diff options
| -rw-r--r-- | doc/tor.1.in | 6 | ||||
| -rw-r--r-- | src/or/config.c | 4 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 26 | ||||
| -rw-r--r-- | src/or/or.h | 2 |
4 files changed, 25 insertions, 13 deletions
diff --git a/doc/tor.1.in b/doc/tor.1.in index dac1fc4e0d..b337847f5b 100644 --- a/doc/tor.1.in +++ b/doc/tor.1.in @@ -442,6 +442,12 @@ a safe socks protocol or an unsafe one (see above entry on SafeSocks). This helps to determine whether an application using Tor is possibly leaking DNS requests. (Default: 0) +.LP +.TP +\fBVirutalAddrNetwork \fR\fIAddress\fB/\fIbits\fP +When a controller asks for a virtual (unused) address with the +'MAPADDRESS' command, Tor picks an unassigned address from this range. +(Default: 127.192.0.0/10) .SH SERVER OPTIONS .PP diff --git a/src/or/config.c b/src/or/config.c index b7e2b41a41..830cfc6b97 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -678,7 +678,7 @@ options_act(or_options_t *old_options) size_t len; or_options_t *options = get_options(); int running_tor = options->command == CMD_RUN_TOR; - const char *msg; + char *msg; clear_trusted_dir_servers(); if (options->DirServers) { @@ -2407,7 +2407,7 @@ options_validate(or_options_t *old_options, or_options_t *options, if (rend_config_services(options, 1) < 0) REJECT("Failed to configure rendezvous options. See logs for details."); - if (parse_virtual_addr_network(options->VirtualAddrNetwork, 1, msg)<0) + if (parse_virtual_addr_network(options->VirtualAddrNetwork, 1, NULL)<0) return -1; return 0; diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 9c59e2d049..82f3eb0d49 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -764,38 +764,41 @@ static uint32_t next_virtual_addr = 0x7fc00000u; /** Read a netmask of the form 127.192.0.0/10 from "val", and check whether * it's a valid set of virtual addresses to hand out in response to MAPADDRESS - * requests. Return 0 on success; set *msg and return -1 on failure. If - * validate_only is false, sets the actual virtual address range to the parsed - * value. */ + * requests. Return 0 on success; set *msg (if provided) to a newly allocated + * string and return -1 on failure. If validate_only is false, sets the + * actual virtual address range to the parsed value. */ int parse_virtual_addr_network(const char *val, int validate_only, - const char **msg) + char **msg) { uint32_t addr, mask; uint16_t port_min, port_max; int bits; if (parse_addr_and_port_range(val, &addr, &mask, &port_min, &port_max)) { - *msg = "Error parsing VirtualAddressNetwork"; + if (msg) *msg = tor_strdup("Error parsing VirtualAddressNetwork"); return -1; } if (port_min != 1 || port_max != 65535) { - *msg = "Can't specify ports on VirtualAddressNetwork"; + if (msg) *msg = tor_strdup("Can't specify ports on VirtualAddressNetwork"); return -1; } bits = addr_mask_get_bits(mask); if (bits < 0) { - *msg = "VirtualAddressNetwork must have a mask that can be expressed " - "as a prefix"; + if (msg) *msg = tor_strdup("VirtualAddressNetwork must have a mask that " + "can be expressed as a prefix"); return -1; } +#if 0 if (bits > 16) { - *msg = "VirtualAddressNetwork expects a class B network or larger"; + if (msg) *msg = tor_strdup("VirtualAddressNetwork expects a class B " + "network or larger"); return -1; } +#endif if (validate_only) return 0; @@ -848,7 +851,9 @@ addressmap_get_virtual_address(int type) } while (strmap_get(addressmap, buf)); return tor_strdup(buf); } else if (type == RESOLVED_TYPE_IPV4) { - uint32_t available = 1u << virtual_addr_netmask_bits; + // This is an imperfect estimate of how many addresses are available, but + // that's ok. + uint32_t available = 1u << (32-virtual_addr_netmask_bits); while (available) { /* Don't hand out any .0 or .255 address. */ while ((next_virtual_addr & 0xff) == 0 || @@ -862,6 +867,7 @@ addressmap_get_virtual_address(int type) ++next_virtual_addr; --available; + log_notice(LD_CONFIG, "%d addrs available", (int)available); if (! --available) { log_warn(LD_CONFIG, "Ran out of virtual addresses!"); return NULL; diff --git a/src/or/or.h b/src/or/or.h index ed2836fa11..334f5d029f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1729,7 +1729,7 @@ int addressmap_already_mapped(const char *address); void addressmap_register(const char *address, char *new_address, time_t expires); int parse_virtual_addr_network(const char *val, int validate_only, - const char **msg); + char **msg); int client_dns_incr_failures(const char *address); void client_dns_clear_failures(const char *address); void client_dns_set_addressmap(const char *address, uint32_t val, |