[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24546 [Core Tor/Tor]: Use tor_addr_is_v4() rather than family, or reject all v6-mapped IPv4 addresses



#24546: Use tor_addr_is_v4() rather than family, or reject all v6-mapped IPv4
addresses
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  (none)
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-dirauth, ipv6,                   |  Actual Points:
  033-triage-20180320, 033-removed-20180320      |
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorV-can
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:5 neel]:
 > When I was grepping the instances of `->family == AF_INET`, I got this:
 >
 > {{{
 > neel@flex:~/code/tor/tor/src % grep -R tor_addr_is_v4 */*.h
 > common/address.h:int tor_addr_is_v4(const tor_addr_t *addr);
 > neel@flex:~/code/tor/tor/src % grep -R "[-][>]family == AF_INET" *
 > common/address.c:  if (addr->family == AF_INET) {
 > common/address.c:  } else if (addr->family == AF_INET6) {
 > common/address.c:  if (for_listening && addr->family == AF_INET
 > common/address.h:  return a->family == AF_INET6 ? &a->addr.in6_addr :
 NULL;
 > common/address.h:  tor_assert(a->family == AF_INET6);
 > common/address.h:  return a->family == AF_INET ? a->addr.in_addr.s_addr
 : 0;
 > common/address.h:  if (a->family == AF_INET6) {
 > common/address.h:  return a->family == AF_INET ? &a->addr.in_addr :
 NULL;
 > common/address.h:  return a->family == AF_INET ? (tor_addr_to_ipv4h(a)
 == u) : 0;
 > neel@flex:~/code/tor/tor/src %
 > }}}
 >
 > My questions are that:
 >
 > 1. Should I change the `a->family == AF_INET` in `address.h` to
 `tor_addr_is_v4(a)` (along with changing `addr->family == AF_INET` to
 `tor_addr_is_v4(addr)`)?

 Yes, that's fine.

 > 2. Is it okay if I implement a `tor_addr_is_v6()` which is like
 `tor_addr_is_v4()` but with IPv6/`AF_INET`, and replace `addr->family ==
 AF_INET6` and the like with `tor_addr_is_v6(addr)`?

 Yes, and please add unit tests for the new function.

 > 3. If I do #2 on this list, then should I reject IPv6 mapped IPv4
 addresses in `tor_addr_is_v6()`?

 You should reject IPv6-mapped IPv4 addresses in the v4 function. Tor
 doesn't use them, and we don't test for or support them.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24546#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs