aboutsummaryrefslogtreecommitdiff
path: root/src/test/test_policy.c
AgeCommit message (Collapse)Author
2021-03-12Update copyrights to 2021, using "make update-copyright"Nick Mathewson
2020-08-05Replace several C identifiers for ticket 18106.Nick Mathewson
We used to have a single boolean, "FascistFirewall". Ages ago, in tickets #17840 and #9067, we added an improved "ReachableAddresses" mechanism. It's time to rename related identifiers in the code for consistency. This closes #18106. This is an automated commit, generated by this command: ./scripts/maint/rename_c_identifier.py \ fascist_firewall_allows_address reachable_addr_allows \ fascist_firewall_use_ipv6 reachable_addr_use_ipv6 \ fascist_firewall_prefer_ipv6_impl reachable_addr_prefer_ipv6_impl \ fascist_firewall_prefer_ipv6_orport reachable_addr_prefer_ipv6_orport \ fascist_firewall_prefer_ipv6_dirport reachable_addr_prefer_ipv6_dirport \ fascist_firewall_allows_address_addr reachable_addr_allows_addr \ fascist_firewall_allows_address_ap reachable_addr_allows_ap \ fascist_firewall_allows_base reachable_addr_allows_base \ fascist_firewall_allows_ri_impl reachable_addr_allows_ri_impl \ fascist_firewall_allows_rs_impl reachable_addr_allows_rs_impl \ fascist_firewall_allows_rs reachable_addr_allows_rs \ fascist_firewall_allows_md_impl reachable_addr_allows_md_impl \ fascist_firewall_allows_node reachable_addr_allows_node \ fascist_firewall_allows_dir_server reachable_addr_allows_dir_server \ fascist_firewall_choose_address_impl reachable_addr_choose_impl \ fascist_firewall_choose_address reachable_addr_choose \ fascist_firewall_choose_address_base reachable_addr_choose_base \ fascist_firewall_choose_address_rs reachable_addr_choose_from_rs \ fascist_firewall_choose_address_ls reachable_addr_choose_from_ls \ fascist_firewall_choose_address_node reachable_addr_choose_from_node \ fascist_firewall_choose_address_dir_server reachable_addr_choose_from_dir_server
2020-07-14addr: Use tor_addr_t instead of uint32_t for IPv4David Goulet
This changes a LOT of code but in the end, behavior is the same. Unfortunately, many functions had to be changed to accomodate but in majority of cases, to become simpler. Functions are also removed specifically those that were there to convert an IPv4 as a host format to a tor_addr_t. Those are not needed anymore. The IPv4 address field has been standardized to "ipv4_addr", the ORPort to "ipv4_orport" (currently IPv6 uses ipv6_orport) and DirPort to "ipv4_dirport". This is related to Sponsor 55 work that adds IPv6 support for relays and this work is needed in order to have a common interface between IPv4 and IPv6. Closes #40043. Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-02Allow multiple addresses in extend_info_t.Nick Mathewson
In practice, there will be at most one ipv4 address and ipv6 address for now, but this code is designed to not care which address is which until forced to do so. This patch does not yet actually create extend_info_t objects with multiple addresses. Closes #34069.
2020-07-02Extract extend_info manipulation functions into a new file.Nick Mathewson
2020-03-19Merge branch 'tor-github/pr/1778'George Kadianakis
2020-03-09Remove the ClientAutoIPv6ORPort optionNeel Chauhan
2020-03-08Space out the line.key/line.value in test_policy_summary_helper_family_flags()Neel Chauhan
2020-01-08It's 2020. Update the copyright dates with "make update-copyright"Nick Mathewson
2019-04-24Add firewall_choose_address_ls() and hs_get_extend_info_from_lspecs() testsNeel Chauhan
2019-01-16Bump copyright date to 2019Nick Mathewson
2018-12-01Merge branch 'ticket27490a_squashed'Nick Mathewson
2018-12-01Add regression test for ClientAutoIPv6ORPortNeel Chauhan
2018-10-01Extract addr-policy parsing code.Nick Mathewson
2018-10-01Move routerparse and parsecommon to their own module.Nick Mathewson
2018-08-08Consider all routerinfo errors other than "not a server" transientrl1987
2018-07-05Fix every include path changed in the previous commit (automated)Nick Mathewson
I am very glad to have written this script.
2018-07-01Extract addr_policy_t into a new header.Nick Mathewson
2018-07-01Remove needless includes from or.hNick Mathewson
or.h should really include only the minimum of stuff from or/*, common/*, and lib/*.
2018-06-20Run rectify_include_paths.pyNick Mathewson
2018-06-20Update copyrights to 2018.Nick Mathewson
2018-06-15Extract routerinfo_t into its own header.Nick Mathewson
I was expecting this to be much worse.
2018-06-15Extract routerstatus_t into its own header.Nick Mathewson
2018-06-15Extract node_t into its own header.Nick Mathewson
2018-06-14Make server_port_cfg_t and port_cfg_t into separate headers.Nick Mathewson
2018-05-10Tweak error handling for #25852rl1987
2018-05-10Make _with_err return routerinfo, like old function doesrl1987
2018-05-05Improve GETCONF exit-policy/* error handlingrl1987
This will yield different error codes for transient and permament errors. Furthermore, Tor will give human readable error messages to controller.
2018-05-01Remove the return value from the fascist_firewall_choose_address_* family of ↵Neel Chauhan
functions
2017-12-08Convert the rest of src/common's headers to use FREE_AND_NULLNick Mathewson
2017-08-24Ensure that `make check-spaces` is happy.Alexander Færøy
The `test-operator-cleanup` patch, and related coccinelle patches, don't do any checks for line length. This patch fixes the line length issues caused by the previous commits.
2017-08-24apply ahf's test_assert_null.cocciNick Mathewson
2017-08-24apply ahf's test_assert_int.cocciNick Mathewson
2017-03-15Run the copyright update script.Nick Mathewson
2017-02-15Merge branch 'maint-0.2.9'Nick Mathewson
2017-02-14Fix policies.c instance of the "if (r=(a-b)) return r" patternNick Mathewson
I think this one probably can't underflow, since the input ranges are small. But let's not tempt fate. This patch also replaces the "cmp" functions here with just "eq" functions, since nothing actually checked for anything besides 0 and nonzero. Related to 21278.
2017-02-01Merge branch 'teor_bug21357-v2_029'Nick Mathewson
2017-02-01Scale IPv6 address counts in policy_summary_reject to avoid overflowteor
This disregards anything smaller than an IPv6 /64, and rejects ports that are rejected on an IPv6 /16 or larger. Adjust existing unit tests, and add more to cover exceptional cases. No IPv4 behaviour changes. Fixes bug 21357
2017-02-01Add unit tests for IPv6 address summaries and IPv4 netblock rejectionteor
These tests currently fail due to bug 21357
2017-01-27Outbindbindaddress variants for Exit and OR.Nick Mathewson
Allow separation of exit and relay traffic to different source IP addresses (Ticket #17975). Written by Michael Sonntag.
2016-11-08Merge branch 'maint-0.2.9'Nick Mathewson
2016-10-31policy_is_reject_star():Nick Mathewson
ome policies are default-reject, some default-accept. But policy_is_reject_star() assumed they were all default_reject. Fix that! Also, document that policy_is_reject_star() treats a NULL policy as empty. This allows us to simplify the checks in parse_reachable_addresses() by quite a bit. Fxes bug 20306; bugfix on 0.2.8.2-alpha.
2016-10-27Automated change to use smartlist_add_strdupovercaffeinated
Use the following coccinelle script to change uses of smartlist_add(sl, tor_strdup(str)) to smartlist_add_strdup(sl, string) (coccinelle script from nickm via bug 20048): @@ expression a; expression b; @@ - smartlist_add + smartlist_add_strdup (a, - tor_strdup( b - ) )
2016-07-28Merge branch 'bug18902_squashed'Nick Mathewson
2016-07-28Fix all -Wshadow warnings on LinuxNick Mathewson
This is a partial fix for 18902.
2016-07-01Avoid disclosing exit IP addresses in exit policies by defaultteor (Tim Wilson-Brown)
From 0.2.7.2-alpha onwards, Exits would reject all the IP addresses they knew about in their exit policy. But this may have disclosed addresses that were otherwise unlisted. Now, only advertised addresses are rejected by default by ExitPolicyRejectPrivate. All known addresses are only rejected when ExitPolicyRejectLocalInterfaces is explicitly set to 1.
2016-06-30Fix more naked strdup/malloc/free instancesNick Mathewson
2016-06-11Add -Wmissing-variable-declarations, with attendant fixesNick Mathewson
This is a big-ish patch, but it's very straightforward. Under this clang warning, we're not actually allowed to have a global variable without a previous extern declaration for it. The cases where we violated this rule fall into three roughly equal groups: * Stuff that should have been static. * Stuff that was global but where the extern was local to some other C file. * Stuff that was only global when built for the unit tests, that needed a conditional extern in the headers. The first two were IMO genuine problems; the last is a wart of how we build tests.
2016-04-28Make mock function static to prevent future clashesteor (Tim Wilson-Brown)
2016-02-27Update the copyright year.Nick Mathewson