diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 4f26a6b972..3b6231de87 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1087,23 +1087,38 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out) { addressmap_entry_t *ent; int rewrites; - char *cp; time_t expires = TIME_MAX; for (rewrites = 0; rewrites < 16; rewrites++) { + int exact_match = 0; + char *addr_orig = tor_strdup(escaped_safe_str_client(address)); + ent = strmap_get(addressmap, address); - if (!ent || !ent->new_address) + if (!ent || !ent->new_address) { ent = addressmap_match_superdomains(address); + } else { + if (ent->src_wildcard && !ent->dst_wildcard && + !strcasecmp(address, ent->new_address)) { + /* This is a rule like *.example.com example.com, and we just got + * "example.com" */ + tor_free(addr_orig); + if (expires_out) + *expires_out = expires; + return rewrites > 0; + } + + exact_match = 1; + } if (!ent || !ent->new_address) { + tor_free(addr_orig); if (expires_out) *expires_out = expires; return (rewrites > 0); /* done, no rewrite needed */ } - cp = tor_strdup(escaped_safe_str_client(address)); - if (ent->dst_wildcard) { + if (ent->dst_wildcard && !exact_match) { strlcat(address, ".", maxlen); strlcat(address, ent->new_address, maxlen); } else { @@ -1111,10 +1126,10 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out) } log_info(LD_APP, "Addressmap: rewriting %s to %s", - cp, escaped_safe_str_client(address)); + addr_orig, escaped_safe_str_client(address)); if (ent->expires > 1 && ent->expires < expires) expires = ent->expires; - tor_free(cp); + tor_free(addr_orig); } log_warn(LD_CONFIG, "Loop detected: we've rewritten %s 16 times! Using it as-is.",