diff options
author | Nick Mathewson <nickm@torproject.org> | 2020-06-24 15:12:57 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2020-06-24 15:25:34 -0400 |
commit | edb023b1e74dd3b900af399126bd985fc4064857 (patch) | |
tree | a40593ce97d20070ac79fe5dd557832b03e6b607 | |
parent | 6edf7f6710600962f95e7f5458787dbc5e5c7411 (diff) | |
download | tor-edb023b1e74dd3b900af399126bd985fc4064857.tar.gz tor-edb023b1e74dd3b900af399126bd985fc4064857.zip |
Add an AssumeReachableIPv6 autobool option.
This option tells Tor that our IPv6 orport is reachable, and doesn't
need to be checked.
Closes the rest of 33224.
-rw-r--r-- | changes/ticket33224 | 3 | ||||
-rw-r--r-- | doc/tor.1.txt | 7 | ||||
-rw-r--r-- | src/app/config/config.c | 5 | ||||
-rw-r--r-- | src/app/config/or_options_st.h | 9 | ||||
-rw-r--r-- | src/feature/relay/router.c | 4 | ||||
-rw-r--r-- | src/feature/relay/selftest.c | 12 |
6 files changed, 32 insertions, 8 deletions
diff --git a/changes/ticket33224 b/changes/ticket33224 new file mode 100644 index 0000000000..3fdab7dc53 --- /dev/null +++ b/changes/ticket33224 @@ -0,0 +1,3 @@ + o Minor features (relay, IPv6): + - Add an AssumeReachableIPv6 option to disable self-checking IPv6 + reachability. Closes part of ticket 33224. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 15d5775e2c..7ff31fa007 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2146,7 +2146,12 @@ is non-zero): don't do self-reachability testing; just upload your server descriptor immediately. If **AuthoritativeDirectory** is also set, this option instructs the dirserver to bypass remote reachability testing too and list - all connected servers as running. + all connected servers as running. (Default: 0) + +[[AssumeReachableIPv6]] **AssumeReachableIPv6** **0**|**1**|**auto**:: + Like **AssumeReachable**, but affects only the relay's own IPv6 ORPort. + If this value is set to "auto", then Tor will look at **AssumeReachable** + instead. (Default: auto) [[BridgeRelay]] **BridgeRelay** **0**|**1**:: Sets the relay to act as a "bridge" with respect to relaying connections diff --git a/src/app/config/config.c b/src/app/config/config.c index 286cd9304a..7878fa9de0 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -323,6 +323,7 @@ static const config_var_t option_vars_[] = { V(AlternateDirAuthority, LINELIST, NULL), OBSOLETE("AlternateHSAuthority"), V(AssumeReachable, BOOL, "0"), + V(AssumeReachableIPv6, AUTOBOOL, "auto"), OBSOLETE("AuthDirBadDir"), OBSOLETE("AuthDirBadDirCCs"), V(AuthDirBadExit, LINELIST, NULL), @@ -3229,6 +3230,10 @@ options_validate_cb(const void *old_options_, void *options_, char **msg) REJECT("TokenBucketRefillInterval must be between 1 and 1000 inclusive."); } + if (options->AssumeReachable && options->AssumeReachableIPv6 == 0) { + REJECT("Cannot set AssumeReachable 1 and AssumeReachableIPv6 0."); + } + if (options->ExcludeExitNodes || options->ExcludeNodes) { options->ExcludeExitNodesUnion_ = routerset_new(); routerset_union(options->ExcludeExitNodesUnion_,options->ExcludeExitNodes); diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h index 2f375f5d9b..07126cc6ce 100644 --- a/src/app/config/or_options_st.h +++ b/src/app/config/or_options_st.h @@ -195,7 +195,14 @@ struct or_options_t { unsigned int HTTPTunnelPort_set : 1; /**@}*/ - int AssumeReachable; /**< Whether to publish our descriptor regardless. */ + /** Whether to publish our descriptor regardless of all our self-tests + */ + int AssumeReachable; + /** Whether to publish our descriptor regardless of IPv6 self-tests. + * + * This is an autobool; when set to AUTO, it uses AssumeReachable. + **/ + int AssumeReachableIPv6; int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */ int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory * for version 3 directories? */ diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index 97b630add7..d32d03fc1c 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -1374,13 +1374,13 @@ decide_if_publishable_server(void) return 1; if (!router_get_advertised_or_port(options)) return 0; - if (!router_orport_seems_reachable(AF_INET)) { + if (!router_orport_seems_reachable(options, AF_INET)) { // We have an ipv4 orport, and it doesn't seem reachable. if (!publish_even_when_ipv4_orport_unreachable) { return 0; } } - if (!router_orport_seems_reachable(AF_INET6)) { + if (!router_orport_seems_reachable(options, AF_INET6)) { // We have an ipv6 orport, and it doesn't seem reachable. if (!publish_even_when_ipv6_orport_unreachable) { return 0; diff --git a/src/feature/relay/selftest.c b/src/feature/relay/selftest.c index 64b8578bac..ae24a04401 100644 --- a/src/feature/relay/selftest.c +++ b/src/feature/relay/selftest.c @@ -86,9 +86,8 @@ router_reachability_checks_disabled(const or_options_t *options) * orport checks. */ int -router_orport_seems_reachable( - const or_options_t *options, - int family) +router_orport_seems_reachable(const or_options_t *options, + int family) { tor_assert_nonfatal(family == AF_INET || family == AF_INET6 || family == 0); int reach_checks_disabled = router_reachability_checks_disabled(options); @@ -96,6 +95,11 @@ router_orport_seems_reachable( return true; } + // Note that we do a == 1 here, not just a boolean check. This value + // is also an autobool, so CFG_AUTO does not mean that we should + // assume IPv6 ports are reachable. + const bool ipv6_assume_reachable = (options->AssumeReachableIPv6 == 1); + // Which reachability flags should we look at? const bool checking_ipv4 = (family == AF_INET || family == 0); const bool checking_ipv6 = (family == AF_INET6 || family == 0); @@ -105,7 +109,7 @@ router_orport_seems_reachable( return false; } } - if (checking_ipv6) { + if (checking_ipv6 && !ipv6_assume_reachable) { if (have_orport_for_family(AF_INET6) && !can_reach_or_port_ipv6) { return false; } |