diff options
| author | Yawning Angel <yawning@schwanenlied.me> | 2016-09-30 18:43:31 +0000 |
|---|---|---|
| committer | Yawning Angel <yawning@schwanenlied.me> | 2016-09-30 18:43:31 +0000 |
| commit | 847e001d288b7d02d589d8df699e84d4d6d363b6 (patch) | |
| tree | 080ce98406d5569ae1aa68ccedcbec97fb4f1bdd /src | |
| parent | 53255e925c474f9d5cb30c1de4da025e6d709e9a (diff) | |
| download | tor-847e001d288b7d02d589d8df699e84d4d6d363b6.tar.gz tor-847e001d288b7d02d589d8df699e84d4d6d363b6.zip | |
Bug 20261: Disable IsolateClientAddr on AF_LOCAL SocksPorts.
The client addr is essentially meaningless in this context (yes, it is
possible to explicitly `bind()` AF_LOCAL client side sockets to a path,
but no one does it, and there are better ways to grant that sort of
feature if people want it like using `SO_PASSCRED`).
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/config.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c index 18cbe34be3..93e753bb49 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6838,6 +6838,13 @@ parse_port_config(smartlist_t *out, goto err; } + if (unix_socket_path && (isolation & ISO_CLIENTADDR)) { + /* `IsolateClientAddr` is nonsensical in the context of AF_LOCAL. + * just silently remove the isolation flag. + */ + isolation &= ~ISO_CLIENTADDR; + } + if (out && port) { size_t namelen = unix_socket_path ? strlen(unix_socket_path) : 0; port_cfg_t *cfg = port_cfg_new(namelen); |