diff options
| author | Roger Dingledine <arma@torproject.org> | 2005-12-11 09:18:25 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2005-12-11 09:18:25 +0000 |
| commit | 46d563fe004320f2442db0f8a4846aa2b2546ce5 (patch) | |
| tree | 4122be470b6598cf01975c7175e36f40509e3eb8 | |
| parent | a4e1014f4dbf8f763c5670772b1a59301f10bf00 (diff) | |
| download | tor-46d563fe004320f2442db0f8a4846aa2b2546ce5.tar.gz tor-46d563fe004320f2442db0f8a4846aa2b2546ce5.zip | |
whenever we hupped or did a controller setconf, we were prepending
another reachableaddresses *:80,*:443 if fascistfirewall was set,
and we were appending another reject *:* regardless.
svn:r5560
| -rw-r--r-- | src/or/config.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/src/or/config.c b/src/or/config.c index 64e29d39fc..1582aae1dd 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1893,7 +1893,7 @@ options_validate(or_options_t *old_options, or_options_t *options) "LongLivedPorts") < 0) result = -1; - if (options->FascistFirewall) { + if (options->FascistFirewall && !options->ReachableAddresses) { smartlist_t *instead = smartlist_create(); config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t)); new_line->key = tor_strdup("ReachableAddresses"); @@ -1915,7 +1915,6 @@ options_validate(or_options_t *old_options, or_options_t *options) new_line->value = smartlist_join_strings(instead,",",0,NULL); /* These have been deprecated since 0.1.1.5-alpha-cvs */ log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall and FirewallPorts config options to new format: \"ReachableAddresses %s\"", new_line->value); - new_line->next = options->ReachableAddresses; options->ReachableAddresses = new_line; SMARTLIST_FOREACH(instead, char *, cp, tor_free(cp)); smartlist_free(instead); @@ -1924,12 +1923,17 @@ options_validate(or_options_t *old_options, or_options_t *options) if (options->ReachableAddresses) { /* We need to end with a reject *:*, not an implicit accept *:* */ config_line_t **linep = &options->ReachableAddresses; - while (*linep) { + for(;;) { + if (!strcmp((*linep)->value, "reject *:*")) /* already there */ + break; linep = &((*linep)->next); + if (!*linep) { + *linep = tor_malloc_zero(sizeof(config_line_t)); + (*linep)->key = tor_strdup("ReachableAddresses"); + (*linep)->value = tor_strdup("reject *:*"); + break; + } } - *linep = tor_malloc_zero(sizeof(config_line_t)); - (*linep)->key = tor_strdup("ReachableAddresses"); - (*linep)->value = tor_strdup("reject *:*"); } options->_AllowUnverified = 0; |