From: teor (Tim Wilson-Brown) Date: Mon, 7 Dec 2015 03:44:23 +0000 (+1100) Subject: Consistently ignore multicast in internal reject private exit policies X-Git-Tag: tor-0.2.8.1-alpha~190^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=021958934f02919eabca884f935cb27a013b4ab9;p=thirdparty%2Ftor.git Consistently ignore multicast in internal reject private exit policies Consistently ignore multicast addresses when automatically generating reject private exit policies. Closes ticket 17763. Bug fix on 10a6390deb3c9, not in any released version of Tor. Patch by "teor". --- diff --git a/changes/bug17763 b/changes/bug17763 new file mode 100644 index 0000000000..d565d13a7d --- /dev/null +++ b/changes/bug17763 @@ -0,0 +1,5 @@ + o Minor bug fixes (exit policies): + - Consistently ignore multicast addresses when automatically + generating reject private exit policies. + Closes ticket 17763. Bug fix on 10a6390deb3c9, + not in any released version of Tor. Patch by "teor". diff --git a/src/common/address.c b/src/common/address.c index aef229b02c..627764153b 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -1528,7 +1528,7 @@ get_interface_addresses_raw,(int severity)) } /** Return true iff a is a multicast address. */ -STATIC int +int tor_addr_is_multicast(const tor_addr_t *a) { sa_family_t family = tor_addr_family(a); diff --git a/src/common/address.h b/src/common/address.h index d2841e1c9d..34959fca11 100644 --- a/src/common/address.h +++ b/src/common/address.h @@ -221,6 +221,7 @@ int tor_addr_is_internal_(const tor_addr_t *ip, int for_listening, const char *filename, int lineno); #define tor_addr_is_internal(addr, for_listening) \ tor_addr_is_internal_((addr), (for_listening), SHORT_FILE__, __LINE__) +int tor_addr_is_multicast(const tor_addr_t *a); /** Longest length that can be required for a reverse lookup name. */ /* 32 nybbles, 32 dots, 8 characters of "ip6.arpa", 1 NUL: 73 characters. */ @@ -311,7 +312,6 @@ tor_addr_port_t *tor_addr_port_new(const tor_addr_t *addr, uint16_t port); #ifdef ADDRESS_PRIVATE MOCK_DECL(smartlist_t *,get_interface_addresses_raw,(int severity)); -STATIC int tor_addr_is_multicast(const tor_addr_t *a); MOCK_DECL(int,get_interface_address6_via_udp_socket_hack,(int severity, sa_family_t family, tor_addr_t *addr)); diff --git a/src/or/policies.c b/src/or/policies.c index 126ba465df..943b0c4492 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -907,7 +907,8 @@ addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr) static int tor_addr_is_public_for_reject(const tor_addr_t *addr) { - return !tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0); + return (!tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0) + && !tor_addr_is_multicast(addr)); } /* Add "reject addr:*" to dest, creating the list as needed.