From 5f61e19d8a4e96be9e8692777d835dde8d1ea7f8 Mon Sep 17 00:00:00 2001
From: Alexander Færøy <ahf@torproject.org>
Date: Tue, 2 Jul 2019 20:21:13 +0200
Subject: Expose TOR_PT_OUTBOUND_BIND_ADDRESS_{V4,V6} to Pluggable Transports.

This patch adds support for exposing the environment variables
`TOR_PT_OUTBOUND_BIND_ADDRESS_V4` and `TOR_PT_OUTBOUND_BIND_ADDRESS_V6` to
Pluggable Transport proccesses. These two values will contain the IPv4
and IPv6 address that the user have specified in torrc that they wish
the PT to use for all outgoing IP packets.

It is important to note here that it is up to the indvidual Pluggable
Transport if they are willing to honor these values or ignore them
completely.

One can test this feature using the following dummy PT written in POSIX
shell script:

    #!/bin/sh

    echo "LOG SEVERITY=warning MESSAGE=\"Value for IPv4: ${TOR_PT_OUTBOUND_BIND_ADDRESS_V4}\""
    echo "LOG SEVERITY=warning MESSAGE=\"Value for IPv6: ${TOR_PT_OUTBOUND_BIND_ADDRESS_V6}\""

    while true ; do
        sleep 1
    done

with the following entries in your torrc:

    OutboundBindAddressPT 203.0.113.4
    OutboundBindAddress 203.0.113.5
    OutboundBindAddressPT 2001:db8::4
    OutboundBindAddress 2001:db8::5

See: https://bugs.torproject.org/5304
---
 src/feature/client/transports.c | 74 +++++++++++++++++++++++++++++++++++++++++
 src/feature/client/transports.h |  2 ++
 2 files changed, 76 insertions(+)

(limited to 'src')

diff --git a/src/feature/client/transports.c b/src/feature/client/transports.c
index 2eb05d6a67..0e4361a210 100644
--- a/src/feature/client/transports.c
+++ b/src/feature/client/transports.c
@@ -1447,6 +1447,37 @@ create_managed_proxy_environment(const managed_proxy_t *mp)
    */
   smartlist_add_asprintf(envs, "TOR_PT_EXIT_ON_STDIN_CLOSE=1");
 
+  /* Specify which IPv4 and IPv6 addresses the PT should make its outgoing
+   * connections from. See: https://bugs.torproject.org/5304 for more
+   * information about this. */
+  {
+    /* Set TOR_PT_OUTBOUND_BIND_ADDRESS_V4. */
+    const tor_addr_t *ipv4_addr = managed_proxy_outbound_address(options,
+                                                                 AF_INET);
+
+    /* managed_proxy_outbound_address() only returns a non-NULL value if
+     * tor_addr_is_null() was false, which means we don't have to check that
+     * here. */
+    if (ipv4_addr) {
+      char *ipv4_addr_str = tor_addr_to_str_dup(ipv4_addr);
+      smartlist_add_asprintf(envs,
+                             "TOR_PT_OUTBOUND_BIND_ADDRESS_V4=%s",
+                             ipv4_addr_str);
+      tor_free(ipv4_addr_str);
+    }
+
+    /* Set TOR_PT_OUTBOUND_BIND_ADDRESS_V6. */
+    const tor_addr_t *ipv6_addr = managed_proxy_outbound_address(options,
+                                                                 AF_INET6);
+    if (ipv6_addr) {
+      char *ipv6_addr_str = tor_addr_to_str_dup(ipv6_addr);
+      smartlist_add_asprintf(envs,
+                             "TOR_PT_OUTBOUND_BIND_ADDRESS_V6=[%s]",
+                             ipv6_addr_str);
+      tor_free(ipv6_addr_str);
+    }
+  }
+
   SMARTLIST_FOREACH_BEGIN(envs, const char *, env_var) {
     set_environment_variable_in_smartlist(merged_env_vars, env_var,
                                           tor_free_, 1);
@@ -1919,3 +1950,46 @@ managed_proxy_severity_parse(const char *severity)
 
   return -1;
 }
+
+/** Return the outbound address from the given <b>family</b>. Returns NULL if
+ * the user haven't specified a specific outbound address in either
+ * OutboundBindAddress or OutboundBindAddressPT. */
+STATIC const tor_addr_t *
+managed_proxy_outbound_address(const or_options_t *options, sa_family_t family)
+{
+  tor_assert(options);
+
+  const tor_addr_t *address = NULL;
+  int family_index;
+
+  switch (family) {
+  case AF_INET:
+    family_index = 0;
+    break;
+  case AF_INET6:
+    family_index = 1;
+    break;
+  default:
+    /* LCOV_EXCL_START */
+    tor_assert_unreached();
+    return NULL;
+    /* LCOV_EXCL_STOP */
+  }
+
+  /* We start by checking if the user specified an address in
+   * OutboundBindAddressPT. */
+  address = &options->OutboundBindAddresses[OUTBOUND_ADDR_PT][family_index];
+
+  if (! tor_addr_is_null(address))
+    return address;
+
+  /* We fallback to check if the user specified an address in
+   * OutboundBindAddress. */
+  address = &options->OutboundBindAddresses[OUTBOUND_ADDR_ANY][family_index];
+
+  if (! tor_addr_is_null(address))
+    return address;
+
+  /* The user have not specified a preference for outgoing connections. */
+  return NULL;
+}
diff --git a/src/feature/client/transports.h b/src/feature/client/transports.h
index 1ed942c175..3aff1cb248 100644
--- a/src/feature/client/transports.h
+++ b/src/feature/client/transports.h
@@ -149,6 +149,8 @@ STATIC void managed_proxy_stderr_callback(process_t *, const char *, size_t);
 STATIC bool managed_proxy_exit_callback(process_t *, process_exit_code_t);
 
 STATIC int managed_proxy_severity_parse(const char *);
+STATIC const tor_addr_t *managed_proxy_outbound_address(const or_options_t *,
+                                                        sa_family_t);
 
 #endif /* defined(PT_PRIVATE) */
 
-- 
cgit v1.2.3-54-g00ecf