diff options
author | Nick Mathewson <nickm@torproject.org> | 2010-09-29 15:00:41 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2010-10-01 18:14:27 -0400 |
commit | 26e897420e07611e0b2c10b28202c388eea4bd6b (patch) | |
tree | fa4b00945e82f2f030cf19bb186c5899834e535a /src/or/policies.c | |
parent | 6dd7f85bc7fa9887736feb7604e76d7226d03ca5 (diff) | |
download | tor-26e897420e07611e0b2c10b28202c388eea4bd6b.tar.gz tor-26e897420e07611e0b2c10b28202c388eea4bd6b.zip |
Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
Diffstat (limited to 'src/or/policies.c')
-rw-r--r-- | src/or/policies.c | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/src/or/policies.c b/src/or/policies.c index b4d359599c..1404e20e50 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -11,6 +11,7 @@ #include "or.h" #include "config.h" #include "dirserv.h" +#include "nodelist.h" #include "policies.h" #include "routerparse.h" #include "ht.h" @@ -269,6 +270,22 @@ fascist_firewall_allows_or(const routerinfo_t *ri) return fascist_firewall_allows_address_or(&addr, ri->or_port); } +/** Return true iff we think our firewall will let us make an OR connection to + * <b>node</b>. */ +int +fascist_firewall_allows_node(const node_t *node) +{ + if (node->ri) { + return fascist_firewall_allows_or(node->ri); + } else if (node->rs) { + tor_addr_t addr; + tor_addr_from_ipv4h(&addr, node->rs->addr); + return fascist_firewall_allows_address_or(&addr, node->rs->or_port); + } else { + return 1; + } +} + /** Return true iff we think our firewall will let us make a directory * connection to addr:port. */ int @@ -858,6 +875,7 @@ policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest, return 0; } +#if 0 /** Replace the exit policy of <b>r</b> with reject *:*. */ void policies_set_router_exitpolicy_to_reject_all(routerinfo_t *r) @@ -868,6 +886,15 @@ policies_set_router_exitpolicy_to_reject_all(routerinfo_t *r) item = router_parse_addr_policy_item_from_string("reject *:*", -1); smartlist_add(r->exit_policy, item); } +#endif + +/** Replace the exit policy of <b>node</b> with reject *:* */ +void +policies_set_node_exitpolicy_to_reject_all(node_t *node) +{ + (void)node; + UNIMPLEMENTED_NODELIST(); +} /** Return 1 if there is at least one /8 subnet in <b>policy</b> that * allows exiting to <b>port</b>. Otherwise, return 0. */ @@ -1288,6 +1315,31 @@ policy_summarize(smartlist_t *policy) return result; } +/** Decides whether addr:port is probably or definitely accepted or rejcted by + * <b>node</b>. See compare_tor_addr_to_addr_policy for details on addr/port + * interpretation. */ +addr_policy_result_t +compare_addr_to_node_policy(uint32_t addr, uint16_t port, const node_t *node) +{ + tor_addr_t a; + tor_addr_from_ipv4h(&a, addr); + return compare_tor_addr_to_node_policy(&a, port, node); +} + +/** Decides whether addr:port is probably or definitely accepted or rejcted by + * <b>node</b>. See compare_tor_addr_to_addr_policy for details on addr/port + * interpretation. */ +addr_policy_result_t +compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, + const node_t *node) +{ + (void)addr; + (void)port; + (void)node; + UNIMPLEMENTED_NODELIST(); + return 0; +} + /** Implementation for GETINFO control command: knows the answer for questions * about "exit-policy/..." */ int |