Refactor policy_summary_reject to prepare for IPv6 changes

No behaviour change, apart from non-fatal assertions

Part of 21357
This commit is contained in:
teor 2017-02-01 15:18:47 +11:00 committed by Nick Mathewson
parent 7e7b3d3df3
commit 82850d0da6

View File

@ -2299,7 +2299,11 @@ policy_summary_item_split(policy_summary_item_t* old, uint16_t new_starts)
* my immortal soul, he can clean it up himself. */
#define AT(x) ((policy_summary_item_t*)smartlist_get(summary, x))
#define REJECT_CUTOFF_COUNT (1<<25)
#define IPV4_BITS (32)
/* Ports are rejected in an IPv4 summary if they are rejected in more than two
* IPv4 /8 address blocks */
#define REJECT_CUTOFF_COUNT_IPV4 (U64_LITERAL(1) << \
(IPV4_BITS - 7))
/** Split an exit policy summary so that prt_min and prt_max
* fall at exactly the start and end of an item respectively.
*/
@ -2341,7 +2345,7 @@ policy_summary_accept(smartlist_t *summary,
while (i < smartlist_len(summary) &&
AT(i)->prt_max <= prt_max) {
if (!AT(i)->accepted &&
AT(i)->reject_count <= REJECT_CUTOFF_COUNT)
AT(i)->reject_count <= REJECT_CUTOFF_COUNT_IPV4)
AT(i)->accepted = 1;
i++;
}
@ -2357,7 +2361,12 @@ policy_summary_reject(smartlist_t *summary,
{
int i = policy_summary_split(summary, prt_min, prt_max);
/* XXX: ipv4 specific */
uint64_t count = (U64_LITERAL(1) << (32-maskbits));
/* The length of a single address mask */
int addrbits = IPV4_BITS;
tor_assert_nonfatal_once(addrbits >= maskbits);
uint64_t count = (U64_LITERAL(1) << (addrbits-maskbits));
tor_assert_nonfatal_once(count > 0);
while (i < smartlist_len(summary) &&
AT(i)->prt_max <= prt_max) {
AT(i)->reject_count += count;