diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-10-31 22:41:20 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-11-14 23:16:24 -0500 |
| commit | 807b781a3d9028db496640541a6168be936ab424 (patch) | |
| tree | 769ad95c1267e1292d69c015c2037fffb2d8b633 | |
| parent | 93591383a9169bd1716aa6495424e5e5e6161bd8 (diff) | |
| download | tor-807b781a3d9028db496640541a6168be936ab424.tar tor-807b781a3d9028db496640541a6168be936ab424.tar.gz | |
Actually send BEGIN cell flags
This uses advertised IPv6 ports as an implicit version check.
| -rw-r--r-- | src/or/connection_edge.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 2f3ed5d6f..ead9c49ef 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1647,6 +1647,51 @@ connection_ap_supports_optimistic_data(const entry_connection_t *conn) return conn->may_use_optimistic_data; } +/** DOCDOC */ +static uint32_t +connection_ap_get_begincell_flags(entry_connection_t *ap_conn) +{ + edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(ap_conn); + const node_t *exitnode = NULL; + const crypt_path_t *cpath_layer = edge_conn->cpath_layer; + uint32_t flags = 0; + if (ap_conn->use_begindir) + return 0; + + if (edge_conn->on_circuit->purpose != CIRCUIT_PURPOSE_C_GENERAL) + return 0; + + if (ap_conn->ipv4_traffic_ok && !ap_conn->ipv6_traffic_ok) + return 0; + + if (! cpath_layer || + ! cpath_layer->extend_info) + return 0; + + if (!ap_conn->ipv4_traffic_ok) + flags |= BEGIN_FLAG_IPV4_NOT_OK; + + exitnode = node_get_by_id(cpath_layer->extend_info->identity_digest); + + if (ap_conn->ipv6_traffic_ok && exitnode) { + tor_addr_t a; + tor_addr_make_null(&a, AF_INET6); + if (compare_tor_addr_to_node_policy(&a, ap_conn->socks_request->port, + exitnode) + != ADDR_POLICY_REJECTED) { + flags |= BEGIN_FLAG_IPV6_OK; + } + } + + if (flags == BEGIN_FLAG_IPV4_NOT_OK) { + log_warn(LD_BUG, "Hey; I'm about to ask a node for a connection that I " + "am telling it to fulfil with neither IPv4 nor IPv6. That's " + "probably not going to work."); + } + + return flags; +} + /** Write a relay begin cell, using destaddr and destport from ap_conn's * socks_request field, and send it down circ. * @@ -1682,6 +1727,9 @@ connection_ap_handshake_send_begin(entry_connection_t *ap_conn) return -1; } + /* Set up begin cell flags. */ + edge_conn->begincell_flags = connection_ap_get_begincell_flags(ap_conn); + tor_snprintf(payload,RELAY_PAYLOAD_SIZE, "%s:%d", (circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL) ? ap_conn->socks_request->address : "", |