diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-01-31 16:09:49 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-01-31 16:09:49 -0500 |
| commit | dd68d596cdf68999c0cb4c0caf594d8580eaba40 (patch) | |
| tree | 4b90dfb5841d0c5ccce86705c546107e4187fade /src/or/connection.c | |
| parent | d487d6f6d897c82f3bf741b73abca8a7a2b49d43 (diff) | |
| download | tor-dd68d596cdf68999c0cb4c0caf594d8580eaba40.tar.gz tor-dd68d596cdf68999c0cb4c0caf594d8580eaba40.zip | |
Set IPV6_V6ONLY on listener sockets bound to IPv6 addresses.
If we don't do this, [::] can be interpreted to mean all v4 and all
v6 addresses. Found by dcf. Fixes bug 4760. See RFC 3493 section
5.3 for more info.
Diffstat (limited to 'src/or/connection.c')
| -rw-r--r-- | src/or/connection.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/or/connection.c b/src/or/connection.c index bf65e8e81b..06a7562656 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -902,6 +902,25 @@ connection_listener_new(const struct sockaddr *listensockaddr, make_socket_reuseable(s); +#ifdef IPV6_V6ONLY + if (listensockaddr->sa_family == AF_INET6) { +#ifdef _WIN32 + /* In Redmond, this kind of thing passes for standards-conformance. */ + DWORD one = 1; +#else + int one = 1; +#endif + /* We need to set IPV6_V6ONLY so that this socket can't get used for + * IPv4 connections. */ + if (setsockopt(s,IPPROTO_IPV6, IPV6_V6ONLY, (void*)&one, sizeof(one))<0) { + int e = tor_socket_errno(s); + log_warn(LD_NET, "Error setting IPV6_V6ONLY flag: %s", + tor_socket_strerror(e)); + /* Keep going; probably not harmful. */ + } + } +#endif + if (bind(s,listensockaddr,socklen) < 0) { const char *helpfulhint = ""; int e = tor_socket_errno(s); |