--- /dev/null
+ o Minor features (ipv6):
+ - We add an option ClientAutoIPv6ORPort which makes clients randomly
+ prefer a node's IPv4 or IPv6 ORPort. The random preference is set
+ every time a node is loaded from a new consensus or bridge config.
+ Closes ticket 27490. Patch by Neel Chauhan.
+
other clients prefer IPv4. Other things may influence the choice. This
option breaks a tie to the favor of IPv6. (Default: auto)
+[[ClientAutoIPv6ORPort]] **ClientAutoIPv6ORPort** **0**|**1**::
+ If this option is set to 1, Tor clients randomly prefer a node's IPv4 or
+ IPv6 ORPort. The random preference is set every time a node is loaded
+ from a new consensus or bridge config. When this option is set to 1,
+ **ClientPreferIPv6ORPort** is ignored. (Default: 0)
+
[[PathsNeededToBuildCircuits]] **PathsNeededToBuildCircuits** __NUM__::
Tor clients don't build circuits for user traffic until they know
about enough of the network so that they could potentially construct
V(ClientOnly, BOOL, "0"),
V(ClientPreferIPv6ORPort, AUTOBOOL, "auto"),
V(ClientPreferIPv6DirPort, AUTOBOOL, "auto"),
+ V(ClientAutoIPv6ORPort, BOOL, "0"),
V(ClientRejectInternalAddresses, BOOL, "1"),
V(ClientTransportPlugin, LINELIST, NULL),
V(ClientUseIPv6, BOOL, "0"),
* accessing this value directly. */
int ClientPreferIPv6DirPort;
+ /** If true, prefer an IPv4 or IPv6 OR port at random. */
+ int ClientAutoIPv6ORPort;
+
/** The length of time that we think a consensus should be fresh. */
int V3AuthVotingInterval;
/** The length of time we think it will take to distribute votes. */
return;
}
+ if (fascist_firewall_use_ipv6(options)) {
+ log_info(LD_NET, "Our outgoing connection is using IPv%d.",
+ tor_addr_family(&real_addr) == AF_INET6 ? 6 : 4);
+ }
+
/* Check if we couldn't satisfy an address family preference */
if ((!pref_ipv6 && tor_addr_family(&real_addr) == AF_INET6)
|| (pref_ipv6 && tor_addr_family(&real_addr) == AF_INET)) {
#include "feature/nodelist/routerparse.h"
#include "feature/stats/geoip.h"
#include "ht.h"
+#include "lib/crypt_ops/crypto_rand.h"
#include "lib/encoding/confline.h"
#include "core/or/addr_policy_st.h"
return -1;
}
+/* Choose whether we prefer IPv4 or IPv6 by randomly choosing an address
+ * family. Return 0 for IPv4, and 1 for IPv6. */
+static int
+fascist_firewall_rand_prefer_ipv6_addr(void)
+{
+ /* TODO: Check for failures, and infer our preference based on this. */
+ return crypto_rand_int(2);
+}
+
/** Do we prefer to connect to IPv6 ORPorts?
* Use node_ipv6_or_preferred() whenever possible: it supports bridge client
* per-node IPv6 preferences.
}
/* We can use both IPv4 and IPv6 - which do we prefer? */
- if (options->ClientPreferIPv6ORPort == 1) {
+ if (options->ClientAutoIPv6ORPort == 1) {
+ /* If ClientAutoIPv6ORPort is 1, we prefer IPv4 or IPv6 at random. */
+ return fascist_firewall_rand_prefer_ipv6_addr();
+ } else if (options->ClientPreferIPv6ORPort == 1) {
return 1;
}
}
}
- if (options->ClientPreferIPv6ORPort == -1) {
+ if (options->ClientPreferIPv6ORPort == -1 ||
+ options->ClientAutoIPv6ORPort == 0) {
/* Mark which address to use based on which bridge_t we got. */
node->ipv6_preferred = (tor_addr_family(&bridge->addr) == AF_INET6 &&
!tor_addr_is_null(&node->ri->ipv6_addr));
projects / thirdparty / tor.git / commitdiff
