Tor lets transports advertise private IP addresses in descriptor
While dealing with broken obfs4 bridges, I realised that our bridge authority has several obfs4 bridges in its cached-extrainfo document that have private IP addresses, e.g.:
transport obfs4 10.0.254.17:[redacted]
The PT spec explicitly allows private addresses in TOR_PT_SERVER_BINDADDR
:
The
MAY be a locally scoped address as long as port forwarding is done externally.
BridgeDB however ignores bridges with private IP addresses, so these obfs4 bridges are effectively useless. We could address this issue in BridgeDB by replacing an obfs4 bridge's private IP address with the address in its ORPort but I think that tor shouldn't be writing private addresses to a descriptor in the first place.