[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21346 [Core Tor/Tor]: Clients with NoIPv4Traffic should only choose IPv6-supporting Exits



#21346: Clients with NoIPv4Traffic should only choose IPv6-supporting Exits
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.5.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ipv6, 031-deferred-20170425,         |  Actual Points:
  032-unreached                                  |
Parent ID:  #21311                               |         Points:  0.5
 Reviewer:  dgoulet                              |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 Thanks neel for you patch!

 So it took me a while to wrap my head around your fix and the current
 behavior. I do understand that we need to pick an Exit node that matches
 our IP criteria so that `connection_ap_get_begincell_flags()` doesn't get
 confused.

 The `connection_ap_can_use_exit()` is the right place to look for the
 SocksPort flags vs the Exit policy but it appears it *is* doing the right
 thing already with selecting the address family and then using
 `compare_tor_addr_to_node_policy()` to keep the chosen exit node or not.

 Seems to me your patch that adds `node_policy_is_general_exit()` is doing
 roughly the same thing but only for port 80/443 (general exit policy). Can
 you enlighten me on how it is different or fixes things.

 I'm asking here because there are two issues. The first one is that it is
 unclear _why_ your code does what it does and second it duplicates most of
 its code from other functions which in turn turns out to be mostly what
 `compare_tor_addr_to_node_policy()` does...

 Thanks!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21346#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs