From 9e30ac2870bf14c4939ec02f88540e65f553a357 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Tue, 7 Oct 2003 22:18:14 +0000 Subject: obey exit policies for addresses too svn:r555 --- src/or/or.h | 1 + src/or/routers.c | 14 +++++++++----- 2 files changed, 10 insertions(+), 5 deletions(-) (limited to 'src/or') diff --git a/src/or/or.h b/src/or/or.h index c499982bb..6c28c639f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -421,6 +421,7 @@ typedef struct { char *RouterFile; char *Nickname; char *Address; + char *ExitPolicy; double CoinWeight; int Daemon; int ORPort; diff --git a/src/or/routers.c b/src/or/routers.c index 5921ce9f1..4aef1cf14 100644 --- a/src/or/routers.c +++ b/src/or/routers.c @@ -1038,6 +1038,7 @@ policy_read_failed: */ int router_compare_to_exit_policy(connection_t *conn) { struct exit_policy_t *tmpe; + struct in_addr in; assert(desc_routerinfo); @@ -1045,10 +1046,14 @@ int router_compare_to_exit_policy(connection_t *conn) { assert(tmpe->address); assert(tmpe->port); - /* Totally ignore the address field of the exit policy, for now. */ - - if(!strcmp(tmpe->port,"*") || atoi(tmpe->port) == conn->port) { - log_fn(LOG_INFO,"Port '%s' matches '%d'. %s.", + if(inet_aton(tmpe->address,&in) == 0) { /* malformed IP. reject. */ + log_fn(LOG_WARNING,"Malformed IP %s in exit policy. Rejecting.",tmpe->address); + return -1; + } + if(conn->addr == ntohl(in.s_addr) && + (!strcmp(tmpe->port,"*") || atoi(tmpe->port) == conn->port)) { + log_fn(LOG_INFO,"Address '%s' matches '%s' and port '%s' matches '%d'. %s.", + tmpe->address, conn->address, tmpe->port, conn->port, tmpe->policy_type == EXIT_POLICY_ACCEPT ? "Accepting" : "Rejecting"); if(tmpe->policy_type == EXIT_POLICY_ACCEPT) @@ -1057,7 +1062,6 @@ int router_compare_to_exit_policy(connection_t *conn) { return -1; } } - return 0; /* accept all by default. */ } -- cgit v1.2.3