[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7478 [Tor]: Allow routersets to include/exclude nodes by IPv6 address



#7478: Allow routersets to include/exclude nodes by IPv6 address
-----------------------------------------------+---------------------------
 Reporter:  nickm                              |          Owner:  teor
     Type:  enhancement                        |         Status:
 Priority:  High                               |  needs_review
Component:  Tor                                |      Milestone:  Tor:
 Severity:  Normal                             |  0.2.8.x-final
 Keywords:  tor-client ipv6 TorCoreTeam201602  |        Version:
Parent ID:                                     |     Resolution:
  Sponsor:                                     |  Actual Points:
                                               |         Points:  small
-----------------------------------------------+---------------------------

Comment (by mikeperry):

 I started reviewing this and I have a question - In
 routerset_contains_router() the behavior is changed with respect to
 0.0.0.0 IPv4 addresses. Previously, we let those addresses be handled by
 compare_tor_addr_to_addr_policy() which has logic to still accept those
 addresses in some cases (since 0-addrs are treated as wildcards in some
 places in the code, but not others, depending mostly on the port in use).
 Now we shortcut that and always say they are not present in the set. A
 similar issue may exist for 0-addr IPv6 addresses..

 I am not sure if this actually matters yet, since I haven't read all of
 the related branches of code yet. Right now, my next place to look is exit
 policy checks against 0.0.0.0:*, but there may be other cases in the
 current codebase or in future code that may trip up with this change,
 expecting wildcard behavior to be preserved in some cases but not others.
 Noting this now because it is my EOD and maybe someone has a good
 explanation. Maybe we're actually fixing a bug here. But otherwise, I
 recommend holding off on merge until we know for sure. At the very lest,
 this is something that calls detailed commenting, IMO.

 In any event, I will dig deeper tomorrow.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7478#comment:24>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs