summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/or/connection_edge.c27
1 files changed, 21 insertions, 6 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 4f26a6b972..3b6231de87 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1087,23 +1087,38 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out)
{
addressmap_entry_t *ent;
int rewrites;
- char *cp;
time_t expires = TIME_MAX;
for (rewrites = 0; rewrites < 16; rewrites++) {
+ int exact_match = 0;
+ char *addr_orig = tor_strdup(escaped_safe_str_client(address));
+
ent = strmap_get(addressmap, address);
- if (!ent || !ent->new_address)
+ if (!ent || !ent->new_address) {
ent = addressmap_match_superdomains(address);
+ } else {
+ if (ent->src_wildcard && !ent->dst_wildcard &&
+ !strcasecmp(address, ent->new_address)) {
+ /* This is a rule like *.example.com example.com, and we just got
+ * "example.com" */
+ tor_free(addr_orig);
+ if (expires_out)
+ *expires_out = expires;
+ return rewrites > 0;
+ }
+
+ exact_match = 1;
+ }
if (!ent || !ent->new_address) {
+ tor_free(addr_orig);
if (expires_out)
*expires_out = expires;
return (rewrites > 0); /* done, no rewrite needed */
}
- cp = tor_strdup(escaped_safe_str_client(address));
- if (ent->dst_wildcard) {
+ if (ent->dst_wildcard && !exact_match) {
strlcat(address, ".", maxlen);
strlcat(address, ent->new_address, maxlen);
} else {
@@ -1111,10 +1126,10 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out)
}
log_info(LD_APP, "Addressmap: rewriting %s to %s",
- cp, escaped_safe_str_client(address));
+ addr_orig, escaped_safe_str_client(address));
if (ent->expires > 1 && ent->expires < expires)
expires = ent->expires;
- tor_free(cp);
+ tor_free(addr_orig);
}
log_warn(LD_CONFIG,
"Loop detected: we've rewritten %s 16 times! Using it as-is.",