diff options
author | Nick Mathewson <nickm@torproject.org> | 2020-08-06 11:21:00 -0400 |
---|---|---|
committer | George Kadianakis <desnacked@riseup.net> | 2020-08-25 16:02:59 +0300 |
commit | 75772ea096e030ecc79f67b1444cac42aaed7449 (patch) | |
tree | 8e57eb6030219302ffbd92ce63d83e0000ebe9aa /src/core/or/channeltls.c | |
parent | afd88ee87fa27fd7f9d9f63222ac472cdd975f68 (diff) | |
download | tor-75772ea096e030ecc79f67b1444cac42aaed7449.tar.gz tor-75772ea096e030ecc79f67b1444cac42aaed7449.zip |
Validate address more carefully when checking self-reachability
Previously, we would treat *any* incoming circuit on a non-local
channel as meaning that our ORPort was reachable. With this patch,
we make sure that the address that the peer _says_ we have is the
same as the one we're trying to advertise right now.
Closes 20165. Bugfix on 4f5192b2803c706 in 0.1.0.1-rc, when
reachability self-tests were first introduced.
Diffstat (limited to 'src/core/or/channeltls.c')
-rw-r--r-- | src/core/or/channeltls.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/core/or/channeltls.c b/src/core/or/channeltls.c index ae60038c34..a9012fd317 100644 --- a/src/core/or/channeltls.c +++ b/src/core/or/channeltls.c @@ -1868,6 +1868,13 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan) } } + if (me) { + /* We have a descriptor, so we are a relay: record the address that the + * other side said we had. */ + tor_addr_copy(&TLS_CHAN_TO_BASE(chan)->addr_according_to_peer, + &my_apparent_addr); + } + n_other_addrs = netinfo_cell_get_n_my_addrs(netinfo_cell); for (uint8_t i = 0; i < n_other_addrs; i++) { /* Consider all the other addresses; if any matches, this connection is |