[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #24546 [Core Tor/Tor]: Use tor_addr_is_v4() rather than family, or reject all v6-mapped IPv4 addresses
#24546: Use tor_addr_is_v4() rather than family, or reject all v6-mapped IPv4
addresses
-------------------------------------------------+-------------------------
Reporter: teor | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-dirauth, ipv6, | Actual Points:
033-triage-20180320, 033-removed-20180320 |
Parent ID: | Points: 1
Reviewer: | Sponsor:
| SponsorV-can
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:5 neel]:
> When I was grepping the instances of `->family == AF_INET`, I got this:
>
> {{{
> neel@flex:~/code/tor/tor/src % grep -R tor_addr_is_v4 */*.h
> common/address.h:int tor_addr_is_v4(const tor_addr_t *addr);
> neel@flex:~/code/tor/tor/src % grep -R "[-][>]family == AF_INET" *
> common/address.c: if (addr->family == AF_INET) {
> common/address.c: } else if (addr->family == AF_INET6) {
> common/address.c: if (for_listening && addr->family == AF_INET
> common/address.h: return a->family == AF_INET6 ? &a->addr.in6_addr :
NULL;
> common/address.h: tor_assert(a->family == AF_INET6);
> common/address.h: return a->family == AF_INET ? a->addr.in_addr.s_addr
: 0;
> common/address.h: if (a->family == AF_INET6) {
> common/address.h: return a->family == AF_INET ? &a->addr.in_addr :
NULL;
> common/address.h: return a->family == AF_INET ? (tor_addr_to_ipv4h(a)
== u) : 0;
> neel@flex:~/code/tor/tor/src %
> }}}
>
> My questions are that:
>
> 1. Should I change the `a->family == AF_INET` in `address.h` to
`tor_addr_is_v4(a)` (along with changing `addr->family == AF_INET` to
`tor_addr_is_v4(addr)`)?
Yes, that's fine.
> 2. Is it okay if I implement a `tor_addr_is_v6()` which is like
`tor_addr_is_v4()` but with IPv6/`AF_INET`, and replace `addr->family ==
AF_INET6` and the like with `tor_addr_is_v6(addr)`?
Yes, and please add unit tests for the new function.
> 3. If I do #2 on this list, then should I reject IPv6 mapped IPv4
addresses in `tor_addr_is_v6()`?
You should reject IPv6-mapped IPv4 addresses in the v4 function. Tor
doesn't use them, and we don't test for or support them.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24546#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs