mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Refactor policy_summary_reject to prepare for IPv6 changes
No behaviour change, apart from non-fatal assertions Part of 21357
This commit is contained in:
parent
7e7b3d3df3
commit
82850d0da6
@ -2299,7 +2299,11 @@ policy_summary_item_split(policy_summary_item_t* old, uint16_t new_starts)
|
||||
* my immortal soul, he can clean it up himself. */
|
||||
#define AT(x) ((policy_summary_item_t*)smartlist_get(summary, x))
|
||||
|
||||
#define REJECT_CUTOFF_COUNT (1<<25)
|
||||
#define IPV4_BITS (32)
|
||||
/* Ports are rejected in an IPv4 summary if they are rejected in more than two
|
||||
* IPv4 /8 address blocks */
|
||||
#define REJECT_CUTOFF_COUNT_IPV4 (U64_LITERAL(1) << \
|
||||
(IPV4_BITS - 7))
|
||||
/** Split an exit policy summary so that prt_min and prt_max
|
||||
* fall at exactly the start and end of an item respectively.
|
||||
*/
|
||||
@ -2341,7 +2345,7 @@ policy_summary_accept(smartlist_t *summary,
|
||||
while (i < smartlist_len(summary) &&
|
||||
AT(i)->prt_max <= prt_max) {
|
||||
if (!AT(i)->accepted &&
|
||||
AT(i)->reject_count <= REJECT_CUTOFF_COUNT)
|
||||
AT(i)->reject_count <= REJECT_CUTOFF_COUNT_IPV4)
|
||||
AT(i)->accepted = 1;
|
||||
i++;
|
||||
}
|
||||
@ -2357,7 +2361,12 @@ policy_summary_reject(smartlist_t *summary,
|
||||
{
|
||||
int i = policy_summary_split(summary, prt_min, prt_max);
|
||||
/* XXX: ipv4 specific */
|
||||
uint64_t count = (U64_LITERAL(1) << (32-maskbits));
|
||||
/* The length of a single address mask */
|
||||
int addrbits = IPV4_BITS;
|
||||
tor_assert_nonfatal_once(addrbits >= maskbits);
|
||||
|
||||
uint64_t count = (U64_LITERAL(1) << (addrbits-maskbits));
|
||||
tor_assert_nonfatal_once(count > 0);
|
||||
while (i < smartlist_len(summary) &&
|
||||
AT(i)->prt_max <= prt_max) {
|
||||
AT(i)->reject_count += count;
|
||||
|
Loading…
Reference in New Issue
Block a user