mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
r18896@catbus: nickm | 2008-03-17 16:10:54 -0400
Fix bug in earlier bugfix. Note stupidness of allowing NULL policies at all. Disallow empty exit policies in router descriptors. svn:r14082
This commit is contained in:
parent
80ec9e51dd
commit
e17e6371d1
@ -466,11 +466,12 @@ $Id$
|
||||
|
||||
[Any number]
|
||||
|
||||
These lines describe an "exit policy": the rules that an OR follows when
|
||||
deciding whether to allow a new stream to a given address. The
|
||||
'exitpattern' syntax is described below. The rules are considered in
|
||||
order; if no rule matches, the address will be accepted. For clarity,
|
||||
the last such entry SHOULD be accept *:* or reject *:*.
|
||||
These lines describe an "exit policy": the rules that an OR follows
|
||||
when deciding whether to allow a new stream to a given address. The
|
||||
'exitpattern' syntax is described below. There MUST be at least one
|
||||
such entry. The rules are considered in order; if no rule matches,
|
||||
the address will be accepted. For clarity, the last such entry SHOULD
|
||||
be accept *:* or reject *:*.
|
||||
|
||||
"router-signature" NL Signature NL
|
||||
|
||||
|
@ -51,7 +51,7 @@ policy_expand_private(smartlist_t **policy)
|
||||
int i;
|
||||
smartlist_t *tmp;
|
||||
|
||||
if (!*policy)
|
||||
if (!*policy) /*XXXX021 disallow NULL policies */
|
||||
return;
|
||||
|
||||
tmp = smartlist_create();
|
||||
@ -530,10 +530,8 @@ compare_addr_to_addr_policy(uint32_t addr, uint16_t port,
|
||||
int match = 0;
|
||||
int maybe = 0;
|
||||
int i, len;
|
||||
if (!policy)
|
||||
return ADDR_POLICY_REJECTED;
|
||||
|
||||
len = smartlist_len(policy);
|
||||
len = policy ? smartlist_len(policy) : 0;
|
||||
|
||||
for (i = 0; i < len; ++i) {
|
||||
addr_policy_t *tmpe = smartlist_get(policy, i);
|
||||
@ -767,7 +765,7 @@ exit_policy_is_general_exit(smartlist_t *policy)
|
||||
static const int ports[] = { 80, 443, 6667 };
|
||||
int n_allowed = 0;
|
||||
int i;
|
||||
if (!policy)
|
||||
if (!policy) /*XXXX021 disallow NULL policies */
|
||||
return 0;
|
||||
|
||||
for (i = 0; i < 3; ++i) {
|
||||
@ -793,7 +791,7 @@ exit_policy_is_general_exit(smartlist_t *policy)
|
||||
int
|
||||
policy_is_reject_star(smartlist_t *policy)
|
||||
{
|
||||
if (!policy)
|
||||
if (!policy) /*XXXX021 disallow NULL policies */
|
||||
return 1;
|
||||
SMARTLIST_FOREACH(policy, addr_policy_t *, p, {
|
||||
if (p->policy_type == ADDR_POLICY_ACCEPT)
|
||||
|
@ -1272,6 +1272,10 @@ router_parse_entry_from_string(const char *s, const char *end,
|
||||
}
|
||||
|
||||
exit_policy_tokens = find_all_exitpolicy(tokens);
|
||||
if (!smartlist_len(exit_policy_tokens)) {
|
||||
log_warn(LD_DIR, "No exit policy tokens in descriptor.");
|
||||
goto err;
|
||||
}
|
||||
SMARTLIST_FOREACH(exit_policy_tokens, directory_token_t *, t,
|
||||
if (router_add_exit_policy(router,t)<0) {
|
||||
log_warn(LD_DIR,"Error in exit policy");
|
||||
|
Loading…
Reference in New Issue
Block a user