Commit 44e85544 authored by Roger Dingledine's avatar Roger Dingledine
Browse files

absolutely refuse to let people pick internal IP addresses if

they're using the default dirservers.

we're getting a big pile of a dozen or so servers that have picked
private IP addresses despite the warning (presumably they don't even
know they have logs)


svn:r4354
parent b0538591
......@@ -944,8 +944,9 @@ print_usage(void)
}
/**
* Based on <b>address</b>, guess our public IP address and put it
* in <b>addr</b>.
* Based on <b>options-\>Address</b>, guess our public IP address and put it
* in *<b>addr</b>. Return 0 if all is well, or -1 if we can't find a
* suitable public IP address.
*/
int
resolve_my_address(or_options_t *options, uint32_t *addr)
......@@ -994,12 +995,23 @@ resolve_my_address(or_options_t *options, uint32_t *addr)
}
tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf));
if (!explicit_ip && is_internal_IP(htonl(in.s_addr))) {
log_fn(LOG_WARN,"Address '%s' resolves to private IP '%s'. "
"Please set the Address config option to be the IP you want to use.",
hostname, tmpbuf);
if (!options->NoPublish)
if (is_internal_IP(htonl(in.s_addr)) && !options->NoPublish) {
/* make sure we're ok with publishing an internal IP */
if (!options->DirServers) {
/* if they are using the default dirservers, disallow internal IPs always. */
log_fn(LOG_WARN,"Address '%s' resolves to private IP '%s'. "
"Servers must use public IP addresses.",
hostname, tmpbuf);
return -1;
}
if (!explicit_ip) {
/* even if they've set their own dirservers, require an explicit IP if
* they're using an internal address. */
log_fn(LOG_WARN,"Address '%s' resolves to private IP '%s'. "
"Please set the Address config option to be the IP you want to use.",
hostname, tmpbuf);
return -1;
}
}
log_fn(LOG_DEBUG, "Resolved Address to %s.", tmpbuf);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment