From a96c0affcb4cda1a2e0d83d123993d10efc6e396 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 24 Oct 2012 15:03:29 -0400 Subject: Better policy support for IPv6 Now, "accept *:80" means "accept all addresses on port 80", and not just IPv4. For just v4, say "accept *4:80"; for just v6 say "accept *6:80". We can parse these policies from torrc just fine, and we should be successfully keeping them out of descriptors for now. We also now include appropriate IPv6 addresses in "reject private:*" --- src/or/router.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/or/router.c') diff --git a/src/or/router.c b/src/or/router.c index 1cac63a3a..efe24d7cc 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -2001,7 +2001,6 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, size_t onion_pkeylen, identity_pkeylen; size_t written; int result=0; - addr_policy_t *tmpe; char *family_line; char *extra_or_address = NULL; const or_options_t *options = get_options(); @@ -2130,11 +2129,12 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, if (!router->exit_policy || !smartlist_len(router->exit_policy)) { strlcat(s+written, "reject *:*\n", maxlen-written); written += strlen("reject *:*\n"); - tmpe = NULL; } else if (router->exit_policy) { int i; for (i = 0; i < smartlist_len(router->exit_policy); ++i) { - tmpe = smartlist_get(router->exit_policy, i); + addr_policy_t *tmpe = smartlist_get(router->exit_policy, i); + if (tor_addr_family(&tmpe->addr) == AF_INET6) + continue; /* Don't include IPv6 parts of address policy */ result = policy_write_item(s+written, maxlen-written, tmpe, 1); if (result < 0) { log_warn(LD_BUG,"descriptor policy_write_item ran out of room!"); -- cgit v1.2.3