diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-10-24 12:33:18 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-11-14 23:16:21 -0500 |
| commit | 2eb7eafc9d789cb5063dd36021412434b656bf75 (patch) | |
| tree | 6fb621cd10a3d41a242d2588c9a533a743570194 /src/or | |
| parent | 462ebb270a10f02573b1847649db45b94c0e0fc3 (diff) | |
| download | tor-2eb7eafc9d789cb5063dd36021412434b656bf75.tar.gz tor-2eb7eafc9d789cb5063dd36021412434b656bf75.zip | |
Add a new family-specific syntax for tor_addr_parse_mask_ports
By default, "*" means "All IPv4 addresses" with
tor_addr_parse_mask_ports, so I won't break anything. But if the new
EXTENDED_STAR flag is provided, then * means "any address", *4 means
"any IPv4 address" (that is, 0.0.0.0/0), and "*6" means "any IPv6
address" (that is, [::]/0).
This is going to let us have a syntax for specifying exit policies in
torrc that won't drive people mad.
Also, add a bunch of unit tests for tor_addr_parse_mask_ports to test
these new features, and to increase coverage.
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/config.c | 1 | ||||
| -rw-r--r-- | src/or/policies.c | 7 | ||||
| -rw-r--r-- | src/or/routerparse.c | 5 |
3 files changed, 8 insertions, 5 deletions
diff --git a/src/or/config.c b/src/or/config.c index 9af55e9233..f8ac67ed38 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -276,6 +276,7 @@ static config_var_t option_vars_[] = { V(HTTPProxyAuthenticator, STRING, NULL), V(HTTPSProxy, STRING, NULL), V(HTTPSProxyAuthenticator, STRING, NULL), + // V(IPv6EXit, BOOL, "0"), VAR("ServerTransportPlugin", LINELIST, ServerTransportPlugin, NULL), V(Socks4Proxy, STRING, NULL), V(Socks5Proxy, STRING, NULL), diff --git a/src/or/policies.c b/src/or/policies.c index 09ba10bbe7..442377b1c5 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -87,7 +87,8 @@ policy_expand_private(smartlist_t **policy) memcpy(&newpolicy, p, sizeof(addr_policy_t)); newpolicy.is_private = 0; newpolicy.is_canonical = 0; - if (tor_addr_parse_mask_ports(private_nets[i], &newpolicy.addr, + if (tor_addr_parse_mask_ports(private_nets[i], 0, + &newpolicy.addr, &newpolicy.maskbits, &port_min, &port_max)<0) { tor_assert(0); } @@ -1192,8 +1193,8 @@ policy_summary_add_item(smartlist_t *summary, addr_policy_t *p) for (i = 0; private_nets[i]; ++i) { tor_addr_t addr; maskbits_t maskbits; - if (tor_addr_parse_mask_ports(private_nets[i], &addr, - &maskbits, NULL, NULL)<0) { + if (tor_addr_parse_mask_ports(private_nets[i], 0, &addr, + &maskbits, NULL, NULL)<0) { tor_assert(0); } if (tor_addr_compare(&p->addr, &addr, CMP_EXACT) == 0 && diff --git a/src/or/routerparse.c b/src/or/routerparse.c index a333780752..6069c8d3c1 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1280,7 +1280,8 @@ find_single_ipv6_orport(const smartlist_t *list, uint16_t port_min, port_max; tor_assert(t->n_args >= 1); /* XXXX Prop186 the full spec allows much more than this. */ - if (tor_addr_parse_mask_ports(t->args[0], &a, &bits, &port_min, + if (tor_addr_parse_mask_ports(t->args[0], 0, + &a, &bits, &port_min, &port_max) == AF_INET6 && bits == 128 && port_min == port_max) { @@ -3737,7 +3738,7 @@ router_parse_addr_policy(directory_token_t *tok) else newe.policy_type = ADDR_POLICY_ACCEPT; - if (tor_addr_parse_mask_ports(arg, &newe.addr, &newe.maskbits, + if (tor_addr_parse_mask_ports(arg, 0, &newe.addr, &newe.maskbits, &newe.prt_min, &newe.prt_max) < 0) { log_warn(LD_DIR,"Couldn't parse line %s. Dropping", escaped(arg)); return NULL; |