Merge remote-tracking branch 'teor/bug18208'

c0a6c346 · Nick Mathewson · 162d2022 · 92b1c3b6 · c0a6c346 · c0a6c346
Commit c0a6c346 authored 9 years ago by Nick Mathewson
--- a/changes/bug18208
+++ b/changes/bug18208
+  o Minor bug fixes (exit policies, security):
+    - Refresh an exit relay's exit policy when interface addresses change.
+      Previously, tor only refreshed the exit policy when the configured
+      external address changed.
+      Closes ticket 18208 on tor 0.2.7.3. Patch by "teor".
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2169,7 +2169,10 @@ got_libevent_error(void)
 void
 ip_address_changed(int at_interface)
 {
-  int server = server_mode(get_options());
+  const or_options_t *options = get_options();
+  int server = server_mode(options);
+  int exit_reject_private = (server && options->ExitRelay
+                             && options->ExitPolicyRejectPrivate);

  if (at_interface) {
    if (! server) {
@@ -2183,10 +2186,15 @@ ip_address_changed(int at_interface)
        reset_bandwidth_test();
      stats_n_seconds_working = 0;
      router_reset_reachability();
-      mark_my_descriptor_dirty("IP address changed");
    }
  }

+  /* Exit relays incorporate interface addresses in their exit policies when
+   * ExitPolicyRejectPrivate is set */
+  if (exit_reject_private || (server && !at_interface)) {
+    mark_my_descriptor_dirty("IP address changed");
+  }
+
  dns_servers_relaunch_checks();
 }