addr: Look at /48 for IPv6 in is_local_addr()

Closes #33618 Signed-off-by: David Goulet <dgoulet@torproject.org>
author: David Goulet <dgoulet@torproject.org> 2020-06-25 13:45:05 -0400
committer: David Goulet <dgoulet@torproject.org> 2020-06-25 13:45:05 -0400
commit: 40922629fe92a947ef3d84e71826a5030884cf08 (patch)
tree: cdbc702253483101771d49c52a484271b6774c2d /src/app
parent: 069566b40a94f8876e813fed39176bc403bfffd1 (diff)
download: tor-40922629fe92a947ef3d84e71826a5030884cf08.tar.gz
tor-40922629fe92a947ef3d84e71826a5030884cf08.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/src/app/config/resolve_addr.c b/src/app/config/resolve_addr.c
index 15a94cb82e..c8b44de845 100644
--- a/src/app/config/resolve_addr.c
+++ b/src/app/config/resolve_addr.c
@@ -603,8 +603,10 @@ is_local_to_resolve_addr, (const tor_addr_t *addr))
     return tor_addr_compare_masked(addr, last_resolved_addr, 24,
                                    CMP_SEMANTIC) == 0;
   case AF_INET6:
-    /* Look at the /32 like addrs_in_same_network_family() does. */
-    return tor_addr_compare_masked(addr, last_resolved_addr, 32,
+    /* Look at /48 because it is typically the smallest network in the global
+     * IPv6 routing tables, and it was previously the recommended per-customer
+     * network block. (See [RFC 6177: IPv6 End Site Address Assignment].) */
+    return tor_addr_compare_masked(addr, last_resolved_addr, 48,
                                    CMP_SEMANTIC) == 0;
     break;
   default:
author	David Goulet <dgoulet@torproject.org>	2020-06-25 13:45:05 -0400
committer	David Goulet <dgoulet@torproject.org>	2020-06-25 13:45:05 -0400
commit	40922629fe92a947ef3d84e71826a5030884cf08 (patch)
tree	cdbc702253483101771d49c52a484271b6774c2d /src/app
parent	069566b40a94f8876e813fed39176bc403bfffd1 (diff)
download	tor-40922629fe92a947ef3d84e71826a5030884cf08.tar.gz tor-40922629fe92a947ef3d84e71826a5030884cf08.zip