diff options
author | David Goulet <dgoulet@torproject.org> | 2021-02-12 12:57:18 -0500 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2021-02-12 12:57:18 -0500 |
commit | c1b5e7fa1bfb7a64c148f098c86b08f4f3167213 (patch) | |
tree | 4d365c43ed8132ade4cf9f5e9709d62e735f35ea /src/app | |
parent | e6caf7d8c76660dbbaf68ee56c7ebf31a2ac9605 (diff) | |
parent | bdca475518ca3036f1df7e78fef93bfa988cb01f (diff) | |
download | tor-c1b5e7fa1bfb7a64c148f098c86b08f4f3167213.tar.gz tor-c1b5e7fa1bfb7a64c148f098c86b08f4f3167213.zip |
Merge branch 'maint-0.4.5'
Diffstat (limited to 'src/app')
-rw-r--r-- | src/app/config/resolve_addr.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/app/config/resolve_addr.c b/src/app/config/resolve_addr.c index 080cb967bc..86db6ba680 100644 --- a/src/app/config/resolve_addr.c +++ b/src/app/config/resolve_addr.c @@ -193,7 +193,19 @@ address_can_be_used(const tor_addr_t *addr, const or_options_t *options, goto allow; } - /* We have a private IP address. It is allowed only if we set custom + /* We allow internal addresses to be used if the PublishServerDescriptor is + * unset and AssumeReachable (or for IPv6) is set. + * + * This is to cover the case where a relay/bridge might be run behind a + * firewall on a local network to users can reach the network through it + * using Tor Browser for instance. */ + if (options->PublishServerDescriptor_ == NO_DIRINFO && + (options->AssumeReachable || + (tor_addr_family(addr) == AF_INET6 && options->AssumeReachableIPv6))) { + goto allow; + } + + /* We have a private IP address. This is also allowed if we set custom * directory authorities. */ if (using_default_dir_authorities(options)) { log_fn(warn_severity, LD_CONFIG, |