aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
Diffstat (limited to 'src/or')
-rw-r--r--src/or/config.c13
-rw-r--r--src/or/connection_edge.c40
-rw-r--r--src/or/or.h2
3 files changed, 48 insertions, 7 deletions
diff --git a/src/or/config.c b/src/or/config.c
index 8cfd5087f..ab3ec0989 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -67,6 +67,8 @@ static config_abbrev_t _option_abbrevs[] = {
PLURAL(StrictExitNode),
{ "l", "Log", 1, 0},
{ "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
+ { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
+ { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
{ "BandwidthRateBytes", "BandwidthRate", 0, 0},
{ "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
{ "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
@@ -133,6 +135,8 @@ static config_var_t _option_vars[] = {
VAR("AuthDirRejectUnlisted",BOOL, AuthDirRejectUnlisted,"0"),
VAR("AuthDirListBadExits", BOOL, AuthDirListBadExits, "0"),
VAR("AuthoritativeDirectory",BOOL, AuthoritativeDir, "0"),
+ VAR("AutomapHostsOnResolve",BOOL, AutomapHostsOnResolve,"0"),
+ VAR("AutomapHostsSuffixes",CSV, AutomapHostsSuffixes, ".onion,.exit"),
VAR("AvoidDiskWrites", BOOL, AvoidDiskWrites, "0"),
VAR("BandwidthBurst", MEMUNIT, BandwidthBurst, "6 MB"),
VAR("BandwidthRate", MEMUNIT, BandwidthRate, "3 MB"),
@@ -2909,6 +2913,15 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->PreferTunneledDirConns && !options->TunnelDirConns)
REJECT("Must set TunnelDirConns if PreferTunneledDirConns is set.");
+ if (options->AutomapHostsSuffixes) {
+ SMARTLIST_FOREACH(options->AutomapHostsSuffixes, char *, suf,
+ {
+ size_t len = strlen(suf);
+ if (len && suf[len-1] == '.')
+ suf[len-1] = '\0';
+ });
+ }
+
return 0;
#undef REJECT
#undef COMPLAIN
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index e2b4f1b02..b6253175c 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -669,7 +669,7 @@ addressmap_rewrite(char *address, size_t maxlen)
return (rewrites > 0); /* done, no rewrite needed */
cp = tor_strdup(escaped_safe_str(ent->new_address));
- log_info(LD_APP, "Addressmap: rewriting %s to %s",
+ log_notice(LD_APP, "Addressmap: rewriting %s to %s",
escaped_safe_str(address), cp);
tor_free(cp);
strlcpy(address, ent->new_address, maxlen);
@@ -1009,7 +1009,7 @@ addressmap_get_virtual_address(int type)
++next_virtual_addr;
--available;
- log_notice(LD_CONFIG, "%d addrs available", (int)available);
+ log_info(LD_CONFIG, "%d addrs available", (int)available);
if (! --available) {
log_warn(LD_CONFIG, "Ran out of virtual addresses!");
return NULL;
@@ -1067,6 +1067,7 @@ addressmap_register_virtual_address(int type, char *new_address)
tor_free(*addrp);
*addrp = addressmap_get_virtual_address(type);
+ log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
addressmap_register(*addrp, new_address, 2);
#if 0
@@ -1081,7 +1082,7 @@ addressmap_register_virtual_address(int type, char *new_address)
tor_assert(!strcasecmp(*addrp,
(type == RESOLVED_TYPE_IPV4) ?
vent->ipv4_address : vent->hostname_address));
- log_fn(LOG_INFO, "Map from %s to %s okay.",
+ log_info(LD_APP, "Map from %s to %s okay.",
safe_str(*addrp),safe_str(new_address));
}
#endif
@@ -1176,12 +1177,34 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
{
socks_request_t *socks = conn->socks_request;
hostname_type_t addresstype;
+ or_options_t *options = get_options();
+ struct in_addr addr_tmp;
+ int automap = 0;
tor_strlower(socks->address); /* normalize it */
log_debug(LD_APP,"Client asked for %s:%d",
safe_str(socks->address),
socks->port);
+ if (socks->command == SOCKS_COMMAND_RESOLVE &&
+ !tor_inet_aton(socks->address, &addr_tmp) &&
+ options->AutomapHostsOnResolve && options->AutomapHostsSuffixes) {
+ SMARTLIST_FOREACH(options->AutomapHostsSuffixes, const char *, cp,
+ if (!strcasecmpend(socks->address, cp)) {
+ automap = 1;
+ break;
+ });
+ if (automap) {
+ const char *new_addr;
+ new_addr = addressmap_register_virtual_address(
+ RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
+ tor_assert(new_addr);
+ log_info(LD_APP, "Automapping %s to %s",
+ escaped_safe_str(socks->address), safe_str(new_addr));
+ strlcpy(socks->address, new_addr, sizeof(socks->address));
+ }
+ }
+
if (socks->command == SOCKS_COMMAND_RESOLVE_PTR) {
if (addressmap_rewrite_reverse(socks->address, sizeof(socks->address))) {
connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_HOSTNAME,
@@ -1192,15 +1215,15 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
return 0;
}
- } else {
- /* For address map controls, remap the address */
+ } else if (!automap) {
+ /* For address map controls, remap the address. */
if (addressmap_rewrite(socks->address, sizeof(socks->address))) {
control_event_stream_status(conn, STREAM_EVENT_REMAP,
REMAP_STREAM_SOURCE_CACHE);
}
}
- if (address_is_in_virtual_range(socks->address)) {
+ if (!automap && address_is_in_virtual_range(socks->address)) {
/* This address was probably handed out by client_dns_get_unmapped_address,
* but the mapping was discarded for some reason. We *don't* want to send
* the address through Tor; that's likely to fail, and may leak
@@ -1229,6 +1252,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
/* foo.exit -- modify conn->chosen_exit_node to specify the exit
* node, and conn->address to hold only the address portion.*/
char *s = strrchr(socks->address,'.');
+ tor_assert(!automap);
if (s) {
if (s[1] != '\0') {
conn->chosen_exit_name = tor_strdup(s+1);
@@ -1294,8 +1318,10 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
return 0;
}
+ tor_assert(!automap);
rep_hist_note_used_resolve(time(NULL)); /* help predict this next time */
} else if (socks->command == SOCKS_COMMAND_CONNECT) {
+ tor_assert(!automap);
if (socks->port == 0) {
log_notice(LD_APP,"Application asked to connect to port 0. Refusing.");
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
@@ -1340,7 +1366,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
/* it's a hidden-service request */
rend_cache_entry_t *entry;
int r;
-
+ tor_assert(!automap);
if (SOCKS_COMMAND_IS_RESOLVE(socks->command)) {
/* if it's a resolve request, fail it right now, rather than
* building all the circuits and then realizing it won't work. */
diff --git a/src/or/or.h b/src/or/or.h
index a61e5efc7..31d1c36f1 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1822,6 +1822,8 @@ typedef struct {
int TrackHostExitsExpire; /**< Number of seconds until we expire an
* addressmap */
config_line_t *AddressMap; /**< List of address map directives. */
+ int AutomapHostsOnResolve; /**< DOCDOC */
+ smartlist_t *AutomapHostsSuffixes; /**< DOCDOC */
int RendPostPeriod; /**< How often do we post each rendezvous service
* descriptor? Remember to publish them independently. */
int KeepalivePeriod; /**< How often do we send padding cells to keep