summaryrefslogtreecommitdiff
path: root/src/or/policies.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-03-03 10:45:39 -0500
committerNick Mathewson <nickm@torproject.org>2014-03-03 10:45:39 -0500
commit4050dfa320e3322beb263bff3afc1db10df5af96 (patch)
tree1fa8529e760c165c9dae8e8a8f566d748b0c0b7e /src/or/policies.c
parentd98f743b282a8b28ed8d2d14db3bbfee40c5e6b0 (diff)
downloadtor-4050dfa320e3322beb263bff3afc1db10df5af96.tar.gz
tor-4050dfa320e3322beb263bff3afc1db10df5af96.zip
Warn if ports are specified in {Socks,Dir}Policy
We have ignored any ports listed here since 80365b989 (0.0.7rc1), but we didn't warn the user that we were ignoring them. This patch adds a warning if you put explicit ports in any of the options {Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}. It also adjusts the manpage to say that ports are ignored. Fixes ticket 11108.
Diffstat (limited to 'src/or/policies.c')
-rw-r--r--src/or/policies.c22
1 files changed, 15 insertions, 7 deletions
diff --git a/src/or/policies.c b/src/or/policies.c
index 05377ec205..469a203e2e 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -482,10 +482,12 @@ validate_addr_policies(const or_options_t *options, char **msg)
* Ignore port specifiers.
*/
static int
-load_policy_from_option(config_line_t *config, smartlist_t **policy,
+load_policy_from_option(config_line_t *config, const char *option_name,
+ smartlist_t **policy,
int assume_action)
{
int r;
+ int killed_any_ports = 0;
addr_policy_list_free(*policy);
*policy = NULL;
r = parse_addr_policy(config, policy, assume_action);
@@ -504,9 +506,13 @@ load_policy_from_option(config_line_t *config, smartlist_t **policy,
c = addr_policy_get_canonical_entry(&newp);
SMARTLIST_REPLACE_CURRENT(*policy, n, c);
addr_policy_free(n);
+ killed_any_ports = 1;
}
} SMARTLIST_FOREACH_END(n);
}
+ if (killed_any_ports) {
+ log_warn(LD_CONFIG, "Ignoring ports in %s option.", option_name);
+ }
return 0;
}
@@ -516,20 +522,22 @@ int
policies_parse_from_options(const or_options_t *options)
{
int ret = 0;
- if (load_policy_from_option(options->SocksPolicy, &socks_policy, -1) < 0)
+ if (load_policy_from_option(options->SocksPolicy, "SocksPolicy",
+ &socks_policy, -1) < 0)
ret = -1;
- if (load_policy_from_option(options->DirPolicy, &dir_policy, -1) < 0)
+ if (load_policy_from_option(options->DirPolicy, "DirPolicy",
+ &dir_policy, -1) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirReject,
+ if (load_policy_from_option(options->AuthDirReject, "AuthDirReject",
&authdir_reject_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirInvalid,
+ if (load_policy_from_option(options->AuthDirInvalid, "AuthDirInvalid",
&authdir_invalid_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirBadDir,
+ if (load_policy_from_option(options->AuthDirBadDir, "AuthDirBadDir",
&authdir_baddir_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirBadExit,
+ if (load_policy_from_option(options->AuthDirBadExit, "AuthDirBadExit",
&authdir_badexit_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
if (parse_reachable_addresses() < 0)