|
@@ -498,6 +498,14 @@ circuit_handle_first_hop(origin_circuit_t *circ)
|
|
tor_assert(firsthop);
|
|
tor_assert(firsthop);
|
|
tor_assert(firsthop->extend_info);
|
|
tor_assert(firsthop->extend_info);
|
|
|
|
|
|
|
|
+ /* XX/teor - does tor ever need build a circuit directly to itself? */
|
|
|
|
+ if (tor_addr_is_internal(&firsthop->extend_info->addr, 0) &&
|
|
|
|
+ !get_options()->ExtendAllowPrivateAddresses) {
|
|
|
|
+ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
|
|
|
+ "Client asked me to connect directly to a private address");
|
|
|
|
+ return -END_CIRC_REASON_TORPROTOCOL;
|
|
|
|
+ }
|
|
|
|
+
|
|
/* now see if we're already connected to the first OR in 'route' */
|
|
/* now see if we're already connected to the first OR in 'route' */
|
|
log_debug(LD_CIRC,"Looking for firsthop '%s'",
|
|
log_debug(LD_CIRC,"Looking for firsthop '%s'",
|
|
fmt_addrport(&firsthop->extend_info->addr,
|
|
fmt_addrport(&firsthop->extend_info->addr,
|