commit 7f9eaec538b7d01e0d1b130dc4cf2ec634252d46
parent b2849f449b2efa4d6826166a92f35c7627d65f91
Author: Nick Mathewson <nickm@torproject.org>
Date: Fri, 24 Apr 2020 08:14:59 -0400
Merge remote-tracking branch 'tor-github/pr/1862/head'
Diffstat:
3 files changed, 27 insertions(+), 12 deletions(-)
diff --git a/changes/bug33899 b/changes/bug33899
@@ -0,0 +1,9 @@
+ o Minor bugfixes (IPv6, relay):
+ - Consider IPv6 addresses when checking if a connection is canonical.
+ In 17604, relays assumed that a remote relay could consider an IPv6
+ connection canonical, but did not set the canonical flag on their side
+ of the connection. Fixes bug 33899; bugfix on 0.3.1.1-alpha.
+ - Log IPv6 addresses on connections where this relay is the responder.
+ Previously, responding relays would replace the remote IPv6 address with
+ the IPv4 address from the consensus.
+ Fixes bug 33899; bugfix on 0.3.1.1-alpha.
diff --git a/src/core/or/connection_or.c b/src/core/or/connection_or.c
@@ -902,12 +902,21 @@ connection_or_check_canonicity(or_connection_t *conn, int started_here)
}
if (r) {
- tor_addr_port_t node_ap;
- node_get_pref_orport(r, &node_ap);
- /* XXXX proposal 186 is making this more complex. For now, a conn
- is canonical when it uses the _preferred_ address. */
- if (tor_addr_eq(&conn->base_.addr, &node_ap.addr))
+ tor_addr_port_t node_ipv4_ap;
+ tor_addr_port_t node_ipv6_ap;
+ node_get_prim_orport(r, &node_ipv4_ap);
+ node_get_pref_ipv6_orport(r, &node_ipv6_ap);
+ if (tor_addr_eq(&conn->base_.addr, &node_ipv4_ap.addr) ||
+ tor_addr_eq(&conn->base_.addr, &node_ipv6_ap.addr)) {
connection_or_set_canonical(conn, 1);
+ }
+ /* Choose the correct canonical address and port. */
+ tor_addr_port_t *node_ap;
+ if (tor_addr_family(&conn->base_.addr) == AF_INET) {
+ node_ap = &node_ipv4_ap;
+ } else {
+ node_ap = &node_ipv6_ap;
+ }
if (!started_here) {
/* Override the addr/port, so our log messages will make sense.
* This is dangerous, since if we ever try looking up a conn by
@@ -919,13 +928,14 @@ connection_or_check_canonicity(or_connection_t *conn, int started_here)
* right IP address and port 56244, that wouldn't be as helpful. now we
* log the "right" port too, so we know if it's moria1 or moria2.
*/
- tor_addr_copy(&conn->base_.addr, &node_ap.addr);
- conn->base_.port = node_ap.port;
+ /* See #33898 for a ticket that resolves this technical debt. */
+ tor_addr_copy(&conn->base_.addr, &node_ap->addr);
+ conn->base_.port = node_ap->port;
}
tor_free(conn->nickname);
conn->nickname = tor_strdup(node_get_nickname(r));
tor_free(conn->base_.address);
- conn->base_.address = tor_addr_to_str_dup(&node_ap.addr);
+ conn->base_.address = tor_addr_to_str_dup(&node_ap->addr);
} else {
tor_free(conn->nickname);
conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
diff --git a/src/core/or/connection_or.h b/src/core/or/connection_or.h
@@ -22,10 +22,6 @@ or_connection_t *TO_OR_CONN(connection_t *);
void connection_or_clear_identity(or_connection_t *conn);
void connection_or_clear_identity_map(void);
void clear_broken_connection_map(int disable);
-or_connection_t *connection_or_get_for_extend(const char *digest,
- const tor_addr_t *target_addr,
- const char **msg_out,
- int *launch_out);
void connection_or_block_renegotiation(or_connection_t *conn);
int connection_or_reached_eof(or_connection_t *conn);
