From 5109de562604c334fee2a0778ff15ad93a4b1191 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 12 Nov 2004 19:39:13 +0000 Subject: [PATCH] Rename exit_policy to addr_policy, since it gets used for SOCKS and directory connections too. Make all policies get validated in options_validate, and make SOCKS/directory policies get set in options_act. svn:r2819 --- doc/TODO | 12 ++++++++--- src/or/config.c | 44 ++++++++++++++++++++++++++++++---------- src/or/connection_edge.c | 20 ++++++++---------- src/or/directory.c | 22 ++++++++------------ src/or/or.h | 32 +++++++++++++++-------------- src/or/relay.c | 4 ++-- src/or/router.c | 12 +++++------ src/or/routerlist.c | 26 ++++++++++++------------ src/or/routerparse.c | 38 ++++++++++++++++++---------------- src/or/test.c | 6 +++--- 10 files changed, 121 insertions(+), 95 deletions(-) diff --git a/doc/TODO b/doc/TODO index ef27fa3d55..7147a8ab47 100644 --- a/doc/TODO +++ b/doc/TODO @@ -48,13 +48,19 @@ ARMA - arma claims 0.0.9pre6: - Oct 20 16:45:10.237 [warn] parse_addr_port(): Port '0' out of range - - clean up parse_*_policy code - - when you hup, they're not getting re-parsed - - stop calling a *_policy an exit_policy_t + o clean up parse_*_policy code + o when you hup, they're not getting re-parsed + o stop calling a *_policy an exit_policy_t + - Regenerate our server descriptor when a relevant option is changed from + control.c. - Writing out the machine-readable torrc file - fix print_usage() - Download and use running-routers - document signals in man page + - Document all undocumented configuration options. + - Accounting + - Control interface authentication + - ... ? N - RPMs o Merge changes from jbash - Figure out versioning diff --git a/src/or/config.c b/src/or/config.c index 0e77d88e9b..dadaadbad9 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -257,7 +257,6 @@ options_act(void) { if (set_max_file_descriptors(options->MaxConn) < 0) return -1; - mark_logs_temp(); /* Close current logs once new logs are open. */ if (config_init_logs(options, 0)<0) /* Configure the log(s) */ return -1; @@ -295,6 +294,10 @@ options_act(void) { if(options->PidFile) write_pidfile(options->PidFile); + /* Update address policies. */ + parse_socks_policy(); + parse_dir_policy(); + init_cookie_authentication(options->CookieAuthentication); /* reload keys as needed for rendezvous services. */ @@ -987,6 +990,7 @@ options_validate(or_options_t *options) int i; int result = 0; struct config_line_t *cl; + struct addr_policy_t *addr_policy=NULL; if (options->ORPort < 0 || options->ORPort > 65535) { log(LOG_WARN, "ORPort option out of bounds."); @@ -1201,6 +1205,20 @@ options_validate(or_options_t *options) result = -1; } + if (config_parse_addr_policy(options->ExitPolicy, &addr_policy)) { + log_fn(LOG_WARN, "Error in Exit Policy entry."); + result = -1; + } + if (config_parse_addr_policy(options->DirPolicy, &addr_policy)) { + log_fn(LOG_WARN, "Error in DirPolicy entry."); + result = -1; + } + if (config_parse_addr_policy(options->SocksPolicy, &addr_policy)) { + log_fn(LOG_WARN, "Error in SocksPolicy entry."); + result = -1; + } + addr_policy_free(addr_policy); + for (cl = options->RedirectExit; cl; cl = cl->next) { if (parse_redirect_line(NULL, cl)<0) result = -1; @@ -1728,17 +1746,19 @@ normalize_log_options(or_options_t *options) /** * Given a linked list of config lines containing "allow" and "deny" tokens, - * parse them and place the result in dest. Skip malformed lines. + * parse them and append the result to dest. Return -1 if any tokens + * are malformed, else return 0. */ -void -config_parse_exit_policy(struct config_line_t *cfg, - struct exit_policy_t **dest) +int +config_parse_addr_policy(struct config_line_t *cfg, + struct addr_policy_t **dest) { - struct exit_policy_t **nextp; + struct addr_policy_t **nextp; smartlist_t *entries; + int r = 0; if (!cfg) - return; + return 0; nextp = dest; @@ -1751,23 +1771,25 @@ config_parse_exit_policy(struct config_line_t *cfg, SMARTLIST_FOREACH(entries, const char *, ent, { log_fn(LOG_DEBUG,"Adding new entry '%s'",ent); - *nextp = router_parse_exit_policy_from_string(ent); + *nextp = router_parse_addr_policy_from_string(ent); if (*nextp) { nextp = &((*nextp)->next); } else { - log_fn(LOG_WARN,"Malformed exit policy %s; skipping.", ent); + log_fn(LOG_WARN,"Malformed policy %s.", ent); + r = -1; } }); SMARTLIST_FOREACH(entries, char *, ent, tor_free(ent)); smartlist_clear(entries); } smartlist_free(entries); + return r; } /** Release all storage held by p */ void -exit_policy_free(struct exit_policy_t *p) { - struct exit_policy_t *e; +addr_policy_free(struct addr_policy_t *p) { + struct addr_policy_t *e; while (p) { e = p; diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 10bdac7a77..7467d2b2a9 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -12,12 +12,12 @@ #include "or.h" #include "tree.h" -static struct exit_policy_t *socks_policy = NULL; +static struct addr_policy_t *socks_policy = NULL; /* List of exit_redirect_t */ static smartlist_t *redirect_exit_list = NULL; static int connection_ap_handshake_process_socks(connection_t *conn); -static void parse_socks_policy(void); +void parse_socks_policy(void); /** Handle new bytes on conn->inbuf, or notification of eof. * @@ -999,7 +999,7 @@ int connection_ap_can_use_exit(connection_t *conn, routerinfo_t *exit) return tor_version_as_new_as(exit->platform, "0.0.9pre1"); } addr = client_dns_lookup_entry(conn->socks_request->address); - if(router_compare_addr_to_exit_policy(addr, + if(router_compare_addr_to_addr_policy(addr, conn->socks_request->port, exit->exit_policy) < 0) return 0; return 1; @@ -1011,14 +1011,15 @@ int connection_ap_can_use_exit(connection_t *conn, routerinfo_t *exit) * is parsed, and put the processed version in &socks_policy. * Ignore port specifiers. */ -static void parse_socks_policy(void) +void +parse_socks_policy(void) { - struct exit_policy_t *n; + struct addr_policy_t *n; if (socks_policy) { - exit_policy_free(socks_policy); + addr_policy_free(socks_policy); socks_policy = NULL; } - config_parse_exit_policy(get_options()->SocksPolicy, &socks_policy); + config_parse_addr_policy(get_options()->SocksPolicy, &socks_policy); /* ports aren't used. */ for (n=socks_policy; n; n = n->next) { n->prt_min = 1; @@ -1032,13 +1033,10 @@ static void parse_socks_policy(void) int socks_policy_permits_address(uint32_t addr) { int a; - or_options_t *options = get_options(); - if (options->SocksPolicy && !socks_policy) - parse_socks_policy(); if(!socks_policy) /* 'no socks policy' means 'accept' */ return 1; - a = router_compare_addr_to_exit_policy(addr, 1, socks_policy); + a = router_compare_addr_to_addr_policy(addr, 1, socks_policy); if (a==-1) return 0; else if (a==0) diff --git a/src/or/directory.c b/src/or/directory.c index 7649d0fd0e..e0291047ac 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -52,7 +52,7 @@ static int directory_handle_command(connection_t *conn); /********* START VARIABLES **********/ -static struct exit_policy_t *dir_policy = NULL; +static struct addr_policy_t *dir_policy = NULL; #if 0 /* commented out for now, since for now what clients send is different from what servers want to receive */ @@ -69,20 +69,18 @@ char rend_fetch_url[] = "/tor/rendezvous/"; /********* END VARIABLES ************/ -/** A helper function for dir_policy_permits_address() below. - * - * Parse options->DirPolicy in the same way that the exit policy - * is parsed, and put the processed version in &dir_policy. - * Ignore port specifiers. +/** Parse get_options()->DirPolicy, and put the processed version in + * &dir_policy. Ignore port specifiers. */ -static void parse_dir_policy(void) +void +parse_dir_policy(void) { - struct exit_policy_t *n; + struct addr_policy_t *n; if (dir_policy) { - exit_policy_free(dir_policy); + addr_policy_free(dir_policy); dir_policy = NULL; } - config_parse_exit_policy(get_options()->DirPolicy, &dir_policy); + config_parse_addr_policy(get_options()->DirPolicy, &dir_policy); /* ports aren't used. */ for (n=dir_policy; n; n = n->next) { n->prt_min = 1; @@ -96,12 +94,10 @@ static void parse_dir_policy(void) int dir_policy_permits_address(uint32_t addr) { int a; - if (get_options()->DirPolicy && !dir_policy) - parse_dir_policy(); if(!dir_policy) /* 'no dir policy' means 'accept' */ return 1; - a = router_compare_addr_to_exit_policy(addr, 1, dir_policy); + a = router_compare_addr_to_addr_policy(addr, 1, dir_policy); if (a==-1) return 0; else if (a==0) diff --git a/src/or/or.h b/src/or/or.h index 1008fd3499..dcd38e8ccc 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -571,20 +571,20 @@ struct connection_t { typedef struct connection_t connection_t; -#define EXIT_POLICY_ACCEPT 1 -#define EXIT_POLICY_REJECT 2 +#define ADDR_POLICY_ACCEPT 1 +#define ADDR_POLICY_REJECT 2 -/** A linked list of exit policy rules */ -struct exit_policy_t { - char policy_type; /**< One of EXIT_POLICY_ACCEPT or EXIT_POLICY_REJECT. */ +/** A linked list of policy rules */ +struct addr_policy_t { + char policy_type; /**< One of ADDR_POLICY_ACCEPT or ADDR_POLICY_REJECT. */ char *string; /**< String representation of this rule. */ uint32_t addr; /**< Base address to accept or reject. */ - uint32_t msk; /**< Accept/reject all addresses a such that a & msk == - * addr & msk . */ + uint32_t msk; /**< Accept/reject all addresses a such that + * a & msk == addr & msk . */ uint16_t prt_min; /**< Lowest port number to accept/reject. */ uint16_t prt_max; /**< Highest port number to accept/reject. */ - struct exit_policy_t *next; /**< Next rule in list. */ + struct addr_policy_t *next; /**< Next rule in list. */ }; /** Information about another onion router in the network. */ @@ -612,7 +612,7 @@ typedef struct { uint32_t bandwidthburst; /**< How large is this OR's token bucket? */ /** How many bytes/s is this router known to handle? */ uint32_t bandwidthcapacity; - struct exit_policy_t *exit_policy; /**< What streams will this OR permit + struct addr_policy_t *exit_policy; /**< What streams will this OR permit * to exit? */ long uptime; /**< How many seconds the router claims to have been up */ /* local info */ @@ -1108,9 +1108,9 @@ int resolve_my_address(const char *address, uint32_t *addr); void options_init(or_options_t *options); int init_from_config(int argc, char **argv); int config_init_logs(or_options_t *options, int validate_only); -void config_parse_exit_policy(struct config_line_t *cfg, - struct exit_policy_t **dest); -void exit_policy_free(struct exit_policy_t *p); +int config_parse_addr_policy(struct config_line_t *cfg, + struct addr_policy_t **dest); +void addr_policy_free(struct addr_policy_t *p); int config_option_is_recognized(const char *key); struct config_line_t *config_get_assigned_option(or_options_t *options, const char *key); @@ -1217,6 +1217,7 @@ int client_dns_incr_failures(const char *address); void client_dns_set_entry(const char *address, uint32_t val); void client_dns_clean(void); void set_exit_redirects(smartlist_t *lst); +void parse_socks_policy(void); /********************************* connection_or.c ***************************/ @@ -1287,6 +1288,7 @@ void directory_get_from_dirserver(uint8_t purpose, const char *resource); int connection_dir_process_inbuf(connection_t *conn); int connection_dir_finished_flushing(connection_t *conn); int connection_dir_finished_connecting(connection_t *conn); +void parse_dir_policy(void); /********************************* dirserv.c ***************************/ @@ -1559,8 +1561,8 @@ void router_mark_as_down(const char *digest); void routerlist_remove_old_routers(int age); int router_load_routerlist_from_directory(const char *s,crypto_pk_env_t *pkey, int check_version); -int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port, - struct exit_policy_t *policy); +int router_compare_addr_to_addr_policy(uint32_t addr, uint16_t port, + struct addr_policy_t *policy); #define ADDR_POLICY_ACCEPTED 0 #define ADDR_POLICY_REJECTED -1 #define ADDR_POLICY_UNKNOWN 1 @@ -1606,7 +1608,7 @@ int router_parse_routerlist_from_directory(const char *s, running_routers_t *router_parse_runningrouters(const char *str); routerinfo_t *router_parse_entry_from_string(const char *s, const char *end); int router_add_exit_policy_from_string(routerinfo_t *router, const char *s); -struct exit_policy_t *router_parse_exit_policy_from_string(const char *s); +struct addr_policy_t *router_parse_addr_policy_from_string(const char *s); int check_software_version_against_directory(const char *directory, int ignoreversion); int tor_version_parse(const char *s, tor_version_t *out); diff --git a/src/or/relay.c b/src/or/relay.c index b5ee04ade9..5de3c3efd6 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -525,9 +525,9 @@ connection_edge_process_relay_cell_not_open( } if(connection_ap_can_use_exit(conn, exitrouter)) { log_fn(LOG_WARN,"Exitrouter %s seems to be more restrictive than its exit policy. Not using this router as exit for now,", exitrouter->nickname); - exit_policy_free(exitrouter->exit_policy); + addr_policy_free(exitrouter->exit_policy); exitrouter->exit_policy = - router_parse_exit_policy_from_string("reject *:*"); + router_parse_addr_policy_from_string("reject *:*"); } conn->state = AP_CONN_STATE_CIRCUIT_WAIT; diff --git a/src/or/router.c b/src/or/router.c index d2a6fe56ba..1dad84ac53 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -434,9 +434,9 @@ void router_upload_dir_desc_to_dirservers(void) { * rule, then append the default exit policy as well. */ static void router_add_exit_policy_from_config(routerinfo_t *router) { - struct exit_policy_t *ep; + struct addr_policy_t *ep; struct config_line_t default_policy; - config_parse_exit_policy(get_options()->ExitPolicy, &router->exit_policy); + config_parse_addr_policy(get_options()->ExitPolicy, &router->exit_policy); for (ep = router->exit_policy; ep; ep = ep->next) { if (ep->msk == 0 && ep->prt_min <= 1 && ep->prt_max >= 65535) { @@ -449,7 +449,7 @@ static void router_add_exit_policy_from_config(routerinfo_t *router) { default_policy.key = NULL; default_policy.value = (char*)DEFAULT_EXIT_POLICY; default_policy.next = NULL; - config_parse_exit_policy(&default_policy, &router->exit_policy); + config_parse_addr_policy(&default_policy, &router->exit_policy); } /** OR only: Return false if my exit policy says to allow connection to @@ -464,7 +464,7 @@ int router_compare_to_my_exit_policy(connection_t *conn) if (!conn->addr) return -1; - return router_compare_addr_to_exit_policy(conn->addr, conn->port, + return router_compare_addr_to_addr_policy(conn->addr, conn->port, desc_routerinfo->exit_policy); } @@ -596,7 +596,7 @@ int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, size_t onion_pkeylen, identity_pkeylen; size_t written; int result=0; - struct exit_policy_t *tmpe; + struct addr_policy_t *tmpe; char *bandwidth_usage; char *family_line; #ifdef DEBUG_ROUTER_DUMP_ROUTER_TO_STRING @@ -698,7 +698,7 @@ int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, in.s_addr = htonl(tmpe->addr); /* Write: "accept 1.2.3.4" */ result = tor_snprintf(s+written, maxlen-written, "%s %s", - tmpe->policy_type == EXIT_POLICY_ACCEPT ? "accept" : "reject", + tmpe->policy_type == ADDR_POLICY_ACCEPT ? "accept" : "reject", tmpe->msk == 0 ? "*" : inet_ntoa(in)); if(result < 0 || result+written > maxlen) { /* apparently different glibcs do different things on tor_snprintf error.. so check both */ diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 33a409a893..d1f29920c3 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -665,7 +665,7 @@ void routerinfo_free(routerinfo_t *router) SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s)); smartlist_free(router->declared_family); } - exit_policy_free(router->exit_policy); + addr_policy_free(router->exit_policy); tor_free(router); } @@ -673,7 +673,7 @@ void routerinfo_free(routerinfo_t *router) routerinfo_t *routerinfo_copy(const routerinfo_t *router) { routerinfo_t *r; - struct exit_policy_t **e, *tmp; + struct addr_policy_t **e, *tmp; r = tor_malloc(sizeof(routerinfo_t)); memcpy(r, router, sizeof(routerinfo_t)); @@ -687,8 +687,8 @@ routerinfo_t *routerinfo_copy(const routerinfo_t *router) r->identity_pkey = crypto_pk_dup_key(r->identity_pkey); e = &r->exit_policy; while (*e) { - tmp = tor_malloc(sizeof(struct exit_policy_t)); - memcpy(tmp,*e,sizeof(struct exit_policy_t)); + tmp = tor_malloc(sizeof(struct addr_policy_t)); + memcpy(tmp,*e,sizeof(struct addr_policy_t)); *e = tmp; (*e)->string = tor_strdup((*e)->string); e = & ((*e)->next); @@ -923,21 +923,21 @@ router_resolve_routerlist(routerlist_t *rl) } /** Decide whether a given addr:port is definitely accepted, definitely - * rejected, or neither by a given exit policy. If addr is 0, we + * rejected, or neither by a given policy. If addr is 0, we * don't know the IP of the target address. * * Returns -1 for "rejected", 0 for "accepted", 1 for "maybe" (since IP is * unknown). */ -int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port, - struct exit_policy_t *policy) +int router_compare_addr_to_addr_policy(uint32_t addr, uint16_t port, + struct addr_policy_t *policy) { int maybe_reject = 0; int maybe_accept = 0; int match = 0; int maybe = 0; struct in_addr in; - struct exit_policy_t *tmpe; + struct addr_policy_t *tmpe; for(tmpe=policy; tmpe; tmpe=tmpe->next) { // log_fn(LOG_DEBUG,"Considering exit policy %s", tmpe->string); @@ -967,16 +967,16 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port, } } if (maybe) { - if (tmpe->policy_type == EXIT_POLICY_REJECT) + if (tmpe->policy_type == ADDR_POLICY_REJECT) maybe_reject = 1; else maybe_accept = 1; } if (match) { in.s_addr = htonl(addr); - log_fn(LOG_DEBUG,"Address %s:%d matches exit policy '%s'", + log_fn(LOG_DEBUG,"Address %s:%d matches policy '%s'", inet_ntoa(in), port, tmpe->string); - if(tmpe->policy_type == EXIT_POLICY_ACCEPT) { + if(tmpe->policy_type == ADDR_POLICY_ACCEPT) { /* If we already hit a clause that might trigger a 'reject', than we * can't be sure of this certain 'accept'.*/ return maybe_reject ? ADDR_POLICY_UNKNOWN : ADDR_POLICY_ACCEPTED; @@ -998,7 +998,7 @@ int router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port) { for (i=0;irouters);i++) { router = smartlist_get(routerlist->routers, i); - if (router->is_running && router_compare_addr_to_exit_policy( + if (router->is_running && router_compare_addr_to_addr_policy( addr, port, router->exit_policy) != ADDR_POLICY_REJECTED) return 0; /* this one could be ok. good enough. */ } @@ -1008,7 +1008,7 @@ int router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port) { /** Return true iff router does not permit exit streams. */ int router_exit_policy_rejects_all(routerinfo_t *router) { - return router_compare_addr_to_exit_policy(0, 0, router->exit_policy) + return router_compare_addr_to_addr_policy(0, 0, router->exit_policy) == ADDR_POLICY_REJECTED; } diff --git a/src/or/routerparse.c b/src/or/routerparse.c index bbfcda4245..bc5ae491ff 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -124,7 +124,7 @@ static struct { /* static function prototypes */ static int router_add_exit_policy(routerinfo_t *router,directory_token_t *tok); -static struct exit_policy_t *router_parse_exit_policy(directory_token_t *tok); +static struct addr_policy_t *router_parse_addr_policy(directory_token_t *tok); static int router_get_hash_impl(const char *s, char *digest, const char *start_str, const char *end_str); static void token_free(directory_token_t *tok); @@ -962,13 +962,13 @@ routerinfo_t *router_parse_entry_from_string(const char *s, /** Parse the exit policy in the string s and return it. */ -struct exit_policy_t * -router_parse_exit_policy_from_string(const char *s) +struct addr_policy_t * +router_parse_addr_policy_from_string(const char *s) { directory_token_t *tok = NULL; const char *cp; char *tmp; - struct exit_policy_t *r; + struct addr_policy_t *r; size_t len, idx; /* *s might not end with \n, so we need to extend it with one. */ @@ -990,7 +990,7 @@ router_parse_exit_policy_from_string(const char *s) } /* Now that we've gotten an exit policy, add it to the router. */ - r = router_parse_exit_policy(tok); + r = router_parse_addr_policy(tok); goto done; err: r = NULL; @@ -1000,10 +1000,11 @@ router_parse_exit_policy_from_string(const char *s) return r; } -int router_add_exit_policy_from_string(routerinfo_t *router, const char *s) +int +router_add_exit_policy_from_string(routerinfo_t *router, const char *s) { - struct exit_policy_t *newe, *tmpe; - newe = router_parse_exit_policy_from_string(s); + struct addr_policy_t *newe, *tmpe; + newe = router_parse_addr_policy_from_string(s); if (!newe) return -1; for (tmpe = router->exit_policy; tmpe; tmpe=tmpe->next) @@ -1013,10 +1014,11 @@ int router_add_exit_policy_from_string(routerinfo_t *router, const char *s) return 0; } -static int router_add_exit_policy(routerinfo_t *router,directory_token_t *tok) +static int +router_add_exit_policy(routerinfo_t *router,directory_token_t *tok) { - struct exit_policy_t *newe, **tmpe; - newe = router_parse_exit_policy(tok); + struct addr_policy_t *newe, **tmpe; + newe = router_parse_addr_policy(tok); if (!newe) return -1; for (tmpe = &router->exit_policy; *tmpe; tmpe=&((*tmpe)->next)) @@ -1028,10 +1030,10 @@ static int router_add_exit_policy(routerinfo_t *router,directory_token_t *tok) /** Given a K_ACCEPT or K_REJECT token and a router, create and return * a new exit_policy_t corresponding to the token. */ -static struct exit_policy_t * -router_parse_exit_policy(directory_token_t *tok) { +static struct addr_policy_t * +router_parse_addr_policy(directory_token_t *tok) { - struct exit_policy_t *newe; + struct addr_policy_t *newe; struct in_addr in; char *arg, *address; @@ -1041,13 +1043,13 @@ router_parse_exit_policy(directory_token_t *tok) { return NULL; arg = tok->args[0]; - newe = tor_malloc_zero(sizeof(struct exit_policy_t)); + newe = tor_malloc_zero(sizeof(struct addr_policy_t)); newe->string = tor_malloc(8+strlen(arg)); tor_snprintf(newe->string, 8+strlen(arg), "%s %s", (tok->tp == K_REJECT) ? "reject" : "accept", arg); - newe->policy_type = (tok->tp == K_REJECT) ? EXIT_POLICY_REJECT - : EXIT_POLICY_ACCEPT; + newe->policy_type = (tok->tp == K_REJECT) ? ADDR_POLICY_REJECT + : ADDR_POLICY_ACCEPT; if (parse_addr_and_port_range(arg, &newe->addr, &newe->msk, &newe->prt_min, &newe->prt_max)) @@ -1057,7 +1059,7 @@ router_parse_exit_policy(directory_token_t *tok) { address = tor_strdup(inet_ntoa(in)); in.s_addr = htonl(newe->msk); log_fn(LOG_DEBUG,"%s %s/%s:%d-%d", - newe->policy_type == EXIT_POLICY_REJECT ? "reject" : "accept", + newe->policy_type == ADDR_POLICY_REJECT ? "reject" : "accept", address, inet_ntoa(in), newe->prt_min, newe->prt_max); tor_free(address); diff --git a/src/or/test.c b/src/or/test.c index 6ad2249dc9..5bf99917a7 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -939,7 +939,7 @@ test_dir_format(void) routerinfo_t r1, r2; crypto_pk_env_t *pk1 = NULL, *pk2 = NULL, *pk3 = NULL; routerinfo_t *rp1 = NULL, *rp2 = NULL; - struct exit_policy_t ex1, ex2; + struct addr_policy_t ex1, ex2; routerlist_t *dir1 = NULL, *dir2 = NULL; tor_version_t ver1; char *bw_lines = NULL; @@ -989,13 +989,13 @@ test_dir_format(void) r1.nickname = tor_strdup("Magri"); r1.platform = tor_strdup(platform); - ex1.policy_type = EXIT_POLICY_ACCEPT; + ex1.policy_type = ADDR_POLICY_ACCEPT; ex1.string = NULL; ex1.addr = 0; ex1.msk = 0; ex1.prt_min = ex1.prt_max = 80; ex1.next = &ex2; - ex2.policy_type = EXIT_POLICY_REJECT; + ex2.policy_type = ADDR_POLICY_REJECT; ex2.addr = 18 << 24; ex2.msk = 0xFF000000u; ex2.prt_min = ex2.prt_max = 24;