Directory mirrors no longer include a guess at the client's IP

address if the connection appears to be coming from the same /24
network; it was producing too many wrong guesses.


svn:r13464

ChangeLog

@@ -1,6 +1,10 @@
-Changes in version 0.2.0.2-?? - 2008-02-??
+Changes in version 0.2.0.20-?? - 2008-02-??
   o Minor bugfixes:
     - Log the correct memory chunk sizes for empty RAM chunks in mempool.c
+    - Directory mirrors no longer include a guess at the client's IP
+      address if the connection appears to be coming from the same /24
+      network; it was producing too many wrong guesses.
+
 
 Changes in version 0.2.0.19-alpha - 2008-02-09
   o Major features:

src/or/directory.c

@@ -1984,8 +1984,10 @@ write_http_response_header_impl(dir_connection_t *conn, ssize_t length,
     tor_snprintf(cp, sizeof(tmp)-(cp-tmp), "Content-Type: %s\r\n", type);
     cp += strlen(cp);
   }
-  if (!is_internal_IP(conn->_base.addr, 0)) {
-    /* Don't report the source address for a localhost/private connection. */
+  if (!is_local_IP(conn->_base.addr)) {
+    /* Don't report the source address for a nearby/private connection.
+     * Otherwise we tend to mis-report in cases where incoming ports are
+     * being forwarded to a Tor server running behind the firewall. */
     tor_snprintf(cp, sizeof(tmp)-(cp-tmp),
                  X_ADDRESS_HEADER "%s\r\n", conn->_base.address);
     cp += strlen(cp);