Add a new family-specific syntax for tor_addr_parse_mask_ports

By default, "*" means "All IPv4 addresses" with
tor_addr_parse_mask_ports, so I won't break anything.  But if the new
EXTENDED_STAR flag is provided, then * means "any address", *4 means
"any IPv4 address" (that is, 0.0.0.0/0), and "*6" means "any IPv6
address" (that is, [::]/0).

This is going to let us have a syntax for specifying exit policies in
torrc that won't drive people mad.

Also, add a bunch of unit tests for tor_addr_parse_mask_ports to test
these new features, and to increase coverage.

2 files changed, 31 insertions, 3 deletions

diff --git a/src/common/address.c b/src/common/address.c
index a714ead5e6..3f00c1e617 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -559,9 +559,22 @@ tor_addr_to_PTR_name(char *out, size_t outlen,
  *
  *  Return an address family on success, or -1 if an invalid address string is
  *  provided.
+ *
+ *  If 'flags & TAPMP_EXTENDED_STAR' is false, then the wildcard address '*'
+ *  yield an IPv4 wildcard.
+ *
+ *  If 'flags & TAPMP_EXTENDED_STAR' is true, then the wildcard address '*'
+ *  yields an AF_UNSPEC wildcard address, and the following change is made
+ *  in the grammar above:
+ *   Address ::= IPv4Address / "[" IPv6Address "]" / "*" / "*4" / "*6"
+ *  with the new "*4" and "*6" productions creating a wildcard to match
+ *  IPv4 or IPv6 addresses.
+ *
  */
 int
-tor_addr_parse_mask_ports(const char *s, tor_addr_t *addr_out,
+tor_addr_parse_mask_ports(const char *s,
+                          unsigned flags,
+                          tor_addr_t *addr_out,
                           maskbits_t *maskbits_out,
                           uint16_t *port_min_out, uint16_t *port_max_out)
 {
@@ -618,9 +631,23 @@ tor_addr_parse_mask_ports(const char *s, tor_addr_t *addr_out,
   memset(addr_out, 0, sizeof(tor_addr_t));
 
   if (!strcmp(address, "*")) {
-    family = AF_INET; /* AF_UNSPEC ???? XXXX_IP6 */
+    if (flags & TAPMP_EXTENDED_STAR) {
+      family = AF_UNSPEC;
+      tor_addr_make_unspec(addr_out);
+    } else {
+      family = AF_INET;
+      tor_addr_from_ipv4h(addr_out, 0);
+    }
+    any_flag = 1;
+  } else if (!strcmp(address, "*4") && (flags & TAPMP_EXTENDED_STAR)) {
+    family = AF_INET;
     tor_addr_from_ipv4h(addr_out, 0);
     any_flag = 1;
+  } else if (!strcmp(address, "*6") && (flags & TAPMP_EXTENDED_STAR)) {
+    static char nil_bytes[16] = { 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0 };
+    family = AF_INET6;
+    tor_addr_from_ipv6_bytes(addr_out, nil_bytes);
+    any_flag = 1;
   } else if (tor_inet_pton(AF_INET6, address, &in6_tmp) > 0) {
     family = AF_INET6;
     tor_addr_from_in6(addr_out, &in6_tmp);
diff --git a/src/common/address.h b/src/common/address.h
index 067b7a0ca6..6bf94610c8 100644
--- a/src/common/address.h
+++ b/src/common/address.h
@@ -183,7 +183,8 @@ int tor_addr_parse_PTR_name(tor_addr_t *result, const char *address,
 
 int tor_addr_port_lookup(const char *s, tor_addr_t *addr_out,
                         uint16_t *port_out);
-int tor_addr_parse_mask_ports(const char *s,
+#define TAPMP_EXTENDED_STAR 1
+int tor_addr_parse_mask_ports(const char *s, unsigned flags,
                               tor_addr_t *addr_out, maskbits_t *mask_out,
                               uint16_t *port_min_out, uint16_t *port_max_out);
 const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len,