diff --git a/changes/ticket18106 b/changes/ticket18106
new file mode 100644
index 0000000000..b3d8635f29
--- /dev/null
+++ b/changes/ticket18106
@@ -0,0 +1,3 @@
+ o Code simplification and refactoring:
+ - Rename "fascist_firewall_*" identifiers to "reachable_addr_*" instead,
+ for consistency with other code. Closes ticket 18106.
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 9d620c7b62..3b84e5e1f2 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -668,7 +668,7 @@ struct or_options_t {
int ClientUseIPv4;
/** If true, clients may connect over IPv6. If false, they will avoid
* connecting over IPv4. We enforce this for OR and Dir connections.
- * Use fascist_firewall_use_ipv6() instead of accessing this value
+ * Use reachable_addr_use_ipv6() instead of accessing this value
* directly. */
int ClientUseIPv6;
/** If true, prefer an IPv6 OR port over an IPv4 one for entry node
@@ -678,7 +678,7 @@ struct or_options_t {
int ClientPreferIPv6ORPort;
/** If true, prefer an IPv6 directory port over an IPv4 one for direct
* directory connections. If auto, bridge clients prefer IPv6, and other
- * clients prefer IPv4. Use fascist_firewall_prefer_ipv6_dirport() instead of
+ * clients prefer IPv4. Use reachable_addr_prefer_ipv6_dirport() instead of
* accessing this value directly. */
int ClientPreferIPv6DirPort;
diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index c68546e375..7f4c6a5f48 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -2246,11 +2246,11 @@ connection_connect_log_client_use_ip_version(const connection_t *conn)
return;
}
- const int must_ipv4 = !fascist_firewall_use_ipv6(options);
+ const int must_ipv4 = !reachable_addr_use_ipv6(options);
const int must_ipv6 = (options->ClientUseIPv4 == 0);
const int pref_ipv6 = (conn->type == CONN_TYPE_OR
- ? fascist_firewall_prefer_ipv6_orport(options)
- : fascist_firewall_prefer_ipv6_dirport(options));
+ ? reachable_addr_prefer_ipv6_orport(options)
+ : reachable_addr_prefer_ipv6_dirport(options));
tor_addr_t real_addr;
tor_addr_copy(&real_addr, &conn->addr);
@@ -2275,7 +2275,7 @@ connection_connect_log_client_use_ip_version(const connection_t *conn)
return;
}
- if (fascist_firewall_use_ipv6(options)) {
+ if (reachable_addr_use_ipv6(options)) {
log_info(LD_NET, "Our outgoing connection is using IPv%d.",
tor_addr_family(&real_addr) == AF_INET6 ? 6 : 4);
}
@@ -2285,13 +2285,13 @@ connection_connect_log_client_use_ip_version(const connection_t *conn)
|| (pref_ipv6 && tor_addr_family(&real_addr) == AF_INET)) {
log_info(LD_NET, "Outgoing connection to %s doesn't satisfy "
"ClientPreferIPv6%sPort %d, with ClientUseIPv4 %d, and "
- "fascist_firewall_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
+ "reachable_addr_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
"%d).",
fmt_addr(&real_addr),
conn->type == CONN_TYPE_OR ? "OR" : "Dir",
conn->type == CONN_TYPE_OR ? options->ClientPreferIPv6ORPort
: options->ClientPreferIPv6DirPort,
- options->ClientUseIPv4, fascist_firewall_use_ipv6(options),
+ options->ClientUseIPv4, reachable_addr_use_ipv6(options),
options->ClientUseIPv6, options->UseBridges);
}
}
diff --git a/src/core/or/extendinfo.c b/src/core/or/extendinfo.c
index ffc88295cf..22e5b664bb 100644
--- a/src/core/or/extendinfo.c
+++ b/src/core/or/extendinfo.c
@@ -102,7 +102,7 @@ extend_info_from_node(const node_t *node, int for_direct_connect)
/* Choose a preferred address first, but fall back to an allowed address. */
if (for_direct_connect)
- fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0, &ap);
+ reachable_addr_choose_from_node(node, FIREWALL_OR_CONNECTION, 0, &ap);
else {
node_get_prim_orport(node, &ap);
}
diff --git a/src/core/or/policies.c b/src/core/or/policies.c
index 020eb0a152..0dc440cc96 100644
--- a/src/core/or/policies.c
+++ b/src/core/or/policies.c
@@ -311,7 +311,7 @@ parse_reachable_addresses(void)
"ReachableAddresses, ReachableORAddresses, or "
"ReachableDirAddresses reject all IPv4 addresses. "
"Tor will not connect using IPv4.");
- } else if (fascist_firewall_use_ipv6(options)
+ } else if (reachable_addr_use_ipv6(options)
&& (policy_is_reject_star(reachable_or_addr_policy, AF_INET6, 0)
|| policy_is_reject_star(reachable_dir_addr_policy, AF_INET6, 0))) {
log_warn(LD_CONFIG, "You have configured tor to use or prefer IPv6 "
@@ -399,12 +399,12 @@ addr_policy_permits_tor_addr(const tor_addr_t *addr, uint16_t port,
* - if ClientUseIPv4 is 0, or
* if pref_only and pref_ipv6 are both true;
* - return false for all IPv6 addresses:
- * - if fascist_firewall_use_ipv6() is 0, or
+ * - if reachable_addr_use_ipv6() is 0, or
* - if pref_only is true and pref_ipv6 is false.
*
* Return false if addr is NULL or tor_addr_is_null(), or if port is 0. */
STATIC int
-fascist_firewall_allows_address(const tor_addr_t *addr,
+reachable_addr_allows(const tor_addr_t *addr,
uint16_t port,
smartlist_t *firewall_policy,
int pref_only, int pref_ipv6)
@@ -427,7 +427,7 @@ fascist_firewall_allows_address(const tor_addr_t *addr,
/* Clients and Servers won't use IPv6 unless it's enabled (and in most
* cases, IPv6 must also be preferred before it will be used). */
if (tor_addr_family(addr) == AF_INET6 &&
- (!fascist_firewall_use_ipv6(options) || (pref_only && !pref_ipv6))) {
+ (!reachable_addr_use_ipv6(options) || (pref_only && !pref_ipv6))) {
return 0;
}
@@ -443,7 +443,7 @@ fascist_firewall_allows_address(const tor_addr_t *addr,
* port: it supports bridge client per-node IPv6 preferences.
*/
int
-fascist_firewall_use_ipv6(const or_options_t *options)
+reachable_addr_use_ipv6(const or_options_t *options)
{
/* Clients use IPv6 if it's set, or they use bridges, or they don't use
* IPv4, or they prefer it.
@@ -458,7 +458,7 @@ fascist_firewall_use_ipv6(const or_options_t *options)
* If we're unsure, return -1, otherwise, return 1 for IPv6 and 0 for IPv4.
*/
static int
-fascist_firewall_prefer_ipv6_impl(const or_options_t *options)
+reachable_addr_prefer_ipv6_impl(const or_options_t *options)
{
/*
Cheap implementation of config options ClientUseIPv4 & ClientUseIPv6 --
@@ -466,7 +466,7 @@ fascist_firewall_prefer_ipv6_impl(const or_options_t *options)
If IPv4 is disabled, use IPv6.
*/
- if (server_mode(options) || !fascist_firewall_use_ipv6(options)) {
+ if (server_mode(options) || !reachable_addr_use_ipv6(options)) {
return 0;
}
@@ -482,9 +482,9 @@ fascist_firewall_prefer_ipv6_impl(const or_options_t *options)
* per-node IPv6 preferences.
*/
int
-fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
+reachable_addr_prefer_ipv6_orport(const or_options_t *options)
{
- int pref_ipv6 = fascist_firewall_prefer_ipv6_impl(options);
+ int pref_ipv6 = reachable_addr_prefer_ipv6_impl(options);
if (pref_ipv6 >= 0) {
return pref_ipv6;
@@ -504,9 +504,9 @@ fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
* preferences. There's no reason to use it instead of this function.)
*/
int
-fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
+reachable_addr_prefer_ipv6_dirport(const or_options_t *options)
{
- int pref_ipv6 = fascist_firewall_prefer_ipv6_impl(options);
+ int pref_ipv6 = reachable_addr_prefer_ipv6_impl(options);
if (pref_ipv6 >= 0) {
return pref_ipv6;
@@ -528,16 +528,16 @@ fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
* If pref_only is false, ignore pref_ipv6, and return true if addr is allowed.
*/
int
-fascist_firewall_allows_address_addr(const tor_addr_t *addr, uint16_t port,
+reachable_addr_allows_addr(const tor_addr_t *addr, uint16_t port,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
if (fw_connection == FIREWALL_OR_CONNECTION) {
- return fascist_firewall_allows_address(addr, port,
+ return reachable_addr_allows(addr, port,
reachable_or_addr_policy,
pref_only, pref_ipv6);
} else if (fw_connection == FIREWALL_DIR_CONNECTION) {
- return fascist_firewall_allows_address(addr, port,
+ return reachable_addr_allows(addr, port,
reachable_dir_addr_policy,
pref_only, pref_ipv6);
} else {
@@ -550,15 +550,15 @@ fascist_firewall_allows_address_addr(const tor_addr_t *addr, uint16_t port,
/** Return true iff we think our firewall will let us make a connection to
* addr:port (ap). Uses ReachableORAddresses or ReachableDirAddresses based on
* fw_connection.
- * pref_only and pref_ipv6 work as in fascist_firewall_allows_address_addr().
+ * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
*/
static int
-fascist_firewall_allows_address_ap(const tor_addr_port_t *ap,
+reachable_addr_allows_ap(const tor_addr_port_t *ap,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
tor_assert(ap);
- return fascist_firewall_allows_address_addr(&ap->addr, ap->port,
+ return reachable_addr_allows_addr(&ap->addr, ap->port,
fw_connection, pref_only,
pref_ipv6);
}
@@ -567,17 +567,17 @@ fascist_firewall_allows_address_ap(const tor_addr_port_t *ap,
* ipv4h_addr/ipv6_addr. Uses ipv4_orport/ipv6_orport/ReachableORAddresses or
* ipv4_dirport/ipv6_dirport/ReachableDirAddresses based on IPv4/IPv6 and
* fw_connection.
- * pref_only and pref_ipv6 work as in fascist_firewall_allows_address_addr().
+ * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
*/
static int
-fascist_firewall_allows_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport,
+reachable_addr_allows_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport,
uint16_t ipv4_dirport,
const tor_addr_t *ipv6_addr, uint16_t ipv6_orport,
uint16_t ipv6_dirport,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
- if (fascist_firewall_allows_address_addr(ipv4_addr,
+ if (reachable_addr_allows_addr(ipv4_addr,
(fw_connection == FIREWALL_OR_CONNECTION
? ipv4_orport
: ipv4_dirport),
@@ -586,7 +586,7 @@ fascist_firewall_allows_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport,
return 1;
}
- if (fascist_firewall_allows_address_addr(ipv6_addr,
+ if (reachable_addr_allows_addr(ipv6_addr,
(fw_connection == FIREWALL_OR_CONNECTION
? ipv6_orport
: ipv6_dirport),
@@ -598,9 +598,9 @@ fascist_firewall_allows_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport,
return 0;
}
-/** Like fascist_firewall_allows_base(), but takes ri. */
+/** Like reachable_addr_allows_base(), but takes ri. */
static int
-fascist_firewall_allows_ri_impl(const routerinfo_t *ri,
+reachable_addr_allows_ri_impl(const routerinfo_t *ri,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
@@ -609,15 +609,15 @@ fascist_firewall_allows_ri_impl(const routerinfo_t *ri,
}
/* Assume IPv4 and IPv6 DirPorts are the same */
- return fascist_firewall_allows_base(&ri->ipv4_addr, ri->ipv4_orport,
+ return reachable_addr_allows_base(&ri->ipv4_addr, ri->ipv4_orport,
ri->ipv4_dirport, &ri->ipv6_addr,
ri->ipv6_orport, ri->ipv4_dirport,
fw_connection, pref_only, pref_ipv6);
}
-/** Like fascist_firewall_allows_rs, but takes pref_ipv6. */
+/** Like reachable_addr_allows_rs, but takes pref_ipv6. */
static int
-fascist_firewall_allows_rs_impl(const routerstatus_t *rs,
+reachable_addr_allows_rs_impl(const routerstatus_t *rs,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
@@ -626,20 +626,20 @@ fascist_firewall_allows_rs_impl(const routerstatus_t *rs,
}
/* Assume IPv4 and IPv6 DirPorts are the same */
- return fascist_firewall_allows_base(&rs->ipv4_addr, rs->ipv4_orport,
+ return reachable_addr_allows_base(&rs->ipv4_addr, rs->ipv4_orport,
rs->ipv4_dirport, &rs->ipv6_addr,
rs->ipv6_orport, rs->ipv4_dirport,
fw_connection, pref_only, pref_ipv6);
}
-/** Like fascist_firewall_allows_base(), but takes rs.
+/** Like reachable_addr_allows_base(), but takes rs.
* When rs is a fake_status from a dir_server_t, it can have a reachable
* address, even when the corresponding node does not.
* nodes can be missing addresses when there's no consensus (IPv4 and IPv6),
* or when there is a microdescriptor consensus, but no microdescriptors
* (microdescriptors have IPv6, the microdesc consensus does not). */
int
-fascist_firewall_allows_rs(const routerstatus_t *rs,
+reachable_addr_allows_rs(const routerstatus_t *rs,
firewall_connection_t fw_connection, int pref_only)
{
if (!rs) {
@@ -650,20 +650,20 @@ fascist_firewall_allows_rs(const routerstatus_t *rs,
* generic IPv6 preference instead. */
const or_options_t *options = get_options();
int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION
- ? fascist_firewall_prefer_ipv6_orport(options)
- : fascist_firewall_prefer_ipv6_dirport(options));
+ ? reachable_addr_prefer_ipv6_orport(options)
+ : reachable_addr_prefer_ipv6_dirport(options));
- return fascist_firewall_allows_rs_impl(rs, fw_connection, pref_only,
+ return reachable_addr_allows_rs_impl(rs, fw_connection, pref_only,
pref_ipv6);
}
/** Return true iff we think our firewall will let us make a connection to
* ipv6_addr:ipv6_orport based on ReachableORAddresses.
* If fw_connection is FIREWALL_DIR_CONNECTION, returns 0.
- * pref_only and pref_ipv6 work as in fascist_firewall_allows_address_addr().
+ * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
*/
static int
-fascist_firewall_allows_md_impl(const microdesc_t *md,
+reachable_addr_allows_md_impl(const microdesc_t *md,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
@@ -677,15 +677,15 @@ fascist_firewall_allows_md_impl(const microdesc_t *md,
}
/* Also can't check IPv4, doesn't have that either */
- return fascist_firewall_allows_address_addr(&md->ipv6_addr, md->ipv6_orport,
+ return reachable_addr_allows_addr(&md->ipv6_addr, md->ipv6_orport,
fw_connection, pref_only,
pref_ipv6);
}
-/** Like fascist_firewall_allows_base(), but takes node, and looks up pref_ipv6
+/** Like reachable_addr_allows_base(), but takes node, and looks up pref_ipv6
* from node_ipv6_or/dir_preferred(). */
int
-fascist_firewall_allows_node(const node_t *node,
+reachable_addr_allows_node(const node_t *node,
firewall_connection_t fw_connection,
int pref_only)
{
@@ -701,15 +701,15 @@ fascist_firewall_allows_node(const node_t *node,
/* Sometimes, the rs is missing the IPv6 address info, and we need to go
* all the way to the md */
- if (node->ri && fascist_firewall_allows_ri_impl(node->ri, fw_connection,
+ if (node->ri && reachable_addr_allows_ri_impl(node->ri, fw_connection,
pref_only, pref_ipv6)) {
return 1;
- } else if (node->rs && fascist_firewall_allows_rs_impl(node->rs,
+ } else if (node->rs && reachable_addr_allows_rs_impl(node->rs,
fw_connection,
pref_only,
pref_ipv6)) {
return 1;
- } else if (node->md && fascist_firewall_allows_md_impl(node->md,
+ } else if (node->md && reachable_addr_allows_md_impl(node->md,
fw_connection,
pref_only,
pref_ipv6)) {
@@ -721,9 +721,9 @@ fascist_firewall_allows_node(const node_t *node,
}
}
-/** Like fascist_firewall_allows_rs(), but takes ds. */
+/** Like reachable_addr_allows_rs(), but takes ds. */
int
-fascist_firewall_allows_dir_server(const dir_server_t *ds,
+reachable_addr_allows_dir_server(const dir_server_t *ds,
firewall_connection_t fw_connection,
int pref_only)
{
@@ -734,8 +734,8 @@ fascist_firewall_allows_dir_server(const dir_server_t *ds,
/* A dir_server_t always has a fake_status. As long as it has the same
* addresses/ports in both fake_status and dir_server_t, this works fine.
* (See #17867.)
- * fascist_firewall_allows_rs only checks the addresses in fake_status. */
- return fascist_firewall_allows_rs(&ds->fake_status, fw_connection,
+ * reachable_addr_allows_rs only checks the addresses in fake_status. */
+ return reachable_addr_allows_rs(&ds->fake_status, fw_connection,
pref_only);
}
@@ -743,10 +743,10 @@ fascist_firewall_allows_dir_server(const dir_server_t *ds,
* choose one based on want_a and return it.
* Otherwise, return whichever is allowed.
* Otherwise, return NULL.
- * pref_only and pref_ipv6 work as in fascist_firewall_allows_address_addr().
+ * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
*/
static const tor_addr_port_t *
-fascist_firewall_choose_address_impl(const tor_addr_port_t *a,
+reachable_addr_choose_impl(const tor_addr_port_t *a,
const tor_addr_port_t *b,
int want_a,
firewall_connection_t fw_connection,
@@ -755,12 +755,12 @@ fascist_firewall_choose_address_impl(const tor_addr_port_t *a,
const tor_addr_port_t *use_a = NULL;
const tor_addr_port_t *use_b = NULL;
- if (fascist_firewall_allows_address_ap(a, fw_connection, pref_only,
+ if (reachable_addr_allows_ap(a, fw_connection, pref_only,
pref_ipv6)) {
use_a = a;
}
- if (fascist_firewall_allows_address_ap(b, fw_connection, pref_only,
+ if (reachable_addr_allows_ap(b, fw_connection, pref_only,
pref_ipv6)) {
use_b = b;
}
@@ -784,13 +784,13 @@ fascist_firewall_choose_address_impl(const tor_addr_port_t *a,
* - Otherwise, return whichever is preferred.
* Otherwise, return NULL. */
STATIC const tor_addr_port_t *
-fascist_firewall_choose_address(const tor_addr_port_t *a,
+reachable_addr_choose(const tor_addr_port_t *a,
const tor_addr_port_t *b,
int want_a,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6)
{
- const tor_addr_port_t *pref = fascist_firewall_choose_address_impl(
+ const tor_addr_port_t *pref = reachable_addr_choose_impl(
a, b, want_a,
fw_connection,
1, pref_ipv6);
@@ -802,7 +802,7 @@ fascist_firewall_choose_address(const tor_addr_port_t *a,
} else {
/* If there's no preferred address, and we can return addresses that are
* not preferred, use an address that's allowed */
- return fascist_firewall_choose_address_impl(a, b, want_a, fw_connection,
+ return reachable_addr_choose_impl(a, b, want_a, fw_connection,
0, pref_ipv6);
}
}
@@ -817,7 +817,7 @@ fascist_firewall_choose_address(const tor_addr_port_t *a,
* If both addresses could be chosen (they are both preferred or both allowed)
* choose IPv6 if pref_ipv6 is true, otherwise choose IPv4. */
static void
-fascist_firewall_choose_address_base(const tor_addr_t *ipv4_addr,
+reachable_addr_choose_base(const tor_addr_t *ipv4_addr,
uint16_t ipv4_orport,
uint16_t ipv4_dirport,
const tor_addr_t *ipv6_addr,
@@ -849,7 +849,7 @@ fascist_firewall_choose_address_base(const tor_addr_t *ipv4_addr,
? ipv6_orport
: ipv6_dirport);
- result = fascist_firewall_choose_address(&ipv4_ap, &ipv6_ap,
+ result = reachable_addr_choose(&ipv4_ap, &ipv6_ap,
want_ipv4,
fw_connection, pref_only,
pref_ipv6);
@@ -860,13 +860,13 @@ fascist_firewall_choose_address_base(const tor_addr_t *ipv4_addr,
}
}
-/** Like fascist_firewall_choose_address_base(), but takes rs.
+/** Like reachable_addr_choose_base(), but takes rs.
* Consults the corresponding node, then falls back to rs if node is NULL.
* This should only happen when there's no valid consensus, and rs doesn't
* correspond to a bridge client's bridge.
*/
void
-fascist_firewall_choose_address_rs(const routerstatus_t *rs,
+reachable_addr_choose_from_rs(const routerstatus_t *rs,
firewall_connection_t fw_connection,
int pref_only, tor_addr_port_t* ap)
{
@@ -883,15 +883,15 @@ fascist_firewall_choose_address_rs(const routerstatus_t *rs,
const node_t *node = node_get_by_id(rs->identity_digest);
if (node) {
- fascist_firewall_choose_address_node(node, fw_connection, pref_only, ap);
+ reachable_addr_choose_from_node(node, fw_connection, pref_only, ap);
} else {
/* There's no node-specific IPv6 preference, so use the generic IPv6
* preference instead. */
int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION
- ? fascist_firewall_prefer_ipv6_orport(options)
- : fascist_firewall_prefer_ipv6_dirport(options));
+ ? reachable_addr_prefer_ipv6_orport(options)
+ : reachable_addr_prefer_ipv6_dirport(options));
- fascist_firewall_choose_address_base(&rs->ipv4_addr, rs->ipv4_orport,
+ reachable_addr_choose_base(&rs->ipv4_addr, rs->ipv4_orport,
rs->ipv4_dirport, &rs->ipv6_addr,
rs->ipv6_orport, rs->ipv4_dirport,
fw_connection, pref_only, pref_ipv6,
@@ -899,13 +899,13 @@ fascist_firewall_choose_address_rs(const routerstatus_t *rs,
}
}
-/** Like fascist_firewall_choose_address_base(), but takes in a smartlist
+/** Like reachable_addr_choose_base(), but takes in a smartlist
* lspecs consisting of one or more link specifiers. We assume
* fw_connection is FIREWALL_OR_CONNECTION as link specifiers cannot
* contain DirPorts.
*/
void
-fascist_firewall_choose_address_ls(const smartlist_t *lspecs,
+reachable_addr_choose_from_ls(const smartlist_t *lspecs,
int pref_only, tor_addr_port_t* ap)
{
int have_v4 = 0, have_v6 = 0;
@@ -967,20 +967,20 @@ fascist_firewall_choose_address_ls(const smartlist_t *lspecs,
/* Here, don't check for DirPorts as link specifiers are only used for
* ORPorts. */
const or_options_t *options = get_options();
- int pref_ipv6 = fascist_firewall_prefer_ipv6_orport(options);
+ int pref_ipv6 = reachable_addr_prefer_ipv6_orport(options);
/* Assume that the DirPorts are zero as link specifiers only use ORPorts. */
- fascist_firewall_choose_address_base(&addr_v4, port_v4, 0,
+ reachable_addr_choose_base(&addr_v4, port_v4, 0,
&addr_v6, port_v6, 0,
FIREWALL_OR_CONNECTION,
pref_only, pref_ipv6,
ap);
}
-/** Like fascist_firewall_choose_address_base(), but takes node, and
+/** Like reachable_addr_choose_base(), but takes node, and
* looks up the node's IPv6 preference rather than taking an argument
* for pref_ipv6. */
void
-fascist_firewall_choose_address_node(const node_t *node,
+reachable_addr_choose_from_node(const node_t *node,
firewall_connection_t fw_connection,
int pref_only, tor_addr_port_t *ap)
{
@@ -1010,16 +1010,16 @@ fascist_firewall_choose_address_node(const node_t *node,
node_get_pref_ipv6_dirport(node, &ipv6_dir_ap);
/* Assume the IPv6 OR and Dir addresses are the same. */
- fascist_firewall_choose_address_base(&ipv4_or_ap.addr, ipv4_or_ap.port,
+ reachable_addr_choose_base(&ipv4_or_ap.addr, ipv4_or_ap.port,
ipv4_dir_ap.port, &ipv6_or_ap.addr,
ipv6_or_ap.port, ipv6_dir_ap.port,
fw_connection, pref_only,
pref_ipv6_node, ap);
}
-/** Like fascist_firewall_choose_address_rs(), but takes ds. */
+/** Like reachable_addr_choose_from_rs(), but takes ds. */
void
-fascist_firewall_choose_address_dir_server(const dir_server_t *ds,
+reachable_addr_choose_from_dir_server(const dir_server_t *ds,
firewall_connection_t fw_connection,
int pref_only,
tor_addr_port_t *ap)
@@ -1036,9 +1036,9 @@ fascist_firewall_choose_address_dir_server(const dir_server_t *ds,
/* A dir_server_t always has a fake_status. As long as it has the same
* addresses/ports in both fake_status and dir_server_t, this works fine.
* (See #17867.)
- * This function relies on fascist_firewall_choose_address_rs looking up the
+ * This function relies on reachable_addr_choose_from_rs looking up the
* node if it can, because that will get the latest info for the relay. */
- fascist_firewall_choose_address_rs(&ds->fake_status, fw_connection,
+ reachable_addr_choose_from_rs(&ds->fake_status, fw_connection,
pref_only, ap);
}
diff --git a/src/core/or/policies.h b/src/core/or/policies.h
index 1ac6f87dcf..c8502a5516 100644
--- a/src/core/or/policies.h
+++ b/src/core/or/policies.h
@@ -69,34 +69,34 @@ typedef struct short_policy_t {
int firewall_is_fascist_or(void);
int firewall_is_fascist_dir(void);
-int fascist_firewall_use_ipv6(const or_options_t *options);
-int fascist_firewall_prefer_ipv6_orport(const or_options_t *options);
-int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options);
+int reachable_addr_use_ipv6(const or_options_t *options);
+int reachable_addr_prefer_ipv6_orport(const or_options_t *options);
+int reachable_addr_prefer_ipv6_dirport(const or_options_t *options);
-int fascist_firewall_allows_address_addr(const tor_addr_t *addr,
+int reachable_addr_allows_addr(const tor_addr_t *addr,
uint16_t port,
firewall_connection_t fw_connection,
int pref_only, int pref_ipv6);
-int fascist_firewall_allows_rs(const routerstatus_t *rs,
+int reachable_addr_allows_rs(const routerstatus_t *rs,
firewall_connection_t fw_connection,
int pref_only);
-int fascist_firewall_allows_node(const node_t *node,
+int reachable_addr_allows_node(const node_t *node,
firewall_connection_t fw_connection,
int pref_only);
-int fascist_firewall_allows_dir_server(const dir_server_t *ds,
+int reachable_addr_allows_dir_server(const dir_server_t *ds,
firewall_connection_t fw_connection,
int pref_only);
-void fascist_firewall_choose_address_rs(const routerstatus_t *rs,
+void reachable_addr_choose_from_rs(const routerstatus_t *rs,
firewall_connection_t fw_connection,
int pref_only, tor_addr_port_t* ap);
-void fascist_firewall_choose_address_ls(const smartlist_t *lspecs,
+void reachable_addr_choose_from_ls(const smartlist_t *lspecs,
int pref_only, tor_addr_port_t* ap);
-void fascist_firewall_choose_address_node(const node_t *node,
+void reachable_addr_choose_from_node(const node_t *node,
firewall_connection_t fw_connection,
int pref_only, tor_addr_port_t* ap);
-void fascist_firewall_choose_address_dir_server(const dir_server_t *ds,
+void reachable_addr_choose_from_dir_server(const dir_server_t *ds,
firewall_connection_t fw_connection,
int pref_only, tor_addr_port_t* ap);
@@ -173,11 +173,11 @@ addr_policy_result_t compare_tor_addr_to_short_policy(
#ifdef POLICIES_PRIVATE
STATIC void append_exit_policy_string(smartlist_t **policy, const char *more);
-STATIC int fascist_firewall_allows_address(const tor_addr_t *addr,
+STATIC int reachable_addr_allows(const tor_addr_t *addr,
uint16_t port,
smartlist_t *firewall_policy,
int pref_only, int pref_ipv6);
-STATIC const tor_addr_port_t * fascist_firewall_choose_address(
+STATIC const tor_addr_port_t * reachable_addr_choose(
const tor_addr_port_t *a,
const tor_addr_port_t *b,
int want_a,
diff --git a/src/feature/client/bridges.c b/src/feature/client/bridges.c
index 6892c4a25f..cc17e8fa67 100644
--- a/src/feature/client/bridges.c
+++ b/src/feature/client/bridges.c
@@ -654,7 +654,7 @@ launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
/* Until we get a descriptor for the bridge, we only know one address for
* it. */
- if (!fascist_firewall_allows_address_addr(&bridge->addr, bridge->port,
+ if (!reachable_addr_allows_addr(&bridge->addr, bridge->port,
FIREWALL_OR_CONNECTION, 0, 0)) {
log_notice(LD_CONFIG, "Tried to fetch a descriptor directly from a "
"bridge, but that bridge is not reachable through our "
@@ -746,7 +746,7 @@ fetch_bridge_descriptors(const or_options_t *options, time_t now)
!options->UpdateBridgesFromAuthority, !num_bridge_auths);
if (ask_bridge_directly &&
- !fascist_firewall_allows_address_addr(&bridge->addr, bridge->port,
+ !reachable_addr_allows_addr(&bridge->addr, bridge->port,
FIREWALL_OR_CONNECTION, 0,
0)) {
log_notice(LD_DIR, "Bridge at '%s' isn't reachable by our "
@@ -832,7 +832,7 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node)
!tor_addr_is_null(&node->ri->ipv6_addr));
} else {
/* Mark which address to use based on user preference */
- node->ipv6_preferred = (fascist_firewall_prefer_ipv6_orport(options) &&
+ node->ipv6_preferred = (reachable_addr_prefer_ipv6_orport(options) &&
!tor_addr_is_null(&node->ri->ipv6_addr));
}
@@ -889,7 +889,7 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node)
!tor_addr_is_null(&node->rs->ipv6_addr));
} else {
/* Mark which address to use based on user preference */
- node->ipv6_preferred = (fascist_firewall_prefer_ipv6_orport(options) &&
+ node->ipv6_preferred = (reachable_addr_prefer_ipv6_orport(options) &&
!tor_addr_is_null(&node->rs->ipv6_addr));
}
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 9b20684bf7..c51958acec 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -1466,7 +1466,7 @@ node_passes_guard_filter(const or_options_t *options,
!routerset_contains_node(options->EntryNodes, node))
return 0;
- if (!fascist_firewall_allows_node(node, FIREWALL_OR_CONNECTION, 0))
+ if (!reachable_addr_allows_node(node, FIREWALL_OR_CONNECTION, 0))
return 0;
if (node_is_a_configured_bridge(node))
@@ -1492,7 +1492,7 @@ bridge_passes_guard_filter(const or_options_t *options,
/* Ignore entrynodes */
const tor_addr_port_t *addrport = bridge_get_addr_port(bridge);
- if (!fascist_firewall_allows_address_addr(&addrport->addr,
+ if (!reachable_addr_allows_addr(&addrport->addr,
addrport->port,
FIREWALL_OR_CONNECTION,
0, 0))
diff --git a/src/feature/dirclient/dirclient.c b/src/feature/dirclient/dirclient.c
index 337fa4c965..f088ef8283 100644
--- a/src/feature/dirclient/dirclient.c
+++ b/src/feature/dirclient/dirclient.c
@@ -284,10 +284,10 @@ directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose,
}
if (purpose_needs_anonymity(dir_purpose, router_purpose, NULL)) {
indirection = DIRIND_ANONYMOUS;
- } else if (!fascist_firewall_allows_dir_server(ds,
+ } else if (!reachable_addr_allows_dir_server(ds,
FIREWALL_DIR_CONNECTION,
0)) {
- if (fascist_firewall_allows_dir_server(ds, FIREWALL_OR_CONNECTION, 0))
+ if (reachable_addr_allows_dir_server(ds, FIREWALL_OR_CONNECTION, 0))
indirection = DIRIND_ONEHOP;
else
indirection = DIRIND_ANONYMOUS;
@@ -487,7 +487,7 @@ directory_get_from_dirserver,(
tor_addr_port_t or_ap;
directory_request_t *req = directory_request_new(dir_purpose);
/* we are willing to use a non-preferred address if we need to */
- fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0,
+ reachable_addr_choose_from_node(node, FIREWALL_OR_CONNECTION, 0,
&or_ap);
directory_request_set_or_addr_port(req, &or_ap);
directory_request_set_directory_id_digest(req,
@@ -666,7 +666,7 @@ directory_choose_address_routerstatus(const routerstatus_t *status,
* Use the preferred address and port if they are reachable, otherwise,
* use the alternate address and port (if any).
*/
- fascist_firewall_choose_address_rs(status, FIREWALL_OR_CONNECTION, 0,
+ reachable_addr_choose_from_rs(status, FIREWALL_OR_CONNECTION, 0,
use_or_ap);
have_or = tor_addr_port_is_valid_ap(use_or_ap, 0);
}
@@ -677,7 +677,7 @@ directory_choose_address_routerstatus(const routerstatus_t *status,
indirection == DIRIND_ANON_DIRPORT ||
(indirection == DIRIND_ONEHOP
&& !dirclient_must_use_begindir(options))) {
- fascist_firewall_choose_address_rs(status, FIREWALL_DIR_CONNECTION, 0,
+ reachable_addr_choose_from_rs(status, FIREWALL_DIR_CONNECTION, 0,
use_dir_ap);
have_dir = tor_addr_port_is_valid_ap(use_dir_ap, 0);
}
@@ -921,7 +921,7 @@ directory_command_should_use_begindir(const or_options_t *options,
}
if (indirection == DIRIND_ONEHOP) {
/* We're firewalled and want a direct OR connection */
- if (!fascist_firewall_allows_address_addr(or_addr, or_port,
+ if (!reachable_addr_allows_addr(or_addr, or_port,
FIREWALL_OR_CONNECTION, 0, 0)) {
*reason = "ORPort not reachable";
return 0;
diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c
index 706b42529f..cbcb672140 100644
--- a/src/feature/hs/hs_common.c
+++ b/src/feature/hs/hs_common.c
@@ -1744,7 +1744,7 @@ hs_get_extend_info_from_lspecs(const smartlist_t *lspecs,
switch (link_specifier_get_ls_type(ls)) {
case LS_IPV4:
/* Skip if we already seen a v4. If direct_conn is true, we skip this
- * block because fascist_firewall_choose_address_ls() will set ap. If
+ * block because reachable_addr_choose_from_ls() will set ap. If
* direct_conn is false, set ap to the first IPv4 address and port in
* the link specifiers.*/
if (have_v4 || direct_conn) continue;
@@ -1776,7 +1776,7 @@ hs_get_extend_info_from_lspecs(const smartlist_t *lspecs,
/* Choose a preferred address first, but fall back to an allowed address. */
if (direct_conn)
- fascist_firewall_choose_address_ls(lspecs, 0, &ap);
+ reachable_addr_choose_from_ls(lspecs, 0, &ap);
/* Legacy ID is mandatory, and we require an IP address. */
if (!tor_addr_port_is_valid_ap(&ap, 0)) {
diff --git a/src/feature/nodelist/authcert.c b/src/feature/nodelist/authcert.c
index 26713d7149..c5b31be9e3 100644
--- a/src/feature/nodelist/authcert.c
+++ b/src/feature/nodelist/authcert.c
@@ -808,7 +808,7 @@ authority_certs_fetch_resource_impl(const char *resource,
/* clients always make OR connections to bridges */
tor_addr_port_t or_ap;
/* we are willing to use a non-preferred address if we need to */
- fascist_firewall_choose_address_node(node, FIREWALL_OR_CONNECTION, 0,
+ reachable_addr_choose_from_node(node, FIREWALL_OR_CONNECTION, 0,
&or_ap);
req = directory_request_new(DIR_PURPOSE_FETCH_CERTIFICATE);
diff --git a/src/feature/nodelist/node_select.c b/src/feature/nodelist/node_select.c
index a7c02f64d8..ecb70aef14 100644
--- a/src/feature/nodelist/node_select.c
+++ b/src/feature/nodelist/node_select.c
@@ -141,7 +141,7 @@ router_pick_dirserver_generic(smartlist_t *sourcelist,
#define RETRY_ALTERNATE_IP_VERSION(retry_label) \
STMT_BEGIN \
if (result == NULL && try_ip_pref && options->ClientUseIPv4 \
- && fascist_firewall_use_ipv6(options) && !server_mode(options) \
+ && reachable_addr_use_ipv6(options) && !server_mode(options) \
&& !n_busy) { \
n_excluded = 0; \
n_busy = 0; \
@@ -212,8 +212,8 @@ router_picked_poor_directory_log(const routerstatus_t *rs)
log_debug(LD_DIR, "Wanted to make an outgoing directory connection, but "
"we couldn't find a directory that fit our criteria. "
"Perhaps we will succeed next time with less strict criteria.");
- } else if (!fascist_firewall_allows_rs(rs, FIREWALL_OR_CONNECTION, 1)
- && !fascist_firewall_allows_rs(rs, FIREWALL_DIR_CONNECTION, 1)
+ } else if (!reachable_addr_allows_rs(rs, FIREWALL_OR_CONNECTION, 1)
+ && !reachable_addr_allows_rs(rs, FIREWALL_DIR_CONNECTION, 1)
) {
/* This is rare, and might be interesting to users trying to diagnose
* connection issues on dual-stack machines. */
@@ -374,12 +374,12 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags,
* we try routers that only have one address both times.)
*/
if (!fascistfirewall || skip_or_fw ||
- fascist_firewall_allows_node(node, FIREWALL_OR_CONNECTION,
+ reachable_addr_allows_node(node, FIREWALL_OR_CONNECTION,
try_ip_pref))
smartlist_add(is_trusted ? trusted_tunnel :
is_overloaded ? overloaded_tunnel : tunnel, (void*)node);
else if (!must_have_or && (skip_dir_fw ||
- fascist_firewall_allows_node(node, FIREWALL_DIR_CONNECTION,
+ reachable_addr_allows_node(node, FIREWALL_DIR_CONNECTION,
try_ip_pref)))
smartlist_add(is_trusted ? trusted_direct :
is_overloaded ? overloaded_direct : direct, (void*)node);
@@ -1162,11 +1162,11 @@ router_pick_trusteddirserver_impl(const smartlist_t *sourcelist,
* we try routers that only have one address both times.)
*/
if (!fascistfirewall || skip_or_fw ||
- fascist_firewall_allows_dir_server(d, FIREWALL_OR_CONNECTION,
+ reachable_addr_allows_dir_server(d, FIREWALL_OR_CONNECTION,
try_ip_pref))
smartlist_add(is_overloaded ? overloaded_tunnel : tunnel, (void*)d);
else if (!must_have_or && (skip_dir_fw ||
- fascist_firewall_allows_dir_server(d, FIREWALL_DIR_CONNECTION,
+ reachable_addr_allows_dir_server(d, FIREWALL_DIR_CONNECTION,
try_ip_pref)))
smartlist_add(is_overloaded ? overloaded_direct : direct, (void*)d);
}
diff --git a/src/feature/nodelist/nodelist.c b/src/feature/nodelist/nodelist.c
index c30684d2d8..7edc1fc51c 100644
--- a/src/feature/nodelist/nodelist.c
+++ b/src/feature/nodelist/nodelist.c
@@ -666,7 +666,7 @@ nodelist_set_consensus(const networkstatus_t *ns)
node->is_bad_exit = rs->is_bad_exit;
node->is_hs_dir = rs->is_hs_dir;
node->ipv6_preferred = 0;
- if (fascist_firewall_prefer_ipv6_orport(options) &&
+ if (reachable_addr_prefer_ipv6_orport(options) &&
(tor_addr_is_null(&rs->ipv6_addr) == 0 ||
(node->md && tor_addr_is_null(&node->md->ipv6_addr) == 0)))
node->ipv6_preferred = 1;
@@ -1704,7 +1704,7 @@ node_has_ipv6_dirport(const node_t *node)
* ii) the router has no IPv4 OR address.
*
* If you don't have a node, consider looking it up.
- * If there is no node, use fascist_firewall_prefer_ipv6_orport().
+ * If there is no node, use reachable_addr_prefer_ipv6_orport().
*/
int
node_ipv6_or_preferred(const node_t *node)
@@ -1714,10 +1714,10 @@ node_ipv6_or_preferred(const node_t *node)
node_assert_ok(node);
/* XX/teor - node->ipv6_preferred is set from
- * fascist_firewall_prefer_ipv6_orport() each time the consensus is loaded.
+ * reachable_addr_prefer_ipv6_orport() each time the consensus is loaded.
*/
node_get_prim_orport(node, &ipv4_addr);
- if (!fascist_firewall_use_ipv6(options)) {
+ if (!reachable_addr_use_ipv6(options)) {
return 0;
} else if (node->ipv6_preferred ||
!tor_addr_port_is_valid_ap(&ipv4_addr, 0)) {
@@ -1812,7 +1812,7 @@ node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
* or
* ii) our preference is for IPv6 Dir addresses.
*
- * If there is no node, use fascist_firewall_prefer_ipv6_dirport().
+ * If there is no node, use reachable_addr_prefer_ipv6_dirport().
*/
int
node_ipv6_dir_preferred(const node_t *node)
@@ -1821,15 +1821,15 @@ node_ipv6_dir_preferred(const node_t *node)
tor_addr_port_t ipv4_addr;
node_assert_ok(node);
- /* node->ipv6_preferred is set from fascist_firewall_prefer_ipv6_orport(),
+ /* node->ipv6_preferred is set from reachable_addr_prefer_ipv6_orport(),
* so we can't use it to determine DirPort IPv6 preference.
* This means that bridge clients will use IPv4 DirPorts by default.
*/
node_get_prim_dirport(node, &ipv4_addr);
- if (!fascist_firewall_use_ipv6(options)) {
+ if (!reachable_addr_use_ipv6(options)) {
return 0;
} else if (!tor_addr_port_is_valid_ap(&ipv4_addr, 0)
- || fascist_firewall_prefer_ipv6_dirport(get_options())) {
+ || reachable_addr_prefer_ipv6_dirport(get_options())) {
return node_has_ipv6_dirport(node);
}
return 0;
diff --git a/src/feature/nodelist/routerlist.c b/src/feature/nodelist/routerlist.c
index 72824f2dd2..9def90d8d5 100644
--- a/src/feature/nodelist/routerlist.c
+++ b/src/feature/nodelist/routerlist.c
@@ -539,7 +539,7 @@ routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
* - CRN_DIRECT_CONN: is suitable for direct connections. Checks
* for the relevant descriptors. Checks the address
* against ReachableAddresses, ClientUseIPv4 0, and
- * fascist_firewall_use_ipv6() == 0);
+ * reachable_addr_use_ipv6() == 0);
* - CRN_PREF_ADDR: if we are connecting directly to the node, it has
* an address that is preferred by the
* ClientPreferIPv6ORPort setting;
@@ -594,7 +594,7 @@ router_can_choose_node(const node_t *node, int flags)
return false;
/* Choose a node with an OR address that matches the firewall rules */
if (direct_conn && check_reach &&
- !fascist_firewall_allows_node(node,
+ !reachable_addr_allows_node(node,
FIREWALL_OR_CONNECTION,
pref_addr))
return false;
diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c
index 8e1a22fb39..68dd8f4f4a 100644
--- a/src/feature/rend/rendservice.c
+++ b/src/feature/rend/rendservice.c
@@ -1849,13 +1849,13 @@ rend_service_use_direct_connection(const or_options_t* options,
const extend_info_t* ei)
{
/* We'll connect directly all reachable addresses, whether preferred or not.
- * The prefer_ipv6 argument to fascist_firewall_allows_address_addr is
+ * The prefer_ipv6 argument to reachable_addr_allows_addr is
* ignored, because pref_only is 0. */
const tor_addr_port_t *ap = extend_info_get_orport(ei, AF_INET);
if (!ap)
return 0;
return (rend_service_allow_non_anonymous_connection(options) &&
- fascist_firewall_allows_address_addr(&ap->addr, ap->port,
+ reachable_addr_allows_addr(&ap->addr, ap->port,
FIREWALL_OR_CONNECTION, 0, 0));
}
@@ -1867,7 +1867,7 @@ rend_service_use_direct_connection_node(const or_options_t* options,
/* We'll connect directly all reachable addresses, whether preferred or not.
*/
return (rend_service_allow_non_anonymous_connection(options) &&
- fascist_firewall_allows_node(node, FIREWALL_OR_CONNECTION, 0));
+ reachable_addr_allows_node(node, FIREWALL_OR_CONNECTION, 0));
}
/******
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index 7da7ea66e4..589876db2a 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -322,7 +322,7 @@ test_node_preferred_orport(void *arg)
* ClientUseIPv4 is 0 */
mocked_options->ClientUseIPv4 = 0;
mocked_options->ClientUseIPv6 = 1;
- node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(mocked_options);
+ node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(mocked_options);
node_get_pref_orport(&node, &ap);
tt_assert(tor_addr_eq(&ap.addr, &ipv6_addr));
tt_assert(ap.port == ipv6_port);
diff --git a/src/test/test_policy.c b/src/test/test_policy.c
index 3559c0dda8..0a0548d161 100644
--- a/src/test/test_policy.c
+++ b/src/test/test_policy.c
@@ -1753,7 +1753,7 @@ test_policies_getinfo_helper_policies(void *arg)
#define OTHER_IPV4_ADDR_STR "6.7.8.9"
#define OTHER_IPV6_ADDR_STR "[afff::]"
-/** Run unit tests for fascist_firewall_allows_address */
+/** Run unit tests for reachable_addr_allows */
static void
test_policies_fascist_firewall_allows_address(void *arg)
{
@@ -1822,33 +1822,33 @@ test_policies_fascist_firewall_allows_address(void *arg)
mock_options.ClientUseIPv6 = 1;
mock_options.UseBridges = 0;
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* Preferring IPv4 */
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 1, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 1, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 1, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 1, 0),
OP_EQ, 0);
/* Preferring IPv6 */
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 1, 1),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 1, 1),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 1, 1),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 1, 1),
OP_EQ, 0);
/* Test the function's address matching with UseBridges on */
@@ -1857,45 +1857,45 @@ test_policies_fascist_firewall_allows_address(void *arg)
mock_options.ClientUseIPv6 = 1;
mock_options.UseBridges = 1;
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* Preferring IPv4 */
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 1, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 1, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 1, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 1, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 1, 0),
OP_EQ, 0);
/* Preferring IPv6 */
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 1, 1),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 1, 1),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 1, 1),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 1, 1),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 1, 1),
OP_EQ, 0);
/* bridge clients always use IPv6, regardless of ClientUseIPv6 */
mock_options.ClientUseIPv4 = 1;
mock_options.ClientUseIPv6 = 0;
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* Test the function's address matching with IPv4 on */
@@ -1904,13 +1904,13 @@ test_policies_fascist_firewall_allows_address(void *arg)
mock_options.ClientUseIPv6 = 0;
mock_options.UseBridges = 0;
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* Test the function's address matching with IPv6 on */
@@ -1919,13 +1919,13 @@ test_policies_fascist_firewall_allows_address(void *arg)
mock_options.ClientUseIPv6 = 1;
mock_options.UseBridges = 0;
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* Test the function's address matching with ClientUseIPv4 0.
@@ -1935,13 +1935,13 @@ test_policies_fascist_firewall_allows_address(void *arg)
mock_options.ClientUseIPv6 = 0;
mock_options.UseBridges = 0;
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&r_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&r_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&r_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* Test the function's address matching for unusual inputs */
@@ -1951,27 +1951,27 @@ test_policies_fascist_firewall_allows_address(void *arg)
mock_options.UseBridges = 1;
/* NULL and tor_addr_is_null addresses are rejected */
- tt_int_op(fascist_firewall_allows_address(NULL, port, policy, 0, 0), OP_EQ,
+ tt_int_op(reachable_addr_allows(NULL, port, policy, 0, 0), OP_EQ,
0);
- tt_int_op(fascist_firewall_allows_address(&n_ipv4_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&n_ipv4_addr, port, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&n_ipv6_addr, port, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&n_ipv6_addr, port, policy, 0, 0),
OP_EQ, 0);
/* zero ports are rejected */
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, 0, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, 0, policy, 0, 0),
OP_EQ, 0);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, 0, policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, 0, policy, 0, 0),
OP_EQ, 0);
/* NULL and empty policies accept everything */
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, NULL, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, NULL, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, NULL, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, NULL, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv4_addr, port, e_policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv4_addr, port, e_policy, 0, 0),
OP_EQ, 1);
- tt_int_op(fascist_firewall_allows_address(&ipv6_addr, port, e_policy, 0, 0),
+ tt_int_op(reachable_addr_allows(&ipv6_addr, port, e_policy, 0, 0),
OP_EQ, 1);
done:
@@ -1991,7 +1991,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
#define TEST_IPV6_OR_PORT 61234
#define TEST_IPV6_DIR_PORT 62345
-/* Check that fascist_firewall_choose_address_rs() returns the expected
+/* Check that reachable_addr_choose_from_rs() returns the expected
* results. */
#define CHECK_CHOSEN_ADDR_RS(fake_rs, fw_connection, pref_only, expect_rv, \
expect_ap) \
@@ -1999,13 +1999,13 @@ test_policies_fascist_firewall_allows_address(void *arg)
tor_addr_port_t chosen_rs_ap; \
tor_addr_make_null(&chosen_rs_ap.addr, AF_INET); \
chosen_rs_ap.port = 0; \
- fascist_firewall_choose_address_rs(&(fake_rs), (fw_connection), \
+ reachable_addr_choose_from_rs(&(fake_rs), (fw_connection), \
(pref_only), &chosen_rs_ap); \
tt_assert(tor_addr_eq(&(expect_ap).addr, &chosen_rs_ap.addr)); \
tt_int_op((expect_ap).port, OP_EQ, chosen_rs_ap.port); \
STMT_END
-/* Check that fascist_firewall_choose_address_node() returns the expected
+/* Check that reachable_addr_choose_from_node() returns the expected
* results. */
#define CHECK_CHOSEN_ADDR_NODE(fake_node, fw_connection, pref_only, \
expect_rv, expect_ap) \
@@ -2013,14 +2013,14 @@ test_policies_fascist_firewall_allows_address(void *arg)
tor_addr_port_t chosen_node_ap; \
tor_addr_make_null(&chosen_node_ap.addr, AF_INET); \
chosen_node_ap.port = 0; \
- fascist_firewall_choose_address_node(&(fake_node),(fw_connection), \
+ reachable_addr_choose_from_node(&(fake_node),(fw_connection), \
(pref_only), &chosen_node_ap); \
tt_assert(tor_addr_eq(&(expect_ap).addr, &chosen_node_ap.addr)); \
tt_int_op((expect_ap).port, OP_EQ, chosen_node_ap.port); \
STMT_END
-/* Check that fascist_firewall_choose_address_rs and
- * fascist_firewall_choose_address_node() both return the expected results. */
+/* Check that reachable_addr_choose_from_rs and
+ * reachable_addr_choose_from_node() both return the expected results. */
#define CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, fw_connection, pref_only, \
expect_rv, expect_ap) \
STMT_BEGIN \
@@ -2030,7 +2030,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
expect_ap); \
STMT_END
-/* Check that fascist_firewall_choose_address_ls() returns the expected
+/* Check that reachable_addr_choose_from_ls() returns the expected
* results. */
#define CHECK_CHOSEN_ADDR_NULL_LS() \
STMT_BEGIN \
@@ -2038,7 +2038,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
tor_addr_make_null(&chosen_ls_ap.addr, AF_UNSPEC); \
chosen_ls_ap.port = 0; \
setup_full_capture_of_logs(LOG_WARN); \
- fascist_firewall_choose_address_ls(NULL, 1, &chosen_ls_ap); \
+ reachable_addr_choose_from_ls(NULL, 1, &chosen_ls_ap); \
expect_single_log_msg("Unknown or missing link specifiers"); \
teardown_capture_of_logs(); \
STMT_END
@@ -2049,7 +2049,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
tor_addr_make_null(&chosen_ls_ap.addr, AF_UNSPEC); \
chosen_ls_ap.port = 0; \
setup_full_capture_of_logs(LOG_WARN); \
- fascist_firewall_choose_address_ls(fake_ls, pref_only, &chosen_ls_ap); \
+ reachable_addr_choose_from_ls(fake_ls, pref_only, &chosen_ls_ap); \
if (smartlist_len(fake_ls) == 0) { \
expect_single_log_msg("Link specifiers are empty"); \
} else { \
@@ -2066,7 +2066,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
tor_addr_make_null(&chosen_ls_ap.addr, AF_UNSPEC); \
chosen_ls_ap.port = 0; \
setup_full_capture_of_logs(LOG_WARN); \
- fascist_firewall_choose_address_ls(fake_ls, 0, &chosen_ls_ap); \
+ reachable_addr_choose_from_ls(fake_ls, 0, &chosen_ls_ap); \
expect_single_log_msg("None of our link specifiers have IPv4 or IPv6"); \
teardown_capture_of_logs(); \
STMT_END
@@ -2125,7 +2125,7 @@ test_policies_fascist_firewall_allows_address(void *arg)
teardown_capture_of_logs(); \
STMT_END
-/** Run unit tests for fascist_firewall_choose_address */
+/** Run unit tests for reachable_addr_choose */
static void
test_policies_fascist_firewall_choose_address(void *arg)
{
@@ -2153,87 +2153,87 @@ test_policies_fascist_firewall_choose_address(void *arg)
tor_addr_make_null(&n_ipv6_ap.addr, AF_INET6);
n_ipv6_ap.port = 0;
- /* Sanity check fascist_firewall_choose_address with IPv4 and IPv6 on */
+ /* Sanity check reachable_addr_choose with IPv4 and IPv6 on */
memset(&mock_options, 0, sizeof(or_options_t));
mock_options.ClientUseIPv4 = 1;
mock_options.ClientUseIPv6 = 1;
mock_options.UseBridges = 0;
/* Prefer IPv4 */
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 1,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 1,
FIREWALL_OR_CONNECTION, 0, 0)
== &ipv4_or_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 1,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 1,
FIREWALL_OR_CONNECTION, 1, 0)
== &ipv4_or_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &ipv6_dir_ap, 1,
+ tt_assert(reachable_addr_choose(&ipv4_dir_ap, &ipv6_dir_ap, 1,
FIREWALL_DIR_CONNECTION, 0, 0)
== &ipv4_dir_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &ipv6_dir_ap, 1,
+ tt_assert(reachable_addr_choose(&ipv4_dir_ap, &ipv6_dir_ap, 1,
FIREWALL_DIR_CONNECTION, 1, 0)
== &ipv4_dir_ap);
/* Prefer IPv6 */
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 0,
FIREWALL_OR_CONNECTION, 0, 1)
== &ipv6_or_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 0,
FIREWALL_OR_CONNECTION, 1, 1)
== &ipv6_or_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &ipv6_dir_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_dir_ap, &ipv6_dir_ap, 0,
FIREWALL_DIR_CONNECTION, 0, 1)
== &ipv6_dir_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &ipv6_dir_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_dir_ap, &ipv6_dir_ap, 0,
FIREWALL_DIR_CONNECTION, 1, 1)
== &ipv6_dir_ap);
/* Unusual inputs */
/* null preferred OR addresses */
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &n_ipv6_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &n_ipv6_ap, 0,
FIREWALL_OR_CONNECTION, 0, 1)
== &ipv4_or_ap);
- tt_assert(fascist_firewall_choose_address(&n_ipv4_ap, &ipv6_or_ap, 1,
+ tt_assert(reachable_addr_choose(&n_ipv4_ap, &ipv6_or_ap, 1,
FIREWALL_OR_CONNECTION, 0, 0)
== &ipv6_or_ap);
/* null both OR addresses */
- tt_ptr_op(fascist_firewall_choose_address(&n_ipv4_ap, &n_ipv6_ap, 0,
+ tt_ptr_op(reachable_addr_choose(&n_ipv4_ap, &n_ipv6_ap, 0,
FIREWALL_OR_CONNECTION, 0, 1),
OP_EQ, NULL);
- tt_ptr_op(fascist_firewall_choose_address(&n_ipv4_ap, &n_ipv6_ap, 1,
+ tt_ptr_op(reachable_addr_choose(&n_ipv4_ap, &n_ipv6_ap, 1,
FIREWALL_OR_CONNECTION, 0, 0),
OP_EQ, NULL);
/* null preferred Dir addresses */
- tt_assert(fascist_firewall_choose_address(&ipv4_dir_ap, &n_ipv6_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_dir_ap, &n_ipv6_ap, 0,
FIREWALL_DIR_CONNECTION, 0, 1)
== &ipv4_dir_ap);
- tt_assert(fascist_firewall_choose_address(&n_ipv4_ap, &ipv6_dir_ap, 1,
+ tt_assert(reachable_addr_choose(&n_ipv4_ap, &ipv6_dir_ap, 1,
FIREWALL_DIR_CONNECTION, 0, 0)
== &ipv6_dir_ap);
/* null both Dir addresses */
- tt_ptr_op(fascist_firewall_choose_address(&n_ipv4_ap, &n_ipv6_ap, 0,
+ tt_ptr_op(reachable_addr_choose(&n_ipv4_ap, &n_ipv6_ap, 0,
FIREWALL_DIR_CONNECTION, 0, 1),
OP_EQ, NULL);
- tt_ptr_op(fascist_firewall_choose_address(&n_ipv4_ap, &n_ipv6_ap, 1,
+ tt_ptr_op(reachable_addr_choose(&n_ipv4_ap, &n_ipv6_ap, 1,
FIREWALL_DIR_CONNECTION, 0, 0),
OP_EQ, NULL);
/* Prefer IPv4 but want IPv6 (contradictory) */
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 0,
FIREWALL_OR_CONNECTION, 0, 0)
== &ipv4_or_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 0,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 0,
FIREWALL_OR_CONNECTION, 1, 0)
== &ipv4_or_ap);
/* Prefer IPv6 but want IPv4 (contradictory) */
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 1,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 1,
FIREWALL_OR_CONNECTION, 0, 1)
== &ipv6_or_ap);
- tt_assert(fascist_firewall_choose_address(&ipv4_or_ap, &ipv6_or_ap, 1,
+ tt_assert(reachable_addr_choose(&ipv4_or_ap, &ipv6_or_ap, 1,
FIREWALL_OR_CONNECTION, 1, 1)
== &ipv6_or_ap);
@@ -2268,7 +2268,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = 0;
mock_options.ClientPreferIPv6DirPort = 0;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2284,7 +2284,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = -1;
mock_options.ClientPreferIPv6DirPort = -1;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2300,7 +2300,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = 1;
mock_options.ClientPreferIPv6DirPort = 1;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2316,7 +2316,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = 0;
mock_options.ClientPreferIPv6DirPort = 1;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2332,7 +2332,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = 1;
mock_options.ClientPreferIPv6DirPort = 0;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2354,7 +2354,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = 0;
mock_options.ClientPreferIPv6DirPort = 0;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2405,7 +2405,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6ORPort = 1;
mock_options.ClientPreferIPv6DirPort = 1;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2454,7 +2454,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientUseIPv4 = 1;
mock_options.ClientUseIPv6 = 0;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2471,7 +2471,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientUseIPv4 = 0;
mock_options.ClientUseIPv6 = 1;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2489,7 +2489,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientUseIPv4 = 0;
mock_options.ClientUseIPv6 = 0;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2511,7 +2511,7 @@ test_policies_fascist_firewall_choose_address(void *arg)
mock_options.ClientPreferIPv6DirPort = 1;
/* Simulate the initialisation of fake_node.ipv6_preferred */
- fake_node.ipv6_preferred = fascist_firewall_prefer_ipv6_orport(
+ fake_node.ipv6_preferred = reachable_addr_prefer_ipv6_orport(
&mock_options);
CHECK_CHOSEN_ADDR_RN(fake_rs, fake_node, FIREWALL_OR_CONNECTION, 0, 1,
@@ -2683,9 +2683,9 @@ struct testcase_t policy_tests[] = {
{ "reject_interface_address", test_policies_reject_interface_address, 0,
NULL, NULL },
{ "reject_port_address", test_policies_reject_port_address, 0, NULL, NULL },
- { "fascist_firewall_allows_address",
+ { "reachable_addr_allows",
test_policies_fascist_firewall_allows_address, 0, NULL, NULL },
- { "fascist_firewall_choose_address",
+ { "reachable_addr_choose",
test_policies_fascist_firewall_choose_address, 0, NULL, NULL },
END_OF_TESTCASES
};