summaryrefslogtreecommitdiff
path: root/src/app
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2021-02-12 12:57:18 -0500
committerDavid Goulet <dgoulet@torproject.org>2021-02-12 12:57:18 -0500
commitc1b5e7fa1bfb7a64c148f098c86b08f4f3167213 (patch)
tree4d365c43ed8132ade4cf9f5e9709d62e735f35ea /src/app
parente6caf7d8c76660dbbaf68ee56c7ebf31a2ac9605 (diff)
parentbdca475518ca3036f1df7e78fef93bfa988cb01f (diff)
downloadtor-c1b5e7fa1bfb7a64c148f098c86b08f4f3167213.tar.gz
tor-c1b5e7fa1bfb7a64c148f098c86b08f4f3167213.zip
Merge branch 'maint-0.4.5'
Diffstat (limited to 'src/app')
-rw-r--r--src/app/config/resolve_addr.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/src/app/config/resolve_addr.c b/src/app/config/resolve_addr.c
index 080cb967bc..86db6ba680 100644
--- a/src/app/config/resolve_addr.c
+++ b/src/app/config/resolve_addr.c
@@ -193,7 +193,19 @@ address_can_be_used(const tor_addr_t *addr, const or_options_t *options,
goto allow;
}
- /* We have a private IP address. It is allowed only if we set custom
+ /* We allow internal addresses to be used if the PublishServerDescriptor is
+ * unset and AssumeReachable (or for IPv6) is set.
+ *
+ * This is to cover the case where a relay/bridge might be run behind a
+ * firewall on a local network to users can reach the network through it
+ * using Tor Browser for instance. */
+ if (options->PublishServerDescriptor_ == NO_DIRINFO &&
+ (options->AssumeReachable ||
+ (tor_addr_family(addr) == AF_INET6 && options->AssumeReachableIPv6))) {
+ goto allow;
+ }
+
+ /* We have a private IP address. This is also allowed if we set custom
* directory authorities. */
if (using_default_dir_authorities(options)) {
log_fn(warn_severity, LD_CONFIG,
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion