summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug142805
-rw-r--r--src/or/connection_edge.c3
2 files changed, 6 insertions, 2 deletions
diff --git a/changes/bug14280 b/changes/bug14280
new file mode 100644
index 0000000000..917d40c34c
--- /dev/null
+++ b/changes/bug14280
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+ - Reject socks requests to literal IPv6 addresses when IPv6Traffic
+ flag is not set; and not because the NoIPv4Traffic flag was set.
+ Previously we'd looked at the NoIPv4Traffic flag for both types
+ of literal addresses. Fixes bug 14280; bugfix on 0.2.4.7-alpha.
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 13053a3847..a11b8e2810 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1364,9 +1364,8 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
/* If we reach this point, it's an IPv4 or an IPv6 address. */
sa_family_t family = tor_addr_family(&addr);
- /* XXXX bug: the second one should be "ipv6_traffic" */
if ((family == AF_INET && ! conn->entry_cfg.ipv4_traffic) ||
- (family == AF_INET6 && ! conn->entry_cfg.ipv4_traffic)) {
+ (family == AF_INET6 && ! conn->entry_cfg.ipv6_traffic)) {
/* You can't do an IPv4 address on a v6-only socks listener,
* or vice versa. */
log_warn(LD_NET, "Rejecting SOCKS request for an IP address "