aboutsummaryrefslogtreecommitdiff
path: root/src/test/test_policy.c
diff options
context:
space:
mode:
authorteor (Tim Wilson-Brown) <teor2345@gmail.com>2015-09-14 11:46:58 +1000
committerteor (Tim Wilson-Brown) <teor2345@gmail.com>2015-09-16 00:13:12 +1000
commitd3358a0a05f661f78286d43fcc71d79daa090460 (patch)
tree97ac4142acc945a76077cf16b95c75bf1a108079 /src/test/test_policy.c
parent36ad8d8fdc18e9006cd1316deb79b37c77cf2892 (diff)
downloadtor-d3358a0a05f661f78286d43fcc71d79daa090460.tar.gz
tor-d3358a0a05f661f78286d43fcc71d79daa090460.zip
ExitPolicy accept6/reject6 produces IPv6 wildcard addresses only
In previous versions of Tor, ExitPolicy accept6/reject6 * produced policy entries for IPv4 and IPv6 wildcard addresses. To reduce operator confusion, change accept6/reject6 * to only produce an IPv6 wildcard address. Resolves bug #16069. Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012), released in 0.2.4.7-alpha.
Diffstat (limited to 'src/test/test_policy.c')
-rw-r--r--src/test/test_policy.c44
1 files changed, 41 insertions, 3 deletions
diff --git a/src/test/test_policy.c b/src/test/test_policy.c
index 5e91468e8c..4150b97468 100644
--- a/src/test/test_policy.c
+++ b/src/test/test_policy.c
@@ -77,7 +77,8 @@ test_policies_general(void *arg)
int i;
smartlist_t *policy = NULL, *policy2 = NULL, *policy3 = NULL,
*policy4 = NULL, *policy5 = NULL, *policy6 = NULL,
- *policy7 = NULL;
+ *policy7 = NULL, *policy8 = NULL, *policy9 = NULL,
+ *policy10 = NULL, *policy11 = NULL;
addr_policy_t *p;
tor_addr_t tar;
config_line_t line;
@@ -192,6 +193,30 @@ test_policies_general(void *arg)
tt_assert(p != NULL);
smartlist_add(policy7, p);
+ tt_int_op(0, OP_EQ, policies_parse_exit_policy(NULL, &policy8,
+ EXIT_POLICY_IPV6_ENABLED |
+ EXIT_POLICY_REJECT_PRIVATE |
+ EXIT_POLICY_ADD_DEFAULT, 0));
+
+ tt_assert(policy8);
+
+ tt_int_op(0, OP_EQ, policies_parse_exit_policy(NULL, &policy9,
+ EXIT_POLICY_REJECT_PRIVATE |
+ EXIT_POLICY_ADD_DEFAULT, 0));
+
+ tt_assert(policy9);
+
+ /* accept6 * and reject6 * produce IPv6 wildcards only */
+ policy10 = smartlist_new();
+ p = router_parse_addr_policy_item_from_string("accept6 *:*",-1);
+ tt_assert(p != NULL);
+ smartlist_add(policy10, p);
+
+ policy11 = smartlist_new();
+ p = router_parse_addr_policy_item_from_string("reject6 *:*",-1);
+ tt_assert(p != NULL);
+ smartlist_add(policy11, p);
+
tt_assert(!exit_policy_is_general_exit(policy));
tt_assert(exit_policy_is_general_exit(policy2));
tt_assert(!exit_policy_is_general_exit(NULL));
@@ -200,6 +225,10 @@ test_policies_general(void *arg)
tt_assert(!exit_policy_is_general_exit(policy5));
tt_assert(!exit_policy_is_general_exit(policy6));
tt_assert(!exit_policy_is_general_exit(policy7));
+ tt_assert(exit_policy_is_general_exit(policy8));
+ tt_assert(exit_policy_is_general_exit(policy9));
+ tt_assert(!exit_policy_is_general_exit(policy10));
+ tt_assert(!exit_policy_is_general_exit(policy11));
tt_assert(cmp_addr_policies(policy, policy2));
tt_assert(cmp_addr_policies(policy, NULL));
@@ -208,7 +237,12 @@ test_policies_general(void *arg)
tt_assert(!policy_is_reject_star(policy2, AF_INET));
tt_assert(policy_is_reject_star(policy, AF_INET));
+ tt_assert(policy_is_reject_star(policy10, AF_INET));
+ tt_assert(!policy_is_reject_star(policy10, AF_INET6));
+ tt_assert(policy_is_reject_star(policy11, AF_INET));
+ tt_assert(policy_is_reject_star(policy11, AF_INET6));
tt_assert(policy_is_reject_star(NULL, AF_INET));
+ tt_assert(policy_is_reject_star(NULL, AF_INET6));
addr_policy_list_free(policy);
policy = NULL;
@@ -219,13 +253,13 @@ test_policies_general(void *arg)
line.value = (char*)"accept *:80,reject private:*,reject *:*";
line.next = NULL;
tt_int_op(0, OP_EQ, policies_parse_exit_policy(&line,&policy,
- EXIT_POLICY_IPV6_ENABLED |
+ ~EXIT_POLICY_IPV6_ENABLED |
EXIT_POLICY_ADD_DEFAULT,0));
tt_assert(policy);
//test_streq(policy->string, "accept *:80");
//test_streq(policy->next->string, "reject *:*");
- tt_int_op(smartlist_len(policy),OP_EQ, 4);
+ tt_int_op(smartlist_len(policy),OP_EQ, 9);
/* test policy summaries */
/* check if we properly ignore private IP addresses */
@@ -427,6 +461,10 @@ test_policies_general(void *arg)
addr_policy_list_free(policy5);
addr_policy_list_free(policy6);
addr_policy_list_free(policy7);
+ addr_policy_list_free(policy8);
+ addr_policy_list_free(policy9);
+ addr_policy_list_free(policy10);
+ addr_policy_list_free(policy11);
tor_free(policy_str);
if (sm) {
SMARTLIST_FOREACH(sm, char *, s, tor_free(s));
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion