Merge remote-tracking branch 'sebastian/bug20064'

changes/bug20064

@@ -0,0 +1,5 @@
+  o Minor bugfixes (Directory Authority):
+   - When allowing private addresses, mark Exits that only exit to
+     private locations as such. Fixes bug 20064; bugfix on
+     0.2.2.9-alpha.
+

doc/tor.1.txt

@@ -2163,7 +2163,9 @@ on the public Tor network.
 [[DirAllowPrivateAddresses]] **DirAllowPrivateAddresses** **0**|**1**::
     If set to 1, Tor will accept server descriptors with arbitrary "Address"
     elements. Otherwise, if the address is not an IP address or is a private IP
-    address, it will reject the server descriptor. (Default: 0)
+    address, it will reject the server descriptor. Additionally, Tor
+    will allow exit policies for private networks to fulfill Exit flag
+    requirements. (Default: 0)
 
 [[AuthDirBadExit]] **AuthDirBadExit** __AddressPattern...__::
     Authoritative directories only. A set of address patterns for servers that

src/or/policies.c

@@ -2119,8 +2119,10 @@ exit_policy_is_general_exit_helper(smartlist_t *policy, int port)
       if (subnet_status[i] != 0)
         continue; /* We already reject some part of this /8 */
       tor_addr_from_ipv4h(&addr, i<<24);
-      if (tor_addr_is_internal(&addr, 0))
+      if (tor_addr_is_internal(&addr, 0) &&
+          !get_options()->DirAllowPrivateAddresses) {
         continue; /* Local or non-routable addresses */
+      }
       if (p->policy_type == ADDR_POLICY_ACCEPT) {
         if (p->maskbits > 8)
           continue; /* Narrower than a /8. */