Sebastian Hahn
1e49c908f7
Speed up the execution of exit_policy_is_general_exit_helper()
...
It isn't necessary to walk through all possible subnets when the policy
we're looking at doesn't touch that subnet.
2010-02-09 09:10:07 +01:00
Sebastian Hahn
20422cde2b
0/8 doesn't count as a /8 subnet towards an Exit flag
2010-02-08 16:46:22 +01:00
Nick Mathewson
ba0c9e5d03
Trivial doc fix for exit_policy_is_general_exit_helper
...
The original comment said what it did if there was at least one /8 that
allowed access to the port, but not what it did otherwise.
2010-02-03 00:12:31 -05:00
Sebastian Hahn
03bd98b3b1
Don't assign Exit flag incorrectly
...
exit_policy_is_general_exit() assumed that there are no redundancies
in the passed policy, in the sense that we actively combine entries
in the policy to really get rid of any redundancy. Since we cannot
do that without massively rewriting the policy lines the relay
operators set, fix exit_policy_is_general_exit().
Fixes bug 1238, discovered by Martin Kowalczyk.
2010-02-03 05:44:00 +01:00
Roger Dingledine
f22c063067
remove redundant validate_addr_policies() checks
2010-01-15 15:56:53 -05:00
Sebastian Hahn
3807db001d
*_free functions now accept NULL
...
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Karsten Loesing
56c2385157
Fix bug 1113.
...
Bridges do not use the default exit policy, but reject *:* by default.
2009-10-27 01:03:41 -07:00
Nick Mathewson
20193fc7ab
Avoid a memory corruption problem related to "private" in DirPolicy.
...
This is a posible fix for bug 996.
2009-06-05 19:41:40 -04:00
Nick Mathewson
ec7e054668
Spell-check Tor.
2009-05-27 17:55:51 -04:00
Karsten Loesing
9b32e8c141
Update copyright to 2009.
2009-05-04 11:28:27 -04:00
Nick Mathewson
d40cbda2cd
Log cached-at-exit exit policies to try to fix bug 672.
...
svn:r18827
2009-03-09 15:53:37 +00:00
Nick Mathewson
c4b8fef362
Remove svn $Id$s from our source, and remove tor --version --version.
...
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
46f8ef8116
Switch address comparisons in policies to be exact rather than semantic. Until we do ipv6 exit policies and until we know whether we even allow ::ffff:0:0/96 addresses, there is no point in doing "semantic" comparisons. This was also showing up on oprofile.
...
svn:r17803
2008-12-29 01:47:33 +00:00
Nick Mathewson
870fd18b8f
Refactor some exit-policy-related functions that showed up in oprofile.
...
Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop. Rearrange
router_find_exact_exit_enclave() to run a little faster. Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.
svn:r17802
2008-12-29 01:47:28 +00:00
Nick Mathewson
1e5f457461
Fix most DOCDOCs remaining and/or added by redox.
...
svn:r17734
2008-12-22 17:53:04 +00:00
Nick Mathewson
1725c0c8a5
Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
...
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
122170c1d3
Downlgrade tweak, and answer lots of XXX021s. No actual code fixes in this patch.
...
svn:r17686
2008-12-18 16:11:24 +00:00
Nick Mathewson
6e3de8530e
Remove bug 811/845 debugging code
...
svn:r17199
2008-11-07 01:50:37 +00:00
Nick Mathewson
7b45d530b0
Add some debugging logs for bug 811/845.
...
svn:r17186
2008-11-03 15:46:05 +00:00
Roger Dingledine
2d95accc75
Allow ports 465 and 587 in the default exit policy again. We had
...
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.
svn:r16898
2008-09-13 10:04:42 +00:00
Nick Mathewson
aacda9cd8e
We should not alter an addr_policy_t that has been canonicalized.
...
svn:r16802
2008-09-09 03:48:01 +00:00
Nick Mathewson
d5b2dab31d
Fix a malloc that should have been a tor_malloc
...
svn:r16780
2008-09-05 20:53:39 +00:00
Nick Mathewson
0b8117a5c0
Fix numerous memory leaks: some were almost impossible to trigger, and some almost inevitable.
...
svn:r16779
2008-09-05 20:52:15 +00:00
Peter Palfrader
e8de3ff54d
If we are lucky the whitespace nazis will not have noticed these things yet
...
svn:r16549
2008-08-14 18:01:20 +00:00
Peter Palfrader
ff32708d0e
Having a reject-all policy summarized with a lack of summary is stupid. Explicitly mention them as reject 1-65535.
...
svn:r16543
2008-08-14 12:37:50 +00:00
Peter Palfrader
91f654f2ff
This bunch of functions really should be static
...
svn:r16535
2008-08-14 11:24:03 +00:00
Peter Palfrader
171a7d4b0f
Fix an overflow when counting rejects for *, truncate exit summaries after 1000 chars
...
svn:r16530
2008-08-13 19:25:18 +00:00
Peter Palfrader
adcea0f332
Think of the poor children in Antarctica who still have to work on 4" screens
...
svn:r16528
2008-08-13 12:46:13 +00:00
Peter Palfrader
c4e8fe11db
Also special case "accept 1-65535" case, do not leak in non-exit case
...
svn:r16526
2008-08-13 12:46:00 +00:00
Peter Palfrader
8ef2fe4b37
Return NULL for policies that do not allow any exits
...
svn:r16525
2008-08-13 12:45:53 +00:00
Peter Palfrader
4a74b9a7df
Fix condition statement for accept items, fix two asserts
...
svn:r16524
2008-08-13 12:45:44 +00:00
Peter Palfrader
34e083dde1
Make sure we don't run off the end of the list
...
svn:r16523
2008-08-13 12:45:34 +00:00
Peter Palfrader
b2344a9e4d
Move policy_summarize() prototype to or.h
...
svn:r16522
2008-08-13 12:45:28 +00:00
Peter Palfrader
49a616e0fa
Create string representation of exit summaries
...
svn:r16521
2008-08-13 12:45:23 +00:00
Peter Palfrader
7eaf5bd848
Nickm says I'm going to hell, but if I write that in a comment he might just save my soul
...
svn:r16520
2008-08-13 12:45:15 +00:00
Peter Palfrader
1adc12546e
implement policy_summary_accept and policy_summary_reject together with a set of helpers
...
svn:r16519
2008-08-13 12:45:09 +00:00
Peter Palfrader
f5adde1a17
Start with exit policy summaries
...
svn:r16518
2008-08-13 12:45:01 +00:00
Nick Mathewson
960a0f0a99
r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
...
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types. Most of the Tor wire formats using these new types are in, but the code to generate and use it is not. This is a big patch. Let me know what it breaks for you.
svn:r16435
2008-08-05 20:08:19 +00:00
Karsten Loesing
ee44eadf4c
Fix a bug when generating router descriptors: The address part of exit policies was uninitialized.
...
svn:r16372
2008-08-03 12:43:18 +00:00
Nick Mathewson
056d97da0c
r17391@pc-10-8-1-079: nickm | 2008-07-25 17:11:17 +0200
...
Tor_addr_compare did a semantic comparison, such that ::1.2.3.4 and 1.2.3.4 were "equal". we sometimes need an exact comparison. Add a feature to do that.
svn:r16210
2008-07-25 15:11:21 +00:00
Nick Mathewson
3ce6e2fba2
r17346@aud-055: nickm | 2008-07-24 15:37:19 +0200
...
Make generic address manipulation functions work better. Switch address policy code to use tor_addr_t, so it can handle IPv6. That is a good place to start.
svn:r16178
2008-07-24 13:44:04 +00:00
Nick Mathewson
d02d6660a8
r15308@tombo: nickm | 2008-04-23 16:46:48 -0400
...
Free baddir and badexit policy lists on exit. fixes bug 672. only affects authorities.
svn:r14431
2008-04-23 20:47:53 +00:00
Nick Mathewson
02acee891c
r19089@catbus: nickm | 2008-03-27 11:05:23 -0400
...
Free some static hashtables and the log mutex on exit. Backport candidate.
svn:r14212
2008-03-27 15:05:28 +00:00
Nick Mathewson
944bd3dbed
r19074@catbus: nickm | 2008-03-26 17:08:32 -0400
...
Start new address policies with refcount of 1, not 2. Backport candidate once tested more.
svn:r14204
2008-03-26 21:08:39 +00:00
Nick Mathewson
e17e6371d1
r18896@catbus: nickm | 2008-03-17 16:10:54 -0400
...
Fix bug in earlier bugfix. Note stupidness of allowing NULL policies at all. Disallow empty exit policies in router descriptors.
svn:r14082
2008-03-17 20:10:57 +00:00
Nick Mathewson
9a24158c69
r18880@catbus: nickm | 2008-03-17 12:51:24 -0400
...
Fix policy-related crash bug found by lodger.
svn:r14077
2008-03-17 16:51:48 +00:00
Nick Mathewson
842a33ff20
Update some copyright notices: it is now 2008.
...
svn:r13412
2008-02-07 05:31:47 +00:00
Nick Mathewson
a869574c56
r17947@catbus: nickm | 2008-02-06 11:57:53 -0500
...
Fix a bunch of DOCDOC items; document the --quiet flag; refactor a couple of XXXX020 items.
svn:r13405
2008-02-06 16:58:05 +00:00
Nick Mathewson
e09c207c3c
r17910@catbus: nickm | 2008-02-05 15:36:29 -0500
...
Check for correctness of AuthDir* options in options_validate; check for possible bugs where options_validate() is happy but parse_policies_from_options() is sad.
svn:r13384
2008-02-05 21:39:32 +00:00
Roger Dingledine
e67f23f897
weasel was worried there was a leak here. i don't think there
...
is. but i could be wrong.
svn:r13248
2008-01-24 01:14:50 +00:00
Nick Mathewson
3b8f76aa51
r17611@catbus: nickm | 2008-01-14 13:44:16 -0500
...
add some missing checks for failing return values.
svn:r13130
2008-01-14 19:00:23 +00:00
Nick Mathewson
705b4670d3
r17580@catbus: nickm | 2008-01-11 20:40:30 -0500
...
Fix policies.c build on gcc 4.2 with warnings.
svn:r13112
2008-01-12 05:52:59 +00:00
Nick Mathewson
11fff225fa
r15779@tombo: nickm | 2008-01-01 23:43:24 -0500
...
Use reference-counting to avoid allocating a zillion little addr_policy_t objects. (This is an old patch that had been sitting on my hard drive for a while.)
svn:r13017
2008-01-02 04:43:44 +00:00
Nick Mathewson
d2fe8542df
r17232@catbus: nickm | 2007-12-18 16:22:10 -0500
...
Whitespace fix.
svn:r12857
2007-12-18 21:27:10 +00:00
Roger Dingledine
1d8a8063b9
clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc
...
svn:r12786
2007-12-12 21:09:01 +00:00
Roger Dingledine
ee6ae92670
New config options AuthDirBadDir and AuthDirListBadDirs for
...
authorities to mark certain relays as "bad directories" in the
networkstatus documents. Also supports the "!baddir" directive in
the approved-routers file.
svn:r12754
2007-12-10 16:49:54 +00:00
Roger Dingledine
30e1a862e7
r12617 broke the compile
...
svn:r12618
2007-11-30 23:32:25 +00:00
Nick Mathewson
f061994487
r16881@catbus: nickm | 2007-11-30 15:07:42 -0500
...
Do not keep a string representation of every single addr_policy_t lying around. This might save a few hundred K.
svn:r12617
2007-11-30 20:09:09 +00:00
Roger Dingledine
42b8fb5a15
Exit policies now reject connections that are addressed to a
...
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
svn:r12459
2007-11-10 21:17:51 +00:00
Nick Mathewson
4a240552c4
r13834@catbus: nickm | 2007-07-19 15:40:42 -0400
...
Another patch from croup: drop support for address masks that do not correspond to bit prefixes. Nobody has used this for a while, and we have given warnings for a long time.
svn:r10881
2007-07-19 19:40:45 +00:00
Nick Mathewson
5adfa09fce
r13477@catbus: nickm | 2007-06-17 14:22:03 -0400
...
Sun CC likes to give warnings for the do { } while(0) construction for making statement-like macros. Define STMT_BEGIN/STMT_END macros that do the right thing, and use them everywhere.
svn:r10645
2007-06-17 18:22:39 +00:00
Roger Dingledine
0c047b87f5
polish r9933-r9994
...
svn:r10335
2007-05-25 19:41:31 +00:00
Nick Mathewson
b4bd9f772c
r12771@catbus: nickm | 2007-05-16 18:12:32 -0400
...
Make -Wstrict-overflow=5 happy with GCC 4.2. It is kind of a pain, but it does agood job of letting us know where we can make our code better by simplifying dependent conditionals.
svn:r10201
2007-05-16 22:16:13 +00:00
Nick Mathewson
d2893398f6
r11832@catbus: nickm | 2007-02-16 15:31:59 -0500
...
Fix 35 remaining DOCDOC comments. Yowza.
svn:r9596
2007-02-16 20:39:37 +00:00
Nick Mathewson
11e5656ab7
r11826@catbus: nickm | 2007-02-16 14:58:38 -0500
...
Resolve 56 DOCDOC comments.
svn:r9594
2007-02-16 20:01:02 +00:00
Nick Mathewson
759c58151e
r11775@catbus: nickm | 2007-02-12 16:39:09 -0500
...
Update copyright dates.
svn:r9570
2007-02-12 21:39:53 +00:00
Nick Mathewson
fefba95363
r11629@catbus: nickm | 2007-02-02 15:06:17 -0500
...
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were. Oops. Hey, kids! Fixing some of these could be your first Tor patch!
svn:r9477
2007-02-02 20:06:43 +00:00
Nick Mathewson
c54b7c4d56
r11761@Kushana: nickm | 2006-12-29 15:45:56 -0500
...
Another cleanup: expand_exit_policy_aliases was totally redundant with respect to router_parse_[private_]addr_policy_private.
svn:r9219
2006-12-29 20:50:24 +00:00
Nick Mathewson
2741dd5741
r11755@Kushana: nickm | 2006-12-29 11:49:20 -0500
...
Calculate the length of policy strings correctly again.
svn:r9215
2006-12-29 16:49:33 +00:00
Nick Mathewson
7cfdac1bf6
r11737@Kushana: nickm | 2006-12-28 18:32:13 -0500
...
Remove some dead code; refactor some duplicated code.
svn:r9206
2006-12-29 02:49:12 +00:00
Roger Dingledine
e66b6f0d50
Reject *:563 (NTTPS) in the default exit policy. We already reject
...
NNTP by default, so this seems like a sensible addition.
(suggested by bug 331)
svn:r9149
2006-12-18 08:25:34 +00:00
Nick Mathewson
cf04e1e6e7
r11479@Kushana: nickm | 2006-12-07 23:38:54 -0500
...
Refactor GETINFO into a table-driven dispatch, as suggested by arma. My brain hurts.
svn:r9052
2006-12-08 04:39:13 +00:00
Nick Mathewson
42bab1c6d3
r9318@Kushana: nickm | 2006-10-22 15:22:57 -0400
...
Let directory authorities set the BadExit flag if they like. Also, refactor directory authority code so we can believe multiple things about a single router, and do fewer linear searches.
svn:r8794
2006-10-23 03:48:42 +00:00
Roger Dingledine
96a4cb1dfa
touchups
...
svn:r8558
2006-10-01 04:55:12 +00:00
Nick Mathewson
6a1746f98f
r8877@Kushana: nickm | 2006-09-21 17:12:33 -0400
...
Consider non-exit servers unsuitable for RESOLVE commands.
svn:r8442
2006-09-21 21:48:42 +00:00
Nick Mathewson
d273d52979
r8876@Kushana: nickm | 2006-09-21 16:58:46 -0400
...
Trivial cleanup: !!x is a weird way to spell x != NULL.
svn:r8441
2006-09-21 21:48:37 +00:00
Roger Dingledine
88dadc917c
bugfix in exit_policy_is_general_exit() that weasel found.
...
this time for sure!
svn:r6617
2006-06-13 10:48:26 +00:00
Roger Dingledine
31b51849b5
export the default exit policy via the control port, so controllers
...
don't need to guess what it is / will be later.
svn:r6615
2006-06-13 09:16:09 +00:00
Roger Dingledine
19408cf8d7
reintroduce the logic to exit_policy_is_general_exit() to count
...
how many ports are allowd. require two ports open, not just one.
svn:r6609
2006-06-13 02:48:06 +00:00
Peter Palfrader
cce8ae1190
Make the Exit tag in status documents actually work in head too
...
svn:r6608
2006-06-12 22:03:25 +00:00
Nick Mathewson
5d466b7611
Fix a couple of things that make GCC complain with verbose warnings on. Also, fix some whitespace.
...
svn:r6317
2006-04-08 05:43:52 +00:00
Roger Dingledine
6f08d121d9
Refactor and consolidate addr/exit policies into a new policies.c.
...
Fix some minor bugs and memory leaks along the way.
svn:r6246
2006-03-27 02:25:34 +00:00