Merge branch 'bug7952_final'

Conflicts: src/test/include.am src/test/test.c
2024-11-24 12:23:32 +01:00 · 2014-04-08 13:55:02 -04:00 · 2014-04-08 13:55:02 -04:00 · 245f273aaf
commit 245f273aaf
parent 3ac426afe8 51e13cd1ad
8 changed files with 186 additions and 14 deletions
--- a/changes/ticket7952
+++ b/changes/ticket7952
@ -0,0 +1,4 @@
+  o Minor features (controller):
+    - Make the entire exit policy available from the control port via
+      GETINFO exit-policy/*. Implements enhancement #7952. Patch from
+      "rl1987".
--- a/src/or/control.c
+++ b/src/or/control.c
@ -2193,6 +2193,9 @@ static const getinfo_item_t getinfo_items[] = {
       "v3 Networkstatus consensus as retrieved from a DirPort."),
  ITEM("exit-policy/default", policies,
       "The default value appended to the configured exit policy."),
+  ITEM("exit-policy/full", policies, "The entire exit policy of onion router"),
+  ITEM("exit-policy/ipv4", policies, "IPv4 parts of exit policy"),
+  ITEM("exit-policy/ipv6", policies, "IPv6 parts of exit policy"),
  PREFIX("ip-to-country/", geoip, "Perform a GEOIP lookup"),
  { NULL, NULL, NULL, 0 }
 };
--- a/src/or/policies.c
+++ b/src/or/policies.c
@ -13,6 +13,7 @@
 #include "dirserv.h"
 #include "nodelist.h"
 #include "policies.h"
+#include "router.h"
 #include "routerparse.h"
 #include "geoip.h"
 #include "ht.h"
@ -1692,6 +1693,28 @@ getinfo_helper_policies(control_connection_t *conn,
  (void) errmsg;
  if (!strcmp(question, "exit-policy/default")) {
    *answer = tor_strdup(DEFAULT_EXIT_POLICY);
+  } else if (!strcmpstart(question, "exit-policy/")) {
+    const routerinfo_t *me = router_get_my_routerinfo();
+
+    int include_ipv4 = 0;
+    int include_ipv6 = 0;
+
+    if (!strcmp(question, "exit-policy/ipv4")) {
+      include_ipv4 = 1;
+    } else if (!strcmp(question, "exit-policy/ipv6")) {
+      include_ipv6 = 1;
+    } else if (!strcmp(question, "exit-policy/full")) {
+      include_ipv4 = include_ipv6 = 1;
+    } else {
+      return 0; /* No such key. */
+    }
+
+    if (!me) {
+      *errmsg = "router_get_my_routerinfo returned NULL";
+      return -1;
+    }
+
+    *answer = router_dump_exit_policy_to_string(me,include_ipv4,include_ipv6);
  }
  return 0;
 }
--- a/src/or/router.c
+++ b/src/or/router.c
@ -2398,20 +2398,13 @@ router_dump_router_to_string(routerinfo_t *router,
  if (!router->exit_policy || !smartlist_len(router->exit_policy)) {
    smartlist_add(chunks, tor_strdup("reject *:*\n"));
  } else if (router->exit_policy) {
-    int i;
-    for (i = 0; i < smartlist_len(router->exit_policy); ++i) {
-      char pbuf[POLICY_BUF_LEN];
-      addr_policy_t *tmpe = smartlist_get(router->exit_policy, i);
-      int result;
-      if (tor_addr_family(&tmpe->addr) == AF_INET6)
-        continue; /* Don't include IPv6 parts of address policy */
-      result = policy_write_item(pbuf, POLICY_BUF_LEN, tmpe, 1);
-      if (result < 0) {
-        log_warn(LD_BUG,"descriptor policy_write_item ran out of room!");
-        goto err;
-      }
-      smartlist_add_asprintf(chunks, "%s\n", pbuf);
-    }
+    char *exit_policy = router_dump_exit_policy_to_string(router,1,0);
+
+    if (!exit_policy)
+      goto err;
+
+    smartlist_add_asprintf(chunks, "%s\n", exit_policy);
+    tor_free(exit_policy);
  }

  if (router->ipv6_exit_policy) {
@ -2479,6 +2472,56 @@ router_dump_router_to_string(routerinfo_t *router,
  return output;
 }

+/**
+ * OR only: Given <b>router</b>, produce a string with its exit policy.
+ * If <b>include_ipv4</b> is true, include IPv4 entries.
+ * If <b>include_ipv6</b> is true, include IPv6 entries.
+ */
+char *
+router_dump_exit_policy_to_string(const routerinfo_t *router,
+                                  int include_ipv4,
+                                  int include_ipv6)
+{
+  smartlist_t *exit_policy_strings;
+  char *policy_string = NULL;
+
+  if ((!router->exit_policy) || (router->policy_is_reject_star)) {
+    return tor_strdup("reject *:*");
+  }
+
+  exit_policy_strings = smartlist_new();
+
+  SMARTLIST_FOREACH_BEGIN(router->exit_policy, addr_policy_t *, tmpe) {
+    char *pbuf;
+    int bytes_written_to_pbuf;
+    if ((tor_addr_family(&tmpe->addr) == AF_INET6) && (!include_ipv6)) {
+      continue; /* Don't include IPv6 parts of address policy */
+    }
+    if ((tor_addr_family(&tmpe->addr) == AF_INET) && (!include_ipv4)) {
+      continue; /* Don't include IPv4 parts of address policy */
+    }
+
+    pbuf = tor_malloc(POLICY_BUF_LEN);
+    bytes_written_to_pbuf = policy_write_item(pbuf,POLICY_BUF_LEN, tmpe, 1);
+
+    if (bytes_written_to_pbuf < 0) {
+      log_warn(LD_BUG, "router_dump_exit_policy_to_string ran out of room!");
+      tor_free(pbuf);
+      goto done;
+    }
+
+    smartlist_add(exit_policy_strings,pbuf);
+  } SMARTLIST_FOREACH_END(tmpe);
+
+  policy_string = smartlist_join_strings(exit_policy_strings, "\n", 0, NULL);
+
+ done:
+  SMARTLIST_FOREACH(exit_policy_strings, char *, str, tor_free(str));
+  smartlist_free(exit_policy_strings);
+
+  return policy_string;
+}
+
 /** Copy the primary (IPv4) OR port (IP address and TCP port) for
 * <b>router</b> into *<b>ap_out</b>. */
 void
--- a/src/or/router.h
+++ b/src/or/router.h
@ -94,6 +94,9 @@ int router_pick_published_address(const or_options_t *options, uint32_t *addr);
 int router_rebuild_descriptor(int force);
 char *router_dump_router_to_string(routerinfo_t *router,
                                   crypto_pk_t *ident_key);
+char *router_dump_exit_policy_to_string(const routerinfo_t *router,
+                                         int include_ipv4,
+                                         int include_ipv6);
 void router_get_prim_orport(const routerinfo_t *router,
                            tor_addr_port_t *addr_port_out);
 void router_get_pref_orport(const routerinfo_t *router,
--- a/src/test/include.am
+++ b/src/test/include.am
@ -43,6 +43,7 @@ src_test_test_SOURCES = \
 	src/test/test_config.c \
 	src/test/test_hs.c \
 	src/test/test_nodelist.c \
+	src/test/test_policy.c \
 	src/ext/tinytest.c

 src_test_test_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
--- a/src/test/test.c
+++ b/src/test/test.c
@ -1638,6 +1638,7 @@ extern struct testcase_t hs_tests[];
 extern struct testcase_t nodelist_tests[];
 extern struct testcase_t routerkeys_tests[];
 extern struct testcase_t oom_tests[];
+extern struct testcase_t exit_policy_tests[];

 static struct testgroup_t testgroups[] = {
  { "", test_array },
@ -1666,6 +1667,7 @@ static struct testgroup_t testgroups[] = {
  { "nodelist/", nodelist_tests },
  { "routerkeys/", routerkeys_tests },
  { "oom/", oom_tests },
+  { "policy/" , exit_policy_tests },
  END_OF_GROUPS
 };

--- a/src/test/test_policy.c
+++ b/src/test/test_policy.c
@ -0,0 +1,93 @@
+/* Copyright (c) 2013, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#include "or.h"
+#include "router.h"
+#include "routerparse.h"
+#include "policies.h"
+#include "test.h"
+
+static void
+test_dump_exit_policy_to_string(void *arg)
+{
+ char *ep;
+ addr_policy_t *policy_entry;
+
+ routerinfo_t *ri = tor_malloc_zero(sizeof(routerinfo_t));
+
+ (void)arg;
+
+ ri->policy_is_reject_star = 1;
+ ri->exit_policy = NULL; // expecting "reject *:*"
+ ep = router_dump_exit_policy_to_string(ri,1,1);
+
+ test_streq("reject *:*",ep);
+
+ tor_free(ep);
+
+ ri->exit_policy = smartlist_new();
+ ri->policy_is_reject_star = 0;
+
+ policy_entry = router_parse_addr_policy_item_from_string("accept *:*",-1);
+
+ smartlist_add(ri->exit_policy,policy_entry);
+
+ ep = router_dump_exit_policy_to_string(ri,1,1);
+
+ test_streq("accept *:*",ep);
+
+ tor_free(ep);
+
+ policy_entry = router_parse_addr_policy_item_from_string("reject *:25",-1);
+
+ smartlist_add(ri->exit_policy,policy_entry);
+
+ ep = router_dump_exit_policy_to_string(ri,1,1);
+
+ test_streq("accept *:*\nreject *:25",ep);
+
+ tor_free(ep);
+
+ policy_entry =
+ router_parse_addr_policy_item_from_string("reject 8.8.8.8:*",-1);
+
+ smartlist_add(ri->exit_policy,policy_entry);
+
+ ep = router_dump_exit_policy_to_string(ri,1,1);
+
+ test_streq("accept *:*\nreject *:25\nreject 8.8.8.8:*",ep);
+
+ policy_entry =
+ router_parse_addr_policy_item_from_string("reject6 [FC00::]/7:*",-1);
+
+ smartlist_add(ri->exit_policy,policy_entry);
+
+ ep = router_dump_exit_policy_to_string(ri,1,1);
+
+ test_streq("accept *:*\nreject *:25\nreject 8.8.8.8:*\n"
+            "reject6 [fc00::]/7:*",ep);
+
+ policy_entry =
+ router_parse_addr_policy_item_from_string("accept6 [c000::]/3:*",-1);
+
+ smartlist_add(ri->exit_policy,policy_entry);
+
+ ep = router_dump_exit_policy_to_string(ri,1,1);
+
+ test_streq("accept *:*\nreject *:25\nreject 8.8.8.8:*\n"
+            "reject6 [fc00::]/7:*\naccept6 [c000::]/3:*",ep);
+
+ done:
+
+ SMARTLIST_FOREACH(ri->exit_policy, addr_policy_t *,
+                   entry, addr_policy_free(entry));
+ tor_free(ri);
+ tor_free(ep);
+}
+
+struct testcase_t exit_policy_tests[] = {
+  { "router_dump_exit_policy_to_string", test_dump_exit_policy_to_string, 0,
+    NULL, NULL },
+  END_OF_TESTCASES
+};
+