[tor-commits] [tor/master] Automatically use IPv6 when ClientUseIPv4 is 0
nickm at torproject.org
nickm at torproject.org
Thu Feb 11 17:37:18 UTC 2016
commit 77a9de0d48e61e6762e65f6099c9a424544eb0ad
Author: teor (Tim Wilson-Brown) <teor2345 at gmail.com>
Date: Fri Jan 22 15:10:18 2016 +1100
Automatically use IPv6 when ClientUseIPv4 is 0
Consequential changes to log messages:
* it's no longer possible to disable both IPv4 and IPv6,
* refactor common string out of remaining log messages
---
src/or/config.c | 16 ++++++++--------
src/or/policies.c | 6 ++++--
src/test/test_entrynodes.c | 11 +++++++----
src/test/test_policy.c | 16 +++++++++-------
4 files changed, 28 insertions(+), 21 deletions(-)
diff --git a/src/or/config.c b/src/or/config.c
index caa01d1..b9d9fb2 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3108,20 +3108,20 @@ options_validate(or_options_t *old_options, or_options_t *options,
/* We check if Reachable*Addresses blocks all addresses in
* parse_reachable_addresses(). */
- if (options->ClientUseIPv4 == 0 && !fascist_firewall_use_ipv6(options))
- REJECT("Tor cannot connect to the Internet if ClientUseIPv4 is 0 and "
- "ClientUseIPv6 is 0. Please set at least one of these options "
- "to 1, or configure bridges.");
+
+#define WARN_PLEASE_USE_IPV6_LOG_MSG \
+ "ClientPreferIPv6%sPort 1 is ignored unless tor is using IPv6. " \
+ "Please set ClientUseIPv6 1, ClientUseIPv4 0, or configure bridges."
if (!fascist_firewall_use_ipv6(options)
&& options->ClientPreferIPv6ORPort == 1)
- log_warn(LD_CONFIG, "ClientPreferIPv6ORPort 1 is ignored unless "
- "ClientUseIPv6 is also 1, or bridges are configured.");
+ log_warn(LD_CONFIG, WARN_PLEASE_USE_IPV6_LOG_MSG, "OR");
if (!fascist_firewall_use_ipv6(options)
&& options->ClientPreferIPv6DirPort == 1)
- log_warn(LD_CONFIG, "ClientPreferIPv6DirPort 1 is ignored unless "
- "ClientUseIPv6 is also 1, or bridges are configured.");
+ log_warn(LD_CONFIG, WARN_PLEASE_USE_IPV6_LOG_MSG, "Dir");
+
+#undef WARN_PLEASE_USE_IPV6_LOG_MSG
if (options->UseBridges &&
server_mode(options))
diff --git a/src/or/policies.c b/src/or/policies.c
index 0dc4f96..734558d 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -420,11 +420,13 @@ fascist_firewall_allows_address(const tor_addr_t *addr,
}
/** Is this client configured to use IPv6?
- * Clients use IPv6 if ClientUseIPv6 is 1, or UseBridges is 1.
*/
int fascist_firewall_use_ipv6(const or_options_t *options)
{
- return (options->ClientUseIPv6 == 1 || options->UseBridges == 1);
+ /* Clients use IPv6 if it's set, or they use bridges, or they don't use
+ * IPv4 */
+ return (options->ClientUseIPv6 == 1 || options->UseBridges == 1
+ || options->ClientUseIPv4 == 0);
}
/** Do we prefer to connect to IPv6, ignoring ClientPreferIPv6ORPort and
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index a0208b9..14baa8c 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -215,20 +215,23 @@ test_choose_random_entry_one_possible_guard(void *arg)
* time, so we can't be sure we get the guard */
tt_assert(chosen_entry);
- /* Check that we get the guard if it passes preferred address settings when
- * they're auto */
+ /* Check that we get a node if it is allowed but not preferred when settings
+ * are auto */
memset(&mocked_options, 0, sizeof(mocked_options));
mocked_options.ClientUseIPv4 = 1;
mocked_options.ClientPreferIPv6ORPort = -1;
chosen_entry = choose_random_entry(NULL);
- tt_ptr_op(chosen_entry, OP_EQ, the_guard);
+
+ /* We disable the guard check and the preferred address check at the same
+ * time, so we can't be sure we get the guard */
+ tt_assert(chosen_entry);
/* and with IPv6 active */
mocked_options.ClientUseIPv6 = 1;
chosen_entry = choose_random_entry(NULL);
- tt_ptr_op(chosen_entry, OP_EQ, the_guard);
+ tt_assert(chosen_entry);
done:
memset(&mocked_options, 0, sizeof(mocked_options));
diff --git a/src/test/test_policy.c b/src/test/test_policy.c
index 1daa38e..2e87f13 100644
--- a/src/test/test_policy.c
+++ b/src/test/test_policy.c
@@ -1310,7 +1310,8 @@ test_policies_fascist_firewall_allows_address(void *arg)
tt_assert(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0)
== 0);
- /* Test the function's address matching with everything off */
+ /* Test the function's address matching with ClientUseIPv4 0.
+ * This means "use IPv6" regardless of the other settings. */
memset(&mock_options, 0, sizeof(or_options_t));
mock_options.ClientUseIPv4 = 0;
mock_options.ClientUseIPv6 = 0;
@@ -1319,7 +1320,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
tt_assert(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0)
== 0);
tt_assert(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0)
- == 0);
+ == 1);
tt_assert(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0)
== 0);
tt_assert(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0)
@@ -1596,7 +1597,8 @@ test_policies_fascist_firewall_choose_address(void *arg)
FIREWALL_DIR_CONNECTION, 1)
== &ipv6_dir_ap);
- /* Choose an address with everything off */
+ /* Choose an address with ClientUseIPv4 0.
+ * This means "use IPv6" regardless of the other settings. */
memset(&mock_options, 0, sizeof(or_options_t));
mock_options.ClientUseIPv4 = 0;
mock_options.ClientUseIPv6 = 0;
@@ -1604,16 +1606,16 @@ test_policies_fascist_firewall_choose_address(void *arg)
tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 0,
FIREWALL_OR_CONNECTION, 0)
- == NULL);
+ == &ipv6_or_ap);
tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 0,
FIREWALL_OR_CONNECTION, 1)
- == NULL);
+ == &ipv6_or_ap);
tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &ipv6_dir_ap, 0,
FIREWALL_DIR_CONNECTION, 0)
- == NULL);
+ == &ipv6_dir_ap);
tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &ipv6_dir_ap, 0,
FIREWALL_DIR_CONNECTION, 1)
- == NULL);
+ == &ipv6_dir_ap);
/* Choose from unusual inputs */
memset(&mock_options, 0, sizeof(or_options_t));
More information about the tor-commits
mailing list