 +1,5 @@
+  o Minor bugfixes (relay):
+    - Reject IPv6-only DirPorts. Our reachability self-test forces DirPorts to
+      be IPv4, but our configuration parser allowed them to be IPv6-only,
+      which led to an assertion failure. Fixes bug 40494; bugfix on
+      0.4.5.1-alpha.

diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt
index 209900832f7f6014292ea009f0116a361ae1a8a2..7c0071500e321348b2b5c887279341f7ca3596e1 100644 (file)
--- a/doc/man/tor.1.txt
+++ b/doc/man/tor.1.txt
@@ -2803,7 +2803,8 @@ details.)
     more than once, but only one advertised DirPort is supported: all
     but one DirPort must have the **NoAdvertise** flag set. (Default: 0) +
      +
-    The same flags are supported here as are supported by ORPort.
+    The same flags are supported here as are supported by ORPort. This port can
+    only be IPv4.
 
 [[DirPortFrontPage]] **DirPortFrontPage** __FILENAME__::
     When this option is set, it takes an HTML file and publishes it as "/" on

diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c
index c4a5d7f572cf006755dbc989190db888e9b14f4d..8ea0ad8397954036824bcb6097fe0a9d8e56ee83 100644 (file)
--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -352,6 +352,7 @@ check_and_prune_server_ports(smartlist_t *ports,
   int n_orport_listeners = 0;
   int n_dirport_advertised = 0;
   int n_dirport_listeners = 0;
+  int n_dirport_listeners_v4 = 0;
   int n_low_port = 0;
   int r = 0;
 
@@ -362,8 +363,12 @@ check_and_prune_server_ports(smartlist_t *ports,
     if (port->type == CONN_TYPE_DIR_LISTENER) {
       if (! port->server_cfg.no_advertise)
         ++n_dirport_advertised;
-      if (! port->server_cfg.no_listen)
+      if (! port->server_cfg.no_listen) {
         ++n_dirport_listeners;
+        if (port_binds_ipv4(port)) {
+          ++n_dirport_listeners_v4;
+        }
+      }
     } else if (port->type == CONN_TYPE_OR_LISTENER) {
       if (! port->server_cfg.no_advertise) {
         ++n_orport_advertised;
@@ -408,6 +413,12 @@ check_and_prune_server_ports(smartlist_t *ports,
              "address. Tor needs to listen on an IPv4 address too.");
     r = -1;
   }
+  if (n_dirport_advertised && n_dirport_listeners_v4 == 0) {
+    log_warn(LD_CONFIG, "We are listening on a non-IPv4 DirPort. This is not "
+                        "allowed. Consider either setting an IPv4 address or "
+                        "simply removing it because it is not used anymore.");
+    r = -1;
+  }
 
   if (n_low_port && options->AccountingMax &&
       (!have_capability_support() || options->KeepBindCapabilities == 0)) {