From: David Goulet <dgoulet@torproject.org>
Date: Fri, 15 Jan 2021 17:54:07 +0000 (-0500)
Subject: Revert "IPv6 sybil: consider addresses in the same /64 to be equal."
X-Git-Tag: tor-0.4.5.4-rc~11^2^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=691c7171878371f98c4b0a32992f7d9ed9b1ac74;p=thirdparty%2Ftor.git

Revert "IPv6 sybil: consider addresses in the same /64 to be equal."

This reverts commit d07f17f67685d75fec8a851b3ae3d157c1e31aa3.

We don't want to consider an entire routable IPv6 network as sybil if more
than 2 relays happen to be on it. For path selection it is very important but
not for selecting relays in the consensus.

Fixes #40243
---

diff --git a/changes/ticket40243 b/changes/ticket40243
new file mode 100644
index 0000000000..548ec95ab4
--- /dev/null
+++ b/changes/ticket40243
@@ -0,0 +1,4 @@
+  o Major bugfixes (authority, IPv6):
+    - Do not consider multiple relays in the same IPv6 network to be sybils.
+      Sybils are selected based on the /128 now, not the /64. Fixes bug 40243;
+      bugfix on 0.4.5.1-alpha.
diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c
index a1f9bb28ae..6824af815f 100644
--- a/src/feature/dirauth/dirvote.c
+++ b/src/feature/dirauth/dirvote.c
@@ -4219,8 +4219,7 @@ compare_routerinfo_addrs_by_family(const routerinfo_t *a,
 {
   const tor_addr_t *addr1 = (family==AF_INET) ? &a->ipv4_addr : &a->ipv6_addr;
   const tor_addr_t *addr2 = (family==AF_INET) ? &b->ipv4_addr : &b->ipv6_addr;
-  const int maskbits = (family==AF_INET) ? 32 : 64;
-  return tor_addr_compare_masked(addr1, addr2, maskbits, CMP_EXACT);
+  return tor_addr_compare(addr1, addr2, CMP_EXACT);
 }
 
 /** Helper for sorting: compares two ipv4 routerinfos first by ipv4 address,