Stop users configuring IPv6-only v3 single onion services

author teor <teor2345@gmail.com>

Thu, 26 Oct 2017 05:49:00 +0000 (16:49 +1100)

committer Nick Mathewson <nickm@torproject.org>

Thu, 2 Nov 2017 14:19:05 +0000 (10:19 -0400)
author teor <teor2345@gmail.com>
Thu, 26 Oct 2017 05:49:00 +0000 (16:49 +1100)
committer Nick Mathewson <nickm@torproject.org>
Thu, 2 Nov 2017 14:19:05 +0000 (10:19 -0400)
diff --git a/src/or/hs_config.c b/src/or/hs_config.c

index 5f9282ea7942d1e11b7c666c4a3badb7acd399e2..fa5c1ab1768d340a7c2ab23acbf25cd76d7bc396 100644 (file)
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -424,11 +424,19 @@ config_generic_service(const config_line_t *line_,
      }
    }
  
-  /* Check if we are configured in non anonymous mode and single hop mode
-   * meaning every service become single onion. */
-  if (rend_service_allow_non_anonymous_connection(options) &&
-      rend_service_non_anonymous_mode_enabled(options)) {
+  /* Check if we are configured in non anonymous mode meaning every service
+   * becomes a single onion service. */
+  if (rend_service_non_anonymous_mode_enabled(options)) {
      config->is_single_onion = 1;
+    /* We will add support for IPv6-only v3 single onion services in a future
+     * Tor version. This won't catch "ReachableAddresses reject *4", but that
+     * option doesn't work anyway. */
+    if (options->ClientUseIPv4 == 0 && config->version == HS_VERSION_THREE) {
+      log_warn(LD_CONFIG, "IPv6-only v3 single onion services are not "
+               "supported. Set HiddenServiceSingleHopMode 0 and "
+               "HiddenServiceNonAnonymousMode 0, or set ClientUseIPv4 1.");
+      goto err;
+    }
    }
  
    /* Success */
author	teor <teor2345@gmail.com>
	Thu, 26 Oct 2017 05:49:00 +0000 (16:49 +1100)
committer	Nick Mathewson <nickm@torproject.org>
	Thu, 2 Nov 2017 14:19:05 +0000 (10:19 -0400)