aboutsummaryrefslogtreecommitdiff
path: root/src/or/policies.c
Commit message (Expand)AuthorAge
* Rename log() to tor_log() for logging•••This is meant to avoid conflict with the built-in log() function in math.h. It resolves ticket 7599. First reported by dhill. This was generated with the following perl script: #!/usr/bin/perl -w -i -p s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g; s/\blog\(/tor_log\(/g; Nick Mathewson2013-02-01
* Rename *_isin to *_contains•••This is an automatically generated commit, from the following perl script, run with the options "-w -i -p". s/smartlist_string_num_isin/smartlist_contains_int_as_string/g; s/smartlist_string_isin((?:_case)?)/smartlist_contains_string$1/g; s/smartlist_digest_isin/smartlist_contains_digest/g; s/smartlist_isin/smartlist_contains/g; s/digestset_isin/digestset_contains/g; Nick Mathewson2013-01-16
* Update the copyright date to 201.Nick Mathewson2013-01-16
* fix some typosRoger Dingledine2012-12-03
* Fix a bug in policy_is_reject_star() that was making IPv4 exits break•••IPv4-only exits have an implicit "reject [::]/0", which was making policy_is_reject_star() return 1 for them, making us refuse to do hostname lookups. This fix chanes policy_is_reject_star() to ask about which family we meant. Nick Mathewson2012-11-14
* Add an IPv6Exit configuration option•••Don't advertise an IPv6 exit policy, or accept IPv6 exit requests, if IPv6Exit is not true. Nick Mathewson2012-11-14
* Add IPv6 support to compare_to_addr_to_node_policyNick Mathewson2012-11-14
* Better policy support for IPv6•••Now, "accept *:80" means "accept all addresses on port 80", and not just IPv4. For just v4, say "accept *4:80"; for just v6 say "accept *6:80". We can parse these policies from torrc just fine, and we should be successfully keeping them out of descriptors for now. We also now include appropriate IPv6 addresses in "reject private:*" Nick Mathewson2012-11-14
* Add a new family-specific syntax for tor_addr_parse_mask_ports•••By default, "*" means "All IPv4 addresses" with tor_addr_parse_mask_ports, so I won't break anything. But if the new EXTENDED_STAR flag is provided, then * means "any address", *4 means "any IPv4 address" (that is, 0.0.0.0/0), and "*6" means "any IPv6 address" (that is, [::]/0). This is going to let us have a syntax for specifying exit policies in torrc that won't drive people mad. Also, add a bunch of unit tests for tor_addr_parse_mask_ports to test these new features, and to increase coverage. Nick Mathewson2012-11-14
* Merge remote-tracking branch 'linus/bug5053-bug5055'•••Conflicts: src/or/geoip.c Nick Mathewson2012-11-04
|\
| * Name variables more consistently.Linus Nordberg2012-10-22
| * Add GeoIP database for IPv6 addressesnils2012-10-17
| * Rename address family specific IPv4 geoip functions in preparation for IPv6 s...nils2012-10-17
* | Merge branch 'maint-0.2.3'Roger Dingledine2012-10-23
|\ \
| * | Let 0.2.3 clients exit to internal addresses if they want•••Clients now consider the ClientRejectInternalAddresses config option when using a microdescriptor consensus stanza to decide whether an exit relay would allow exiting to an internal address. Fixes bug 7190; bugfix on 0.2.3.1-alpha. Roger Dingledine2012-10-23
* | | fix typoRoger Dingledine2012-10-23
* | | Merge remote-tracking branch 'origin/maint-0.2.3'Nick Mathewson2012-10-23
|\| | | |/ |/|
| * Fix parse_short_policy (bug 7192.)•••Our implementation of parse_short_policy was screwed up: it would ignore the last character of every short policy. Obviously, that's broken. This patch fixes the busted behavior, and adds a bunch of unit tests to make sure the rest of that function is okay. Fixes bug 7192; fix on 0.2.3.1-alpha. Nick Mathewson2012-10-23
| * add a unit test to expose bug 7192Roger Dingledine2012-10-22
* | Merge remote-tracking branch 'origin/maint-0.2.3'Nick Mathewson2012-08-27
|\|
| * Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3•••Conflicts: src/or/policies.c Nick Mathewson2012-08-27
| |\
| | * Do not assert when comparing a null address/port against a policy•••This can create a remote crash opportunity for/against directory authorities. Nick Mathewson2012-08-27
* | | Merge remote-tracking branch 'public/bug5124'Nick Mathewson2012-08-17
|\ \ \ | |/ / |/| |
| * | Never emit the "opt" prefix in any directory stuff•••Fix for bug 5124. Nick Mathewson2012-06-28
* | | Change all SMARTLIST_FOREACH loops of >=10 lines to use BEGIN/END•••The SMARTLIST_FOREACH macro is more convenient than BEGIN/END when you have a nice short loop body, but using it for long bodies makes your preprocessor tell the compiler that all the code is on the same line. That causes grief, since compiler warnings and debugger lines will all refer to that one line. So, here's a new style rule: SMARTLIST_FOREACH blocks need to be short. Nick Mathewson2012-07-17
|/ /
* | Update copyright dates to 2012; add a few missing copyright statementsNick Mathewson2012-06-04
* | Add about 60 more DOCDOC comments to 0.2.3•••Also, try to resolve some doxygen issues. First, define a magic "This is doxygen!" macro so that we take the correct branch in various #if/#else/#endifs in order to get the right documentation. Second, add in a few grouping @{ and @} entries in order to get some variables and fields to get grouped together. Nick Mathewson2012-06-04
* | whitespace fixRoger Dingledine2012-02-29
* | document a cool attack that we evaluatedRoger Dingledine2012-02-17
* | Rename nonconformant identifiers.•••Fixes bug 4893. These changes are pure mechanical, and were generated with this perl script: /usr/bin/perl -w -i.bak -p s/crypto_pk_env_t/crypto_pk_t/g; s/crypto_dh_env_t/crypto_dh_t/g; s/crypto_cipher_env_t/crypto_cipher_t/g; s/crypto_digest_env_t/crypto_digest_t/g; s/aes_free_cipher/aes_cipher_free/g; s/crypto_free_cipher_env/crypto_cipher_free/g; s/crypto_free_digest_env/crypto_digest_free/g; s/crypto_free_pk_env/crypto_pk_free/g; s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g; s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g; s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g; s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g; s/crypto_new_cipher_env/crypto_cipher_new/g; s/crypto_new_digest_env/crypto_digest_new/g; s/crypto_new_digest256_env/crypto_digest256_new/g; s/crypto_new_pk_env/crypto_pk_new/g; s/crypto_create_crypto_env/crypto_cipher_new/g; s/connection_create_listener/connection_listener_new/g; s/smartlist_create/smartlist_new/g; s/transport_create/transport_new/g; Nick Mathewson2012-01-18
* | fix crash bug in original feature4207 branch•••PLURAL() assumes that the plural is the canonical name for the option, so now it is. Roger Dingledine2012-01-16
* | Convert instances of tor_malloc+tor_snprintf into tor_asprintf•••These were found by looking for tor_snprintf() instances that were preceeded closely by tor_malloc(), though I probably converted some more snprintfs as well. (In every case, make sure that the length variable (if any) is removed, renamed, or lowered, so that anything else that might have assumed a longer buffer doesn't exist.) Nick Mathewson2012-01-16
* | Comment fixups on 4207 suggested by armaNick Mathewson2012-01-16
* | Allow authorities to baddir/badexit/invalid/reject nodes by cc•••Implements ticket #4207 Nick Mathewson2012-01-13
* | Remove compare_addr_to_node_policy•••Instead, use compare_tor_addr_to_node_policy everywhere. One advantage of this is that compare_tor_addr_to_node_policy can better distinguish 0.0.0.0 from "unknown", which caused a nasty bug with microdesc users. Nick Mathewson2011-07-15
* | Treat null address as "unknown", not "rejected" in md policy•••Previously, we had an issue where we'd treat an unknown address as 0, which turned into "0.0.0.0", which looked like a rejected address. This meant in practice that as soon as we started doing comparisons of unknown uint32 addresses to short policies, we'd get 'rejected' right away. Because of the circumstances under which this would be called, it would only happen when we had local DNS cached entries and we were looking to launch new circuits. Nick Mathewson2011-07-15
* | Remove compare_addr_to_addr_policy•••Nothing used it but the unit tests; everything else knows to use compare_tor_addr_to_addr_policy instead. Nick Mathewson2011-07-15
* | Remove a redundant condition in compare_addr_to_node_policy•••A && A == A. Found by frosty_un Nick Mathewson2011-07-08
* | Don't shadow parameters with local variables•••This is a little error-prone when the local has a different type from the parameter, and is very error-prone with both have the same type. Let's not do this. Fixes CID #437,438,439,440,441. Nick Mathewson2011-07-01
* | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to generate (slightly) better code, and will make me get slightly fewer patches from folks who stick mutable stuff into or_options_t. const: because not every input is an output! Nick Mathewson2011-06-14
* | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-06-14
|\|
| * Don't use signed 1-bit bitfields•••This was harmless, we never compared it to anything but itself or 0. But Coverity complained, and it had a point. Sebastian Hahn2011-06-08
* | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-03-06
|\|
| * Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts: src/or/policies.c Nick Mathewson2011-03-06
| |\
| | * exit_policy_is_general_exit is IPv4 only; it should admit it.Nick Mathewson2011-03-06
* | | Merge remote branch 'origin/maint-0.2.2'•••Conflicts: src/or/policies.c src/or/policies.h Nick Mathewson2011-02-22
|\| |
| * | Don't let bad DNS make exit policy and declared exit policy get out of sync•••Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha. Nick Mathewson2011-02-22
* | | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-01-20
|\| |
| * | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2011-01-20
| |\|
| | * Fix bounds-checking in policy_summarize•••Found by piebeer. Robert Ransom2011-01-20
generated by cgit v1.2.3 (git 2.47.1) at 2025-03-21 04:52:28 +0000