--- /dev/null
+ o Minor bugfixes (relay):
+ - Allow relays to have a RFC1918 address if PublishServerDescriptor is set
+ to 0 and AssumeReachable is set to 1. This is to support the use case of a
+ bridge on a local network that can be used by restricted users on that
+ network to reach the Tor network. Fixes bug 40208; bugfix on
+ 0.4.5.1-alpha.
goto allow;
}
- /* We have a private IP address. It is allowed only if we set custom
+ /* We allow internal addresses to be used if the PublishServerDescriptor is
+ * unset and AssumeReachable (or for IPv6) is set.
+ *
+ * This is to cover the case where a relay/bridge might be run behind a
+ * firewall on a local network to users can reach the network through it
+ * using Tor Browser for instance. */
+ if (options->PublishServerDescriptor_ == NO_DIRINFO &&
+ (options->AssumeReachable ||
+ (tor_addr_family(addr) == AF_INET6 && options->AssumeReachableIPv6))) {
+ goto allow;
+ }
+
+ /* We have a private IP address. This is also allowed if we set custom
* directory authorities. */
if (using_default_dir_authorities(options)) {
log_fn(warn_severity, LD_CONFIG,
options = options_new();
options_init(options);
+ options->PublishServerDescriptor_ = V3_DIRINFO;
/*
* Case 0:
VALIDATE_FOUND_ADDRESS(true, RESOLVED_ADDR_INTERFACE, NULL);
CLEANUP_FOUND_ADDRESS;
+ /*
+ * Case 15: Address is a local address (internal) but we unset
+ * PublishServerDescriptor_ so we are allowed to hold it.
+ */
+ options->PublishServerDescriptor_ = NO_DIRINFO;
+ if (p->family == AF_INET) {
+ options->AssumeReachable = 1;
+ }
+ config_line_append(&options->Address, "Address", p->internal_ip);
+
+ tor_addr_parse(&test_addr, p->internal_ip);
+ retval = find_my_address(options, p->family, LOG_NOTICE, &resolved_addr,
+ &method_used, &hostname_out);
+ VALIDATE_FOUND_ADDRESS(true, RESOLVED_ADDR_CONFIGURED, NULL);
+ CLEANUP_FOUND_ADDRESS;
+
UNMOCK(get_interface_address6);
UNMOCK(tor_gethostname);
UNMOCK(tor_addr_lookup);
projects / thirdparty / tor.git / commitdiff
