Always allow OR connections to bridges on private addresses

Regardless of the setting of ExtendAllowPrivateAddresses.

This fixes a bug with pluggable transports that ignore the
(potentially private) address in their bridge line.

Fixes bug 18517; bugfix on 23b088907f in tor-0.2.8.1-alpha.

1 files changed, 9 insertions, 2 deletions

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 237b61ab18..a5a933e6b0 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -495,14 +495,21 @@ circuit_handle_first_hop(origin_circuit_t *circ)
   int err_reason = 0;
   const char *msg = NULL;
   int should_launch = 0;
+  const or_options_t *options = get_options();
 
   firsthop = onion_next_hop_in_cpath(circ->cpath);
   tor_assert(firsthop);
   tor_assert(firsthop->extend_info);
 
-  /* XX/teor - does tor ever need build a circuit directly to itself? */
+  /* Some bridges are on private addresses. Others pass a dummy private
+   * address to the pluggable transport, which ignores it.
+   * Deny the connection if:
+   * - the address is internal, and
+   * - we're not connecting to a configured bridge, and
+   * - we're not configured to allow extends to private addresses. */
   if (tor_addr_is_internal(&firsthop->extend_info->addr, 0) &&
-      !get_options()->ExtendAllowPrivateAddresses) {
+      !extend_info_is_a_configured_bridge(firsthop->extend_info) &&
+      !options->ExtendAllowPrivateAddresses) {
     log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
            "Client asked me to connect directly to a private address");
     return -END_CIRC_REASON_TORPROTOCOL;