Possibly more uniform and centralized "is this a private address" handling
Currently, we have two places where we define a private-enough or too-private address:
- In
tor_hsrproxy::onion_proxy::TargetAddr::is_sufficiently_private
, where we decide whether to warn about an address where we are forwarding an onion service connection. - In
arti_client::address::Host::is_local
, where we reject attempts to make anonymized connections which we expect that the exit node will reject.
These have different behavior, but they have enough in common that we might want to provide some kind of extension trait for IpAddr
in tor-basic-utils
or something.
But also see tor#5166 (closed), where we ran into some hard-to-untangle trouble by having too few definitions of what counts as private.