diff options
author | David Goulet <dgoulet@torproject.org> | 2021-02-08 11:51:45 -0500 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2021-02-08 11:51:45 -0500 |
commit | 685c4866acf8489c58aca41ec01aa5a53e39220a (patch) | |
tree | b4130c5715633ed72c8713a50f1d0b18c8c91837 /src/feature/relay | |
parent | f420eacf1858220f1cb284353f975e03464b15e4 (diff) | |
download | tor-685c4866acf8489c58aca41ec01aa5a53e39220a.tar.gz tor-685c4866acf8489c58aca41ec01aa5a53e39220a.zip |
relay: Look at the omit IPv6 flag when publishing
In two instances we must look at this flag:
1. When we build the descriptor so the IPv6 is NOT added to the descriptor in
case we judge that we need to omit the address but still publish.
2. When we are deciding if the descriptor is publishable. This flags tells us
that the IPv6 was not found reachable but we should still publish.
Fixes #40279
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/feature/relay')
-rw-r--r-- | src/feature/relay/router.c | 33 |
1 files changed, 19 insertions, 14 deletions
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index 4bc71eb486..0be3eec1dd 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -138,6 +138,18 @@ static authority_cert_t *legacy_key_certificate = NULL; * used by tor-gencert to sign new signing keys and make new key * certificates. */ +/** Indicate if the IPv6 address should be omitted from the descriptor when + * publishing it. This can happen if the IPv4 is reachable but the + * auto-discovered IPv6 is not. We still publish the descriptor. + * + * Only relays should look at this and only for their descriptor. + * + * XXX: The real harder fix is to never put in the routerinfo_t a non + * reachable address and instead use the last resolved address cache to do + * reachability test or anything that has to do with what address tor thinks + * it has. */ +static bool omit_ipv6_on_publish = false; + /** Return a readonly string with human readable description * of <b>err</b>. */ @@ -1396,7 +1408,11 @@ decide_if_publishable_server(void) return 0; } } - if (!router_orport_seems_reachable(options, AF_INET6)) { + /* We could be flagged to omit the IPv6 and if so, don't check for + * reachability on the IPv6. This can happen if the address was + * auto-discovered but turns out to be non reachable. */ + if (!omit_ipv6_on_publish && + !router_orport_seems_reachable(options, AF_INET6)) { // We have an ipv6 orport, and it doesn't seem reachable. if (!publish_even_when_ipv6_orport_unreachable) { return 0; @@ -2085,7 +2101,8 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t **ri_out)) ri->ipv4_dirport = routerconf_find_dir_port(options, 0); /* Optionally check for an IPv6. We still publish without one. */ - if (relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG, + if (!omit_ipv6_on_publish && + relay_find_addr_to_publish(options, AF_INET6, RELAY_FIND_ADDR_NO_FLAG, &ri->ipv6_addr)) { ri->ipv6_orport = routerconf_find_or_port(options, AF_INET6); router_check_descriptor_address_consistency(&ri->ipv6_addr); @@ -2459,18 +2476,6 @@ router_new_consensus_params(const networkstatus_t *ns) publish_even_when_ipv6_orport_unreachable = ar || ar6; } -/** Indicate if the IPv6 address should be omitted from the descriptor when - * publishing it. This can happen if the IPv4 is reachable but the - * auto-discovered IPv6 is not. We still publish the descriptor. - * - * Only relays should look at this and only for their descriptor. - * - * XXX: The real harder fix is to never put in the routerinfo_t a non - * reachable address and instead use the last resolved address cache to do - * reachability test or anything that has to do with what address tor thinks - * it has. */ -static bool omit_ipv6_on_publish = false; - /** Mark our descriptor out of data iff the IPv6 omit status flag is flipped * it changes from its previous value. * |