Re: [tor-bugs] #17610 [Tor]: Merge ExitPolicyRejectPrivate changes into 0.2.6.10

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#17610: Merge ExitPolicyRejectPrivate changes into 0.2.6.10
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  defect                               |         Status:
 Priority:  High                                 |  needs_review
Component:  Tor                                  |      Milestone:  Tor:
 Severity:  Normal                               |  0.2.6.x-final
 Keywords:  TorCoreTeam201511, security,         |        Version:  Tor:
  026-backport                                   |  unspecified
Parent ID:  #17027                               |     Resolution:
  Sponsor:                                       |  Actual Points:
                                                 |         Points:
-------------------------------------------------+-------------------------

Comment (by teor):

 Please see my branch bug17027-reject-private-all-interfaces-v2-026 on
 https://github.com/teor2345/tor.git

 Instead of doing the large refactor to generate a list of interface
 addresses, it uses the get_interface_address6 function from 0.2.6 to
 reject the first discovered public interface address. It also blocks the
 relay's configured IPv6 (ORPort) address.

 This covers the majority of exits, while making minimal changes to
 maint-0.2.6.
 Some multihomed exits may need to update to 0.2.7 or 0.2.8, or make manual
 changes to the exit policy in their torrcs to block all publicly routable
 addresses on the relay.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17610#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs