| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | | |
|
| |\| |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/or/policies.c
src/or/policies.h
|
| | | |
| | |
| | |
| | | |
Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
|
| |\| | |
|
| | |\| |
|
| | | |
| | |
| | |
| | | |
Found by piebeer.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
C99 allows a syntax for structures whose last element is of
unspecified length:
struct s {
int elt1;
...
char last_element[];
};
Recent (last-5-years) autoconf versions provide an
AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER
to either no tokens (if you have c99 flexible array support) or to 1
(if you don't). At that point you just use offsetof
[STRUCT_OFFSET() for us] to see where last_element begins, and
allocate your structures like:
struct s {
int elt1;
...
char last_element[FLEXIBLE_ARRAY_MEMBER];
};
tor_malloc(STRUCT_OFFSET(struct s, last_element) +
n_elements*sizeof(char));
The advantages are:
1) It's easier to see which structures and elements are of
unspecified length.
2) The compiler and related checking tools can also see which
structures and elements are of unspecified length, in case they
wants to try weird bounds-checking tricks or something.
3) The compiler can warn us if we do something dumb, like try
to stack-allocate a flexible-length structure.
|
| |\| | |
|
| | |\|
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/common/test.h
src/or/test.c
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Also remove some debugging code.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
|
| |/ / |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Right now it says "552 internal error" because there's no way for
getinfo_helper_*() countries to specify an error message. This
patch changes the getinfo_helper_*() interface, and makes most of the
getinfo helpers give useful error messages in response to failures.
This should prevent recurrences of bug 1699, where a missing GeoIPFile
line in the torrc made GETINFO ip-to-county/* fail in a "not obvious
how to fix" way.
|
| |\|
| |
| |
| |
| |
| | |
Conflicts:
src/common/test.h
src/or/test.c
|
| | | |
|
| | |
| |
| |
| |
| | |
It isn't necessary to walk through all possible subnets when the policy
we're looking at doesn't touch that subnet.
|
| | | |
|
| | |
| |
| |
| |
| | |
The original comment said what it did if there was at least one /8 that
allowed access to the port, but not what it did otherwise.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
exit_policy_is_general_exit() assumed that there are no redundancies
in the passed policy, in the sense that we actively combine entries
in the policy to really get rid of any redundancy. Since we cannot
do that without massively rewriting the policy lines the relay
operators set, fix exit_policy_is_general_exit().
Fixes bug 1238, discovered by Martin Kowalczyk.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
|
| |/
|
|
| |
Bridges do not use the default exit policy, but reject *:* by default.
|
| |
|
|
| |
This is a posible fix for bug 996.
|
| | |
|
| | |
|
| |
|
|
| |
svn:r18827
|
| |
|
|
|
|
|
|
| |
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
|
| |
|
|
|
|
| |
Until we do ipv6 exit policies and until we know whether we even allow ::ffff:0:0/96 addresses, there is no point in doing "semantic" comparisons. This was also showing up on oprofile.
svn:r17803
|
| |
|
|
|
|
|
|
|
|
| |
Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop. Rearrange
router_find_exact_exit_enclave() to run a little faster. Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.
svn:r17802
|
| |
|
|
| |
svn:r17734
|
| |
|
|
|
|
| |
comments so that they will get recognized as doxygen.
svn:r17729
|
| |
|
|
|
|
| |
patch.
svn:r17686
|
| |
|
|
| |
svn:r17199
|
| |
|
|
| |
svn:r17186
|
| |
|
|
|
|
|
|
|
| |
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.
svn:r16898
|
| |
|
|
| |
svn:r16802
|
| |
|
|
| |
svn:r16780
|
| |
|
|
|
|
| |
almost inevitable.
svn:r16779
|
| |
|
|
| |
svn:r16549
|
| |
|
|
|
|
| |
Explicitly mention them as reject 1-65535.
svn:r16543
|