aboutsummaryrefslogtreecommitdiff
path: root/src/or/policies.c
Commit message (Collapse)AuthorAge
* Let 0.2.3 clients exit to internal addresses if they wantRoger Dingledine2012-10-23
| | | | | | | Clients now consider the ClientRejectInternalAddresses config option when using a microdescriptor consensus stanza to decide whether an exit relay would allow exiting to an internal address. Fixes bug 7190; bugfix on 0.2.3.1-alpha.
* Fix parse_short_policy (bug 7192.)Nick Mathewson2012-10-23
| | | | | | | | | | | Our implementation of parse_short_policy was screwed up: it would ignore the last character of every short policy. Obviously, that's broken. This patch fixes the busted behavior, and adds a bunch of unit tests to make sure the rest of that function is okay. Fixes bug 7192; fix on 0.2.3.1-alpha.
* add a unit test to expose bug 7192Roger Dingledine2012-10-22
|
* Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-08-27
|\ | | | | | | | | Conflicts: src/or/policies.c
| * Do not assert when comparing a null address/port against a policyNick Mathewson2012-08-27
| | | | | | | | | | This can create a remote crash opportunity for/against directory authorities.
* | Change all SMARTLIST_FOREACH loops of >=10 lines to use BEGIN/ENDNick Mathewson2012-07-17
| | | | | | | | | | | | | | | | | | | | | | The SMARTLIST_FOREACH macro is more convenient than BEGIN/END when you have a nice short loop body, but using it for long bodies makes your preprocessor tell the compiler that all the code is on the same line. That causes grief, since compiler warnings and debugger lines will all refer to that one line. So, here's a new style rule: SMARTLIST_FOREACH blocks need to be short.
* | Update copyright dates to 2012; add a few missing copyright statementsNick Mathewson2012-06-04
| |
* | Add about 60 more DOCDOC comments to 0.2.3Nick Mathewson2012-06-04
| | | | | | | | | | | | | | | | Also, try to resolve some doxygen issues. First, define a magic "This is doxygen!" macro so that we take the correct branch in various #if/#else/#endifs in order to get the right documentation. Second, add in a few grouping @{ and @} entries in order to get some variables and fields to get grouped together.
* | whitespace fixRoger Dingledine2012-02-29
| |
* | document a cool attack that we evaluatedRoger Dingledine2012-02-17
| |
* | Rename nonconformant identifiers.Nick Mathewson2012-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 4893. These changes are pure mechanical, and were generated with this perl script: /usr/bin/perl -w -i.bak -p s/crypto_pk_env_t/crypto_pk_t/g; s/crypto_dh_env_t/crypto_dh_t/g; s/crypto_cipher_env_t/crypto_cipher_t/g; s/crypto_digest_env_t/crypto_digest_t/g; s/aes_free_cipher/aes_cipher_free/g; s/crypto_free_cipher_env/crypto_cipher_free/g; s/crypto_free_digest_env/crypto_digest_free/g; s/crypto_free_pk_env/crypto_pk_free/g; s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g; s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g; s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g; s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g; s/crypto_new_cipher_env/crypto_cipher_new/g; s/crypto_new_digest_env/crypto_digest_new/g; s/crypto_new_digest256_env/crypto_digest256_new/g; s/crypto_new_pk_env/crypto_pk_new/g; s/crypto_create_crypto_env/crypto_cipher_new/g; s/connection_create_listener/connection_listener_new/g; s/smartlist_create/smartlist_new/g; s/transport_create/transport_new/g;
* | fix crash bug in original feature4207 branchRoger Dingledine2012-01-16
| | | | | | | | | | PLURAL() assumes that the plural is the canonical name for the option, so now it is.
* | Convert instances of tor_malloc+tor_snprintf into tor_asprintfNick Mathewson2012-01-16
| | | | | | | | | | | | | | | | | | | | These were found by looking for tor_snprintf() instances that were preceeded closely by tor_malloc(), though I probably converted some more snprintfs as well. (In every case, make sure that the length variable (if any) is removed, renamed, or lowered, so that anything else that might have assumed a longer buffer doesn't exist.)
* | Comment fixups on 4207 suggested by armaNick Mathewson2012-01-16
| |
* | Allow authorities to baddir/badexit/invalid/reject nodes by ccNick Mathewson2012-01-13
| | | | | | | | Implements ticket #4207
* | Remove compare_addr_to_node_policyNick Mathewson2011-07-15
| | | | | | | | | | | | | | | | Instead, use compare_tor_addr_to_node_policy everywhere. One advantage of this is that compare_tor_addr_to_node_policy can better distinguish 0.0.0.0 from "unknown", which caused a nasty bug with microdesc users.
* | Treat null address as "unknown", not "rejected" in md policyNick Mathewson2011-07-15
| | | | | | | | | | | | | | | | | | | | Previously, we had an issue where we'd treat an unknown address as 0, which turned into "0.0.0.0", which looked like a rejected address. This meant in practice that as soon as we started doing comparisons of unknown uint32 addresses to short policies, we'd get 'rejected' right away. Because of the circumstances under which this would be called, it would only happen when we had local DNS cached entries and we were looking to launch new circuits.
* | Remove compare_addr_to_addr_policyNick Mathewson2011-07-15
| | | | | | | | | | Nothing used it but the unit tests; everything else knows to use compare_tor_addr_to_addr_policy instead.
* | Remove a redundant condition in compare_addr_to_node_policyNick Mathewson2011-07-08
| | | | | | | | | | | | A && A == A. Found by frosty_un
* | Don't shadow parameters with local variablesNick Mathewson2011-07-01
| | | | | | | | | | | | | | | | This is a little error-prone when the local has a different type from the parameter, and is very error-prone with both have the same type. Let's not do this. Fixes CID #437,438,439,440,441.
* | Make the get_options() return constNick Mathewson2011-06-14
| | | | | | | | | | | | | | | | This lets us make a lot of other stuff const, allows the compiler to generate (slightly) better code, and will make me get slightly fewer patches from folks who stick mutable stuff into or_options_t. const: because not every input is an output!
* | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-06-14
|\|
| * Don't use signed 1-bit bitfieldsSebastian Hahn2011-06-08
| | | | | | | | | | This was harmless, we never compared it to anything but itself or 0. But Coverity complained, and it had a point.
* | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-03-06
|\|
| * Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2011-03-06
| |\ | | | | | | | | | | | | Conflicts: src/or/policies.c
| | * exit_policy_is_general_exit is IPv4 only; it should admit it.Nick Mathewson2011-03-06
| | |
* | | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-02-22
|\| | | | | | | | | | | | | | | | | Conflicts: src/or/policies.c src/or/policies.h
| * | Don't let bad DNS make exit policy and declared exit policy get out of syncNick Mathewson2011-02-22
| | | | | | | | | | | | Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
* | | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-01-20
|\| |
| * | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2011-01-20
| |\|
| | * Fix bounds-checking in policy_summarizeRobert Ransom2011-01-20
| | | | | | | | | | | | Found by piebeer.
* | | Use autoconf's FLEXIBLE_ARRAY_MEMBER for unspecified-length arraysNick Mathewson2011-01-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C99 allows a syntax for structures whose last element is of unspecified length: struct s { int elt1; ... char last_element[]; }; Recent (last-5-years) autoconf versions provide an AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER to either no tokens (if you have c99 flexible array support) or to 1 (if you don't). At that point you just use offsetof [STRUCT_OFFSET() for us] to see where last_element begins, and allocate your structures like: struct s { int elt1; ... char last_element[FLEXIBLE_ARRAY_MEMBER]; }; tor_malloc(STRUCT_OFFSET(struct s, last_element) + n_elements*sizeof(char)); The advantages are: 1) It's easier to see which structures and elements are of unspecified length. 2) The compiler and related checking tools can also see which structures and elements are of unspecified length, in case they wants to try weird bounds-checking tricks or something. 3) The compiler can warn us if we do something dumb, like try to stack-allocate a flexible-length structure.
* | | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-01-03
|\| |
| * | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2011-01-03
| |\| | | | | | | | | | | | | | | | Conflicts: src/common/test.h src/or/test.c
| | * Bump copyright statements to 2011Nick Mathewson2011-01-03
| | |
* | | Remove "is this too slow?" XXXX comments for code not appearing in profilesNick Mathewson2010-10-15
| | |
* | | Make check-spaces happySebastian Hahn2010-10-14
| | |
* | | Implement node_set_exit_policy_to_reject_all with a flagNick Mathewson2010-10-13
| | | | | | | | | | | | Also remove some debugging code.
* | | Add some missing documentation for things added in nodes branchNick Mathewson2010-10-07
| | |
* | | Implement policies for nodes (and for microdescriptors too)Nick Mathewson2010-10-01
| | |
* | | Initial conversion to use node_t throughout our codebase.Nick Mathewson2010-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A node_t is an abstraction over routerstatus_t, routerinfo_t, and microdesc_t. It should try to present a consistent interface to all of them. There should be a node_t for a server whenever there is * A routerinfo_t for it in the routerlist * A routerstatus_t in the current_consensus. (note that a microdesc_t alone isn't enough to make a node_t exist, since microdescriptors aren't usable on their own.) There are three ways to get a node_t right now: looking it up by ID, looking it up by nickname, and iterating over the whole list of microdescriptors. All (or nearly all) functions that are supposed to return "a router" -- especially those used in building connections and circuits -- should return a node_t, not a routerinfo_t or a routerstatus_t. A node_t should hold all the *mutable* flags about a node. This patch moves the is_foo flags from routerinfo_t into node_t. The flags in routerstatus_t remain, but they get set from the consensus and should not change. Some other highlights of this patch are: * Looking up routerinfo and routerstatus by nickname is now unified and based on the "look up a node by nickname" function. This tries to look only at the values from current consensus, and not get confused by the routerinfo_t->is_named flag, which could get set for other weird reasons. This changes the behavior of how authorities (when acting as clients) deal with nodes that have been listed by nickname. * I tried not to artificially increase the size of the diff here by moving functions around. As a result, some functions that now operate on nodes are now in the wrong file -- they should get moved to nodelist.c once this refactoring settles down. This moving should happen as part of a patch that moves functions AND NOTHING ELSE. * Some old code is now left around inside #if 0/1 blocks, and should get removed once I've verified that I don't want it sitting around to see how we used to do things. There are still some unimplemented functions: these are flagged with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the implementation here, piece by piece. I wish this patch could have been smaller, but there did not seem to be any piece of it that was independent from the rest. Moving flags forces many functions that once returned routerinfo_t * to return node_t *, which forces their friends to change, and so on.
* | | Try to make most routerinfo_t interfaces constNick Mathewson2010-10-01
|/ /
* | Fix misplaced labelsSebastian Hahn2010-08-16
| |
* | Create routerparse.hSebastian Hahn2010-07-27
| |
* | Create policies.hSebastian Hahn2010-07-27
| |
* | Create dirserv.hSebastian Hahn2010-07-27
| |
* | Create config.hSebastian Hahn2010-07-27
| |
* | Make the controller act more usefully when GETINFO failsNick Mathewson2010-07-18
| | | | | | | | | | | | | | | | | | | | | | Right now it says "552 internal error" because there's no way for getinfo_helper_*() countries to specify an error message. This patch changes the getinfo_helper_*() interface, and makes most of the getinfo helpers give useful error messages in response to failures. This should prevent recurrences of bug 1699, where a missing GeoIPFile line in the torrc made GETINFO ip-to-county/* fail in a "not obvious how to fix" way.
* | Merge remote branch 'origin/maint-0.2.1'Nick Mathewson2010-02-27
|\| | | | | | | | | | | Conflicts: src/common/test.h src/or/test.c
| * Update Tor Project copyright yearsNick Mathewson2010-02-27
| |