summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2020-06-24 15:12:57 -0400
committerNick Mathewson <nickm@torproject.org>2020-06-24 15:25:34 -0400
commitedb023b1e74dd3b900af399126bd985fc4064857 (patch)
treea40593ce97d20070ac79fe5dd557832b03e6b607
parent6edf7f6710600962f95e7f5458787dbc5e5c7411 (diff)
downloadtor-edb023b1e74dd3b900af399126bd985fc4064857.tar.gz
tor-edb023b1e74dd3b900af399126bd985fc4064857.zip
Add an AssumeReachableIPv6 autobool option.
This option tells Tor that our IPv6 orport is reachable, and doesn't need to be checked. Closes the rest of 33224.
-rw-r--r--changes/ticket332243
-rw-r--r--doc/tor.1.txt7
-rw-r--r--src/app/config/config.c5
-rw-r--r--src/app/config/or_options_st.h9
-rw-r--r--src/feature/relay/router.c4
-rw-r--r--src/feature/relay/selftest.c12
6 files changed, 32 insertions, 8 deletions
diff --git a/changes/ticket33224 b/changes/ticket33224
new file mode 100644
index 0000000000..3fdab7dc53
--- /dev/null
+++ b/changes/ticket33224
@@ -0,0 +1,3 @@
+ o Minor features (relay, IPv6):
+ - Add an AssumeReachableIPv6 option to disable self-checking IPv6
+ reachability. Closes part of ticket 33224.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 15d5775e2c..7ff31fa007 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2146,7 +2146,12 @@ is non-zero):
don't do self-reachability testing; just upload your server descriptor
immediately. If **AuthoritativeDirectory** is also set, this option
instructs the dirserver to bypass remote reachability testing too and list
- all connected servers as running.
+ all connected servers as running. (Default: 0)
+
+[[AssumeReachableIPv6]] **AssumeReachableIPv6** **0**|**1**|**auto**::
+ Like **AssumeReachable**, but affects only the relay's own IPv6 ORPort.
+ If this value is set to "auto", then Tor will look at **AssumeReachable**
+ instead. (Default: auto)
[[BridgeRelay]] **BridgeRelay** **0**|**1**::
Sets the relay to act as a "bridge" with respect to relaying connections
diff --git a/src/app/config/config.c b/src/app/config/config.c
index 286cd9304a..7878fa9de0 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -323,6 +323,7 @@ static const config_var_t option_vars_[] = {
V(AlternateDirAuthority, LINELIST, NULL),
OBSOLETE("AlternateHSAuthority"),
V(AssumeReachable, BOOL, "0"),
+ V(AssumeReachableIPv6, AUTOBOOL, "auto"),
OBSOLETE("AuthDirBadDir"),
OBSOLETE("AuthDirBadDirCCs"),
V(AuthDirBadExit, LINELIST, NULL),
@@ -3229,6 +3230,10 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
REJECT("TokenBucketRefillInterval must be between 1 and 1000 inclusive.");
}
+ if (options->AssumeReachable && options->AssumeReachableIPv6 == 0) {
+ REJECT("Cannot set AssumeReachable 1 and AssumeReachableIPv6 0.");
+ }
+
if (options->ExcludeExitNodes || options->ExcludeNodes) {
options->ExcludeExitNodesUnion_ = routerset_new();
routerset_union(options->ExcludeExitNodesUnion_,options->ExcludeExitNodes);
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 2f375f5d9b..07126cc6ce 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -195,7 +195,14 @@ struct or_options_t {
unsigned int HTTPTunnelPort_set : 1;
/**@}*/
- int AssumeReachable; /**< Whether to publish our descriptor regardless. */
+ /** Whether to publish our descriptor regardless of all our self-tests
+ */
+ int AssumeReachable;
+ /** Whether to publish our descriptor regardless of IPv6 self-tests.
+ *
+ * This is an autobool; when set to AUTO, it uses AssumeReachable.
+ **/
+ int AssumeReachableIPv6;
int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory
* for version 3 directories? */
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index 97b630add7..d32d03fc1c 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -1374,13 +1374,13 @@ decide_if_publishable_server(void)
return 1;
if (!router_get_advertised_or_port(options))
return 0;
- if (!router_orport_seems_reachable(AF_INET)) {
+ if (!router_orport_seems_reachable(options, AF_INET)) {
// We have an ipv4 orport, and it doesn't seem reachable.
if (!publish_even_when_ipv4_orport_unreachable) {
return 0;
}
}
- if (!router_orport_seems_reachable(AF_INET6)) {
+ if (!router_orport_seems_reachable(options, AF_INET6)) {
// We have an ipv6 orport, and it doesn't seem reachable.
if (!publish_even_when_ipv6_orport_unreachable) {
return 0;
diff --git a/src/feature/relay/selftest.c b/src/feature/relay/selftest.c
index 64b8578bac..ae24a04401 100644
--- a/src/feature/relay/selftest.c
+++ b/src/feature/relay/selftest.c
@@ -86,9 +86,8 @@ router_reachability_checks_disabled(const or_options_t *options)
* orport checks.
*/
int
-router_orport_seems_reachable(
- const or_options_t *options,
- int family)
+router_orport_seems_reachable(const or_options_t *options,
+ int family)
{
tor_assert_nonfatal(family == AF_INET || family == AF_INET6 || family == 0);
int reach_checks_disabled = router_reachability_checks_disabled(options);
@@ -96,6 +95,11 @@ router_orport_seems_reachable(
return true;
}
+ // Note that we do a == 1 here, not just a boolean check. This value
+ // is also an autobool, so CFG_AUTO does not mean that we should
+ // assume IPv6 ports are reachable.
+ const bool ipv6_assume_reachable = (options->AssumeReachableIPv6 == 1);
+
// Which reachability flags should we look at?
const bool checking_ipv4 = (family == AF_INET || family == 0);
const bool checking_ipv6 = (family == AF_INET6 || family == 0);
@@ -105,7 +109,7 @@ router_orport_seems_reachable(
return false;
}
}
- if (checking_ipv6) {
+ if (checking_ipv6 && !ipv6_assume_reachable) {
if (have_orport_for_family(AF_INET6) && !can_reach_or_port_ipv6) {
return false;
}