relay: Don't allow DirPort on non-IPv4

Our code doesn't allow it and so this prevents an assert() crash if the DirPort is for instance IPv6 only. Fixes #40494 Signed-off-by: David Goulet <dgoulet@torproject.org>

relay: Don't allow DirPort on non-IPv4
6e8e1a4e · David Goulet · 77f5bfa6 · 6e8e1a4e · 6e8e1a4e · 6e8e1a4e
Commit 6e8e1a4e authored 3 years ago by David Goulet
--- a/changes/ticket40494
+++ b/changes/ticket40494
+  o Minor bugfixes (relay):
+    - Reject IPv6-only DirPorts. Our reachability self-test forces DirPorts to
+      be IPv4, but our configuration parser allowed them to be IPv6-only,
+      which led to an assertion failure. Fixes bug 40494; bugfix on
+      0.4.5.1-alpha.
--- a/doc/man/tor.1.txt
+++ b/doc/man/tor.1.txt
@@ -2803,7 +2803,8 @@ details.)
    more than once, but only one advertised DirPort is supported: all
    but one DirPort must have the **NoAdvertise** flag set. (Default: 0) +
     +
-    The same flags are supported here as are supported by ORPort.
+    The same flags are supported here as are supported by ORPort. This port can
+    only be IPv4.

 [[DirPortFrontPage]] **DirPortFrontPage** __FILENAME__::
    When this option is set, it takes an HTML file and publishes it as "/" on

--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -352,6 +352,7 @@ check_and_prune_server_ports(smartlist_t *ports,
  int n_orport_listeners = 0;
  int n_dirport_advertised = 0;
  int n_dirport_listeners = 0;
+  int n_dirport_listeners_v4 = 0;
  int n_low_port = 0;
  int r = 0;

@@ -362,8 +363,12 @@ check_and_prune_server_ports(smartlist_t *ports,
    if (port->type == CONN_TYPE_DIR_LISTENER) {
      if (! port->server_cfg.no_advertise)
        ++n_dirport_advertised;
-      if (! port->server_cfg.no_listen)
+      if (! port->server_cfg.no_listen) {
        ++n_dirport_listeners;
+        if (port_binds_ipv4(port)) {
+          ++n_dirport_listeners_v4;
+        }
+      }
    } else if (port->type == CONN_TYPE_OR_LISTENER) {
      if (! port->server_cfg.no_advertise) {
        ++n_orport_advertised;
@@ -408,6 +413,12 @@ check_and_prune_server_ports(smartlist_t *ports,
             "address. Tor needs to listen on an IPv4 address too.");
    r = -1;
  }
+  if (n_dirport_advertised && n_dirport_listeners_v4 == 0) {
+    log_warn(LD_CONFIG, "We are listening on a non-IPv4 DirPort. This is not "
+                        "allowed. Consider either setting an IPv4 address or "
+                        "simply removing it because it is not used anymore.");
+    r = -1;
+  }

  if (n_low_port && options->AccountingMax &&
      (!have_capability_support() || options->KeepBindCapabilities == 0)) {