From 67c0c64aa4cfa67561d4189443fe3663c8190b18 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Wed, 18 Feb 2004 07:23:38 +0000 Subject: [PATCH] go back to a single exitpolicy parameter if your exitpolicy includes " *:*" then it is final, else we append the default exit policy. (thanks weasel) svn:r1105 --- src/config/torrc.in | 13 +++++-------- src/or/config.c | 5 +---- src/or/or.h | 1 - src/or/router.c | 8 +++++++- 4 files changed, 13 insertions(+), 14 deletions(-) diff --git a/src/config/torrc.in b/src/config/torrc.in index 183b091b80..b2480b5307 100644 --- a/src/config/torrc.in +++ b/src/config/torrc.in @@ -19,13 +19,10 @@ SocksBindAddress 127.0.0.1 # accept connections only from localhost #ORPort 9001 # where to listen for cell-speaking connections #ORBindAddress 0.0.0.0 # accept connections from anywhere -## A comma-separated list of exit policies. Define this if you -## want to *augment* the default exit policy. -## These entries are considered before the default exit policy. -#ExitPolicyPrepend accept 18.244.0.188:25 - -## A comma-separated list of exit policies. Define this if you -## want to *replace* the default exit policy. -## They're considered in order, first match wins. +## A comma-separated list of exit policies. If you want to *replace* +## the default exit policy, end this with either a reject *:* or an +## accept *:*. Otherwise, you're *augmenting* (prepending to) the +## default exit policy. +#ExitPolicy accept 18.244.0.188:25,accept 18.244.0.114:25 #ExitPolicy reject *:* diff --git a/src/or/config.c b/src/or/config.c index 877a1dfa86..713a58508f 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -165,7 +165,6 @@ static void config_assign(or_options_t *options, struct config_line *list) { config_compare(list, "ExitNodes", CONFIG_TYPE_STRING, &options->ExitNodes) || config_compare(list, "EntryNodes", CONFIG_TYPE_STRING, &options->EntryNodes) || config_compare(list, "ExitPolicy", CONFIG_TYPE_STRING, &options->ExitPolicy) || - config_compare(list, "ExitPolicyPrepend",CONFIG_TYPE_STRING, &options->ExitPolicyPrepend) || config_compare(list, "ExcludedNodes", CONFIG_TYPE_STRING, &options->ExcludedNodes) || config_compare(list, "Group", CONFIG_TYPE_STRING, &options->Group) || @@ -244,7 +243,6 @@ void free_options(or_options_t *options) { tor_free(options->EntryNodes); tor_free(options->ExcludedNodes); tor_free(options->ExitPolicy); - tor_free(options->ExitPolicyPrepend); tor_free(options->SocksBindAddress); tor_free(options->ORBindAddress); tor_free(options->DirBindAddress); @@ -260,8 +258,7 @@ void init_options(or_options_t *options) { options->ExitNodes = tor_strdup(""); options->EntryNodes = tor_strdup(""); options->ExcludedNodes = tor_strdup(""); - options->ExitPolicy = tor_strdup("reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:993,accept *:995,accept *:1024-65535,reject *:*"); - options->ExitPolicyPrepend = tor_strdup(""); + options->ExitPolicy = tor_strdup(""); options->SocksBindAddress = tor_strdup("127.0.0.1"); options->ORBindAddress = tor_strdup("0.0.0.0"); options->DirBindAddress = tor_strdup("0.0.0.0"); diff --git a/src/or/or.h b/src/or/or.h index f7e0d06c6e..a293e6f010 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -497,7 +497,6 @@ typedef struct { char *EntryNodes; char *ExcludedNodes; char *ExitPolicy; - char *ExitPolicyPrepend; char *SocksBindAddress; char *ORBindAddress; char *DirBindAddress; diff --git a/src/or/router.c b/src/or/router.c index 25fc6dd738..aefa0c0645 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -286,9 +286,15 @@ static void router_add_exit_policy_from_config_helper(char *s, routerinfo_t *rou } } +#define DefaultExitPolicy "reject 0.0.0.0/8,reject 169.254.0.0/16,reject 127.0.0.0/8,reject 192.168.0.0/16,reject 10.0.0.0/8,reject 172.16.0.0/12,accept *:20-22,accept *:53,accept *:79-80,accept *:110,accept *:143,accept *:443,accept *:873,accept *:993,accept *:995,accept *:1024-65535,reject *:*" + static void router_add_exit_policy_from_config(routerinfo_t *router) { - router_add_exit_policy_from_config_helper(options.ExitPolicyPrepend, router); router_add_exit_policy_from_config_helper(options.ExitPolicy, router); + if(strstr(options.ExitPolicy," *:*") == NULL) { + /* if exitpolicy includes a *:* line, then we're done. Else, append + * the default exitpolicy. */ + router_add_exit_policy_from_config_helper(DefaultExitPolicy, router); + } } /* Return false if my exit policy says to allow connection to conn.