diff options
| author | teor <teor@torproject.org> | 2019-08-09 13:53:52 +1000 |
|---|---|---|
| committer | teor <teor@torproject.org> | 2019-08-09 13:53:52 +1000 |
| commit | 1a9555e28352c0807527126a2e5b3fd6b95fe8a0 (patch) | |
| tree | 419daf8fd1e9fe3c8c97e8ce8533cd969b8ac627 /src/lib | |
| parent | 6205810f8ed93c15f3f7be7fbb98d1cad15ae29c (diff) | |
| parent | 08ddf1f62bf62aa3dc044e0570fb368477223688 (diff) | |
| download | tor-1a9555e28352c0807527126a2e5b3fd6b95fe8a0.tar.gz tor-1a9555e28352c0807527126a2e5b3fd6b95fe8a0.zip | |
Merge remote-tracking branch 'tor-github/pr/763' into maint-0.3.5
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/net/address.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/src/lib/net/address.c b/src/lib/net/address.c index 28c8e3f50f..a2d234b742 100644 --- a/src/lib/net/address.c +++ b/src/lib/net/address.c @@ -236,9 +236,18 @@ tor_addr_make_null(tor_addr_t *a, sa_family_t family) a->family = family; } -/** Return true iff <b>ip</b> is an IP reserved to localhost or local networks - * in RFC1918 or RFC4193 or RFC4291. (fec0::/10, deprecated by RFC3879, is - * also treated as internal for now.) +/** Return true iff <b>ip</b> is an IP reserved to localhost or local networks. + * + * If <b>ip</b> is in RFC1918 or RFC4193 or RFC4291, we will return true. + * (fec0::/10, deprecated by RFC3879, is also treated as internal for now + * and will return true.) + * + * If <b>ip</b> is 0.0.0.0 or 100.64.0.0/10 (RFC6598), we will act as: + * - Internal if <b>for_listening</b> is 0, as these addresses are not + * routable on the internet and we won't be publicly accessible to clients. + * - External if <b>for_listening</b> is 1, as clients could connect to us + * from the internet (in the case of 0.0.0.0) or a service provider's + * internal network (in the case of RFC6598). */ int tor_addr_is_internal_(const tor_addr_t *addr, int for_listening, @@ -286,11 +295,13 @@ tor_addr_is_internal_(const tor_addr_t *addr, int for_listening, return 0; } else if (v_family == AF_INET) { - if (for_listening && !iph4) /* special case for binding to 0.0.0.0 */ + /* special case for binding to 0.0.0.0 or 100.64/10 (RFC6598) */ + if (for_listening && (!iph4 || ((iph4 & 0xffc00000) == 0x64400000))) return 0; if (((iph4 & 0xff000000) == 0x0a000000) || /* 10/8 */ ((iph4 & 0xff000000) == 0x00000000) || /* 0/8 */ ((iph4 & 0xff000000) == 0x7f000000) || /* 127/8 */ + ((iph4 & 0xffc00000) == 0x64400000) || /* 100.64/10 */ ((iph4 & 0xffff0000) == 0xa9fe0000) || /* 169.254/16 */ ((iph4 & 0xfff00000) == 0xac100000) || /* 172.16/12 */ ((iph4 & 0xffff0000) == 0xc0a80000)) /* 192.168/16 */ |