From: teor (Tim Wilson-Brown) <teor2345@gmail.com>
Date: Sat, 20 Feb 2016 08:32:33 +0000 (+1100)
Subject: Refactor fascist_firewall_allows_address without changing behaviour
X-Git-Tag: tor-0.2.8.2-alpha~103^2~6
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a4eddfff666226014545efd6f5bf390173c0fdfa;p=thirdparty%2Ftor.git

Refactor fascist_firewall_allows_address without changing behaviour
---

diff --git a/src/or/policies.c b/src/or/policies.c
index 2c24555e9e..e8f4a826d4 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -399,20 +399,26 @@ fascist_firewall_allows_address(const tor_addr_t *addr,
                                 int pref_only, int pref_ipv6)
 {
   const or_options_t *options = get_options();
+  const int client_mode = !server_mode(options);
 
   if (!addr || tor_addr_is_null(addr) || !port) {
     return 0;
   }
 
-  if (!server_mode(options)) {
-    if (tor_addr_family(addr) == AF_INET &&
-        (!options->ClientUseIPv4 || (pref_only && pref_ipv6)))
-      return 0;
+  /* Clients stop using IPv4 if it's disabled. In most cases, clients also
+   * stop using IPv4 if it's not preferred.
+   * Servers must have IPv4 enabled and preferred. */
+  if (tor_addr_family(addr) == AF_INET && client_mode &&
+      (!options->ClientUseIPv4 || (pref_only && pref_ipv6))) {
+    return 0;
   }
 
+  /* Clients and Servers won't use IPv6 unless it's enabled (and in most
+   * cases, IPv6 must also be preferred before it will be used). */
   if (tor_addr_family(addr) == AF_INET6 &&
-      (!fascist_firewall_use_ipv6(options) || (pref_only && !pref_ipv6)))
+      (!fascist_firewall_use_ipv6(options) || (pref_only && !pref_ipv6))) {
     return 0;
+  }
 
   return addr_policy_permits_tor_addr(addr, port,
                                       firewall_policy);