aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2021-11-02 09:34:03 -0400
committerDavid Goulet <dgoulet@torproject.org>2021-11-03 09:51:46 -0400
commit6e8e1a4e6ff249afd32e7851989ba3d79df9d5b2 (patch)
tree92e0c56b0db8d61b70b198ca4ed66693ce38742b /src
parent77f5bfa60e0030d6c26eb01ea5fb1a04e0b2d6bb (diff)
downloadtor-6e8e1a4e6ff249afd32e7851989ba3d79df9d5b2.tar.gz
tor-6e8e1a4e6ff249afd32e7851989ba3d79df9d5b2.zip
relay: Don't allow DirPort on non-IPv4
Our code doesn't allow it and so this prevents an assert() crash if the DirPort is for instance IPv6 only. Fixes #40494 Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src')
-rw-r--r--src/feature/relay/relay_config.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c
index c4a5d7f572..8ea0ad8397 100644
--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -352,6 +352,7 @@ check_and_prune_server_ports(smartlist_t *ports,
int n_orport_listeners = 0;
int n_dirport_advertised = 0;
int n_dirport_listeners = 0;
+ int n_dirport_listeners_v4 = 0;
int n_low_port = 0;
int r = 0;
@@ -362,8 +363,12 @@ check_and_prune_server_ports(smartlist_t *ports,
if (port->type == CONN_TYPE_DIR_LISTENER) {
if (! port->server_cfg.no_advertise)
++n_dirport_advertised;
- if (! port->server_cfg.no_listen)
+ if (! port->server_cfg.no_listen) {
++n_dirport_listeners;
+ if (port_binds_ipv4(port)) {
+ ++n_dirport_listeners_v4;
+ }
+ }
} else if (port->type == CONN_TYPE_OR_LISTENER) {
if (! port->server_cfg.no_advertise) {
++n_orport_advertised;
@@ -408,6 +413,12 @@ check_and_prune_server_ports(smartlist_t *ports,
"address. Tor needs to listen on an IPv4 address too.");
r = -1;
}
+ if (n_dirport_advertised && n_dirport_listeners_v4 == 0) {
+ log_warn(LD_CONFIG, "We are listening on a non-IPv4 DirPort. This is not "
+ "allowed. Consider either setting an IPv4 address or "
+ "simply removing it because it is not used anymore.");
+ r = -1;
+ }
if (n_low_port && options->AccountingMax &&
(!have_capability_support() || options->KeepBindCapabilities == 0)) {