Clarification about reject6/accept6 torrc entries
Hi Nick, toralf pointed out that stem chokes on tor's reject6/accept6 torrc entries. Fine thing to be fixed, but I'm not entirely clear how they should be handled. From what I can tell the only mention of them is a brief note in the man page.
Initially when I made Stem's exit policy handling it was based on server descriptors, where exit policy rules can be either IPv4 or IPv6 but don't have those special keywords...
accept *:80 # accepts any IPv4 or IPv6 address on port 80? accept 0.0.0.0/0:80 # accepts any IPv4 but not IPv6 accept [0000:0000:0000:0000:0000:0000:0000:0000]/0:80 # accepts any IPv6 but not IPv4
On reflection though, is even that right? I expect not. According to the spec 'accept/reject' can be IPv6, but then we later added a specific ipv6-policy, so I'm now successfully confused. :P
I expect that the actual behavior is as follows...
- A server descriptor's accept/reject lines can only be IPv4.
- If IPv6 is allowed then it's on ipv6-policy. Those lines don't allow for addresses or subnets, so guess you can specify 'all addresses for port X' in descriptors.
- The torrc allows you to specify IPv6 subnets (and maybe addresses?) so guess to make a circuit tor tries using an exit, sees if the address is reachable, and if not uses another?
As for the torrc the examples given in the man page are just subnets ("reject6 /7:*"). Does reject6/accept6 take addresses? Do those addresses have brackets? Are the brackets optional?
So TL;DR, the torrc entries need a specification, and the dir-spec could probably do with some corrections. :P