Update ExitPolicy when interface addresses change

Tor exit relays reject local interface addresses in their exit policy. Make sure those policies are updated when interface addresses change.

Update ExitPolicy when interface addresses change
92b1c3b6 · teor (Tim Wilson-Brown) · f09d03c3 · 92b1c3b6 · 92b1c3b6
Commit 92b1c3b6 authored 9 years ago by teor (Tim Wilson-Brown)
--- a/changes/bug18208
+++ b/changes/bug18208
+  o Minor bug fixes (exit policies, security):
+    - Refresh an exit relay's exit policy when interface addresses change.
+      Previously, tor only refreshed the exit policy when the configured
+      external address changed.
+      Closes ticket 18208 on tor 0.2.7.3. Patch by "teor".
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2195,7 +2195,10 @@ got_libevent_error(void)
 void
 ip_address_changed(int at_interface)
 {
-  int server = server_mode(get_options());
+  const or_options_t *options = get_options();
+  int server = server_mode(options);
+  int exit_reject_private = (server && options->ExitRelay
+                             && options->ExitPolicyRejectPrivate);

  if (at_interface) {
    if (! server) {
@@ -2209,10 +2212,15 @@ ip_address_changed(int at_interface)
        reset_bandwidth_test();
      stats_n_seconds_working = 0;
      router_reset_reachability();
-      mark_my_descriptor_dirty("IP address changed");
    }
  }

+  /* Exit relays incorporate interface addresses in their exit policies when
+   * ExitPolicyRejectPrivate is set */
+  if (exit_reject_private || (server && !at_interface)) {
+    mark_my_descriptor_dirty("IP address changed");
+  }
+
  dns_servers_relaunch_checks();
 }