[tor-commits] [tor/maint-0.2.2] Oops, here's the *REAL* fix for the ipv6 issue

[nickm at torproject.org]

commit 2ce132e335d60c7ef1d01aa00db5ab4c5b7d674f
Author: Nick Mathewson <nickm at torproject.org>
Date:   Sun Mar 6 13:31:06 2011 -0500

    Oops, here's the *REAL* fix for the ipv6 issue
    
    We need to _REJECT_ descriptors with accept6/reject6 lines.  If we
    let them onto the network , other un-upgraded tors will crash.
---
 changes/ipv6_crash   |    5 +++--
 src/or/routerparse.c |    6 ++++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/changes/ipv6_crash b/changes/ipv6_crash
index 2b04355..02f8aaa 100644
--- a/changes/ipv6_crash
+++ b/changes/ipv6_crash
@@ -1,3 +1,4 @@
-  o Major bugfixes (directory authority)
+  o Major bugfixes:
     - Fix a crash in parsing router descriptors containing IPv6
-      addresses.  Bugfix on 0.2.1.3-alpha.
+      addresses.  This one crashed the directory authorities when somebody
+      fired up some experimental code. Bugfix on 0.2.1.3-alpha.
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index aa0687d..1faa177 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1369,6 +1369,12 @@ router_parse_entry_from_string(const char *s, const char *end,
       router->has_old_dnsworkers = 1;
   }
 
+  if (find_opt_by_keyword(tokens, K_REJECT6) ||
+      find_opt_by_keyword(tokens, K_ACCEPT6)) {
+    log_warn(LD_DIR, "Rejecting router with reject6/accept6 line: they crash "
+             "older Tors.");
+    goto err;
+  }
   exit_policy_tokens = find_all_exitpolicy(tokens);
   if (!smartlist_len(exit_policy_tokens)) {
     log_warn(LD_DIR, "No exit policy tokens in descriptor.");