aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2021-02-10 11:46:32 -0500
committerDavid Goulet <dgoulet@torproject.org>2021-02-10 13:24:21 -0500
commitae5800cd9faccd8c1319601cac7f6c76c4beb288 (patch)
tree08fdcec354e997917f106b89a7b902284fcf70ef
parent758000aa98432414847393420324fef983c66f1e (diff)
downloadtor-ae5800cd9faccd8c1319601cac7f6c76c4beb288.tar.gz
tor-ae5800cd9faccd8c1319601cac7f6c76c4beb288.zip
relay: Allow RFC1918 addresses for non public relays
In other words, if PublishServerDescriptor is set to 0 and AssumeReachable to 1, then allow a relay to hold a RFC1918 address. Reasons for this are documented in #40208 Fixes #40208 Signed-off-by: David Goulet <dgoulet@torproject.org>
-rw-r--r--changes/ticket402086
-rw-r--r--src/app/config/resolve_addr.c14
-rw-r--r--src/test/test_config.c17
3 files changed, 36 insertions, 1 deletions
diff --git a/changes/ticket40208 b/changes/ticket40208
new file mode 100644
index 0000000000..5a3a1aa55e
--- /dev/null
+++ b/changes/ticket40208
@@ -0,0 +1,6 @@
+ o Minor bugfixes (relay):
+ - Allow relays to have a RFC1918 address if PublishServerDescriptor is set
+ to 0 and AssumeReachable is set to 1. This is to support the use case of a
+ bridge on a local network that can be used by restricted users on that
+ network to reach the Tor network. Fixes bug 40208; bugfix on
+ 0.4.5.1-alpha.
diff --git a/src/app/config/resolve_addr.c b/src/app/config/resolve_addr.c
index 080cb967bc..86db6ba680 100644
--- a/src/app/config/resolve_addr.c
+++ b/src/app/config/resolve_addr.c
@@ -193,7 +193,19 @@ address_can_be_used(const tor_addr_t *addr, const or_options_t *options,
goto allow;
}
- /* We have a private IP address. It is allowed only if we set custom
+ /* We allow internal addresses to be used if the PublishServerDescriptor is
+ * unset and AssumeReachable (or for IPv6) is set.
+ *
+ * This is to cover the case where a relay/bridge might be run behind a
+ * firewall on a local network to users can reach the network through it
+ * using Tor Browser for instance. */
+ if (options->PublishServerDescriptor_ == NO_DIRINFO &&
+ (options->AssumeReachable ||
+ (tor_addr_family(addr) == AF_INET6 && options->AssumeReachableIPv6))) {
+ goto allow;
+ }
+
+ /* We have a private IP address. This is also allowed if we set custom
* directory authorities. */
if (using_default_dir_authorities(options)) {
log_fn(warn_severity, LD_CONFIG,
diff --git a/src/test/test_config.c b/src/test/test_config.c
index 4eb4ac9cf5..eacf12a25f 100644
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@ -1460,6 +1460,7 @@ test_config_find_my_address(void *arg)
options = options_new();
options_init(options);
+ options->PublishServerDescriptor_ = V3_DIRINFO;
/*
* Case 0:
@@ -1782,6 +1783,22 @@ test_config_find_my_address(void *arg)
VALIDATE_FOUND_ADDRESS(true, RESOLVED_ADDR_INTERFACE, NULL);
CLEANUP_FOUND_ADDRESS;
+ /*
+ * Case 15: Address is a local address (internal) but we unset
+ * PublishServerDescriptor_ so we are allowed to hold it.
+ */
+ options->PublishServerDescriptor_ = NO_DIRINFO;
+ if (p->family == AF_INET) {
+ options->AssumeReachable = 1;
+ }
+ config_line_append(&options->Address, "Address", p->internal_ip);
+
+ tor_addr_parse(&test_addr, p->internal_ip);
+ retval = find_my_address(options, p->family, LOG_NOTICE, &resolved_addr,
+ &method_used, &hostname_out);
+ VALIDATE_FOUND_ADDRESS(true, RESOLVED_ADDR_CONFIGURED, NULL);
+ CLEANUP_FOUND_ADDRESS;
+
UNMOCK(get_interface_address6);
UNMOCK(tor_gethostname);
UNMOCK(tor_addr_lookup);