diff options
| author | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2016-01-21 12:58:59 +1100 |
|---|---|---|
| committer | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2016-01-29 07:16:04 +1100 |
| commit | e991d642ec14d41df9da70442d99861bdb5bfb5b (patch) | |
| tree | 15e781fb298feaeb728c30d0999abcada20ecffd /src/or | |
| parent | 3b8216f2155f224bf66497c71de4cecb55cd83e6 (diff) | |
| download | tor-e991d642ec14d41df9da70442d99861bdb5bfb5b.tar.gz tor-e991d642ec14d41df9da70442d99861bdb5bfb5b.zip | |
Add firewall_is_fascist_dir()
Refactor common parts of firewall_is_fascist_or().
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/policies.c | 32 | ||||
| -rw-r--r-- | src/or/policies.h | 1 |
2 files changed, 26 insertions, 7 deletions
diff --git a/src/or/policies.c b/src/or/policies.c index ecc89da1c2..506edec394 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -307,18 +307,36 @@ parse_reachable_addresses(void) return ret; } -/** Return true iff the firewall options, including ClientUseIPv4 0 and - * ClientUseIPv6 0, might block any address:port combination. - */ -int -firewall_is_fascist_or(void) +/* Return true iff ClientUseIPv4 0 or ClientUseIPv6 0 might block any OR or Dir + * address:port combination. */ +static int +firewall_is_fascist_impl(void) { const or_options_t *options = get_options(); /* Assume every non-bridge relay has an IPv4 address. * Clients which use bridges may only know the IPv6 address of their * bridge. */ - return (reachable_or_addr_policy != NULL || options->ClientUseIPv4 == 0 - || (options->ClientUseIPv6 == 0 && options->UseBridges == 1)); + return (options->ClientUseIPv4 == 0 + || (!fascist_firewall_use_ipv6(options) + && options->UseBridges == 1)); +} + +/** Return true iff the firewall options, including ClientUseIPv4 0 and + * ClientUseIPv6 0, might block any OR address:port combination. + */ +int +firewall_is_fascist_or(void) +{ + return (reachable_or_addr_policy != NULL || firewall_is_fascist_impl()); +} + +/** Return true iff the firewall options, including ClientUseIPv4 0 and + * ClientUseIPv6 0, might block any Dir address:port combination. + */ +int +firewall_is_fascist_dir(void) +{ + return (reachable_dir_addr_policy != NULL || firewall_is_fascist_impl()); } /** Return true iff <b>policy</b> (possibly NULL) will allow a diff --git a/src/or/policies.h b/src/or/policies.h index ac4f7ea492..65f10e2ed7 100644 --- a/src/or/policies.h +++ b/src/or/policies.h @@ -30,6 +30,7 @@ typedef enum firewall_connection_t { typedef int exit_policy_parser_cfg_t; int firewall_is_fascist_or(void); +int firewall_is_fascist_dir(void); int fascist_firewall_use_ipv6(const or_options_t *options); int fascist_firewall_prefer_ipv6_orport(const or_options_t *options); int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options); |