diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-03-11 11:11:38 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-03-11 11:11:38 -0500 |
| commit | fe0d346a6df3d20f81a90c4cfe4de89046907961 (patch) | |
| tree | 8ebff960fa5b9b9e7354a76b3b02ecbe462fdd24 /src/or/rendservice.c | |
| parent | 656e23171d64885c1bea95403768386ee369e949 (diff) | |
| parent | 7275dd4fd17a2b5e7465cf6f96d6db834a15c869 (diff) | |
| download | tor-fe0d346a6df3d20f81a90c4cfe4de89046907961.tar.gz tor-fe0d346a6df3d20f81a90c4cfe4de89046907961.zip | |
Merge remote-tracking branch 'teor/bug8976_01_028'
Diffstat (limited to 'src/or/rendservice.c')
| -rw-r--r-- | src/or/rendservice.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/or/rendservice.c b/src/or/rendservice.c index e9a6c9df31..09b20e34a4 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1818,6 +1818,18 @@ find_rp_for_intro(const rend_intro_cell_t *intro, goto err; } + /* Make sure the RP we are being asked to connect to is _not_ a private + * address unless it's allowed. Let's avoid to build a circuit to our + * second middle node and fail right after when extending to the RP. */ + if (!extend_info_addr_is_allowed(&rp->addr)) { + if (err_msg_out) { + tor_asprintf(&err_msg, + "Relay IP in INTRODUCE2 cell is private address."); + } + extend_info_free(rp); + rp = NULL; + goto err; + } goto done; err: |