diff options
| author | Nick Mathewson <nickm@torproject.org> | 2003-12-13 02:44:02 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2003-12-13 02:44:02 +0000 |
| commit | f37f7daa2f0aa3bc981ec3147e171281370f5741 (patch) | |
| tree | 37f0d10671050b58abfe0d96a937e8a63941083e | |
| parent | c425f2e0ec86d8bd77a389cb5baf31feca4b784e (diff) | |
| download | tor-f37f7daa2f0aa3bc981ec3147e171281370f5741.tar.gz tor-f37f7daa2f0aa3bc981ec3147e171281370f5741.zip | |
Add port ranges to exit policies
svn:r899
| -rw-r--r-- | src/or/or.h | 3 | ||||
| -rw-r--r-- | src/or/router.c | 16 | ||||
| -rw-r--r-- | src/or/routerlist.c | 27 | ||||
| -rw-r--r-- | src/or/test.c | 4 |
4 files changed, 34 insertions, 16 deletions
diff --git a/src/or/or.h b/src/or/or.h index 41b0627eb2..bf5e9dbc6a 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -329,7 +329,8 @@ struct exit_policy_t { char *string; uint32_t addr; uint32_t msk; - uint16_t prt; + uint16_t prt_min; + uint16_t prt_max; struct exit_policy_t *next; }; diff --git a/src/or/router.c b/src/or/router.c index 8101a33608..a8626a604d 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -453,16 +453,22 @@ int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router, return -1; written += result; } - if (tmpe->prt) { - result = snprintf(s+written, maxlen-written, ":%d\n", tmpe->prt); + if (tmpe->prt_min == 1 && tmpe->prt_max == 65535) { + if (written > maxlen-4) + return -1; + strcat(s+written, ":*\n"); + written += 3; + } else if (tmpe->prt_min == tmpe->prt_max) { + result = snprintf(s+written, maxlen-written, ":%d\n", tmpe->prt_min); if (result<0 || result+written > maxlen) return -1; written += result; } else { - if (written > maxlen-4) + result = snprintf(s+written, maxlen-written, ":%d-%d\n", tmpe->prt_min, + tmpe->prt_max); + if (result<0 || result+written > maxlen) return -1; - strcat(s+written, ":*\n"); - written += 3; + written += result; } } /* end for */ if (written > maxlen-256) /* Not enough room for signature. */ diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 11c7a6faa1..195c3cbb02 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -424,10 +424,10 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port, log_fn(LOG_DEBUG,"Considering exit policy %s", tmpe->string); if (!addr) { /* Address is unknown. */ - if (tmpe->msk == 0 && (!tmpe || port == tmpe->prt)) { + if (tmpe->msk == 0 && (port >= tmpe->prt_min && port <= tmpe->prt_max)) { /* The exit policy is accept/reject *:port */ match = 1; - } else if ((!tmpe->prt || port == tmpe->prt) && + } else if (port >= tmpe->prt_min && port <= tmpe->prt_max && tmpe->policy_type == EXIT_POLICY_REJECT) { /* The exit policy is reject ???:port */ maybe_reject = 1; @@ -435,7 +435,7 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port, } else { /* Address is known */ if ( (addr & tmpe->msk) == (tmpe->addr & tmpe->msk) && - (!tmpe->prt || port == tmpe->prt) ) { + (port >= tmpe->prt_min && port <= tmpe->prt_max) ) { /* Exact match for the policy */ match = 1; } @@ -947,23 +947,34 @@ static int router_add_exit_policy(routerinfo_t *router, } } if (strcmp(port, "*") == 0) { - newe->prt = 0; + newe->prt_min = 1; + newe->prt_max = 65535; } else { endptr = NULL; - newe->prt = strtol(port, &endptr, 10); - if (*endptr) { + newe->prt_min = strtol(port, &endptr, 10); + if (*endptr == '-') { + port = endptr+1; + endptr = NULL; + newe->prt_max = strtol(port, &endptr, 10); + if (*endptr) { + log_fn(LOG_WARN, "Malformed port %s on exit policy; rejecting.", + port); + } + } else if (*endptr) { log_fn(LOG_WARN, "Malformed port %s on exit policy; rejecting.", port); goto policy_read_failed; + } else { + newe->prt_max = newe->prt_min; } } in.s_addr = htonl(newe->addr); address = tor_strdup(inet_ntoa(in)); in.s_addr = htonl(newe->msk); - log_fn(LOG_DEBUG,"%s %s/%s:%d", + log_fn(LOG_DEBUG,"%s %s/%s:%d-%d", newe->policy_type == EXIT_POLICY_REJECT ? "reject" : "accept", - address, inet_ntoa(in), newe->prt); + address, inet_ntoa(in), newe->prt_min, newe->prt_max); tor_free(address); /* now link newe onto the end of exit_policy */ diff --git a/src/or/test.c b/src/or/test.c index 1b1ee37270..939783cac9 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -560,12 +560,12 @@ test_dir_format() ex1.string = NULL; ex1.addr = 0; ex1.msk = 0; - ex1.prt = 80; + ex1.prt_min = ex1.prt_max = 80; ex1.next = &ex2; ex2.policy_type = EXIT_POLICY_REJECT; ex2.addr = 18 << 24; ex2.msk = 0xFF000000u; - ex2.prt = 24; + ex2.prt_min = ex1.prt_max = 24; ex2.next = NULL; r2.address = "tor.tor.tor"; r2.addr = 0x0a030201u; /* 10.3.2.1 */ |