[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Allow MapAddress and Automap to work together



commit 9d0fab9872807ef212fadb3feb299cf6309a185f
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Tue Apr 8 18:02:03 2014 -0400

    Allow MapAddress and Automap to work together
    
    The trick here is to apply mapaddress first, and only then apply
    automapping.  Otherwise, the automap checks don't get done.
    
    Fix for bug 7555; bugfix on all versions of Tor supporting both
    MapAddress and AutoMap.
---
 changes/bug7555           |    5 +++++
 src/or/addressmap.c       |   36 +++++++++++++++++++++++++++++-------
 src/or/addressmap.h       |    7 +++++--
 src/or/connection_edge.c  |   17 +++++++++++++++--
 src/test/test_config.c    |    3 +--
 src/test/test_entryconn.c |    8 +++-----
 6 files changed, 58 insertions(+), 18 deletions(-)

diff --git a/changes/bug7555 b/changes/bug7555
new file mode 100644
index 0000000..a43ff73
--- /dev/null
+++ b/changes/bug7555
@@ -0,0 +1,5 @@
+  o Major bugfixes (client):
+    - Allow MapAddress and AutomapHostsOnResolve to work together when an
+      address is mapped into another address type that must be
+      automapped at resolve time.  Fixes bug 7555; bugfix on
+      0.2.0.1-alpha.
diff --git a/src/or/addressmap.c b/src/or/addressmap.c
index 0f417e6..ea01894 100644
--- a/src/or/addressmap.c
+++ b/src/or/addressmap.c
@@ -390,13 +390,35 @@ addressmap_rewrite(char *address, size_t maxlen,
       goto done;
     }
 
-    if (ent && ent->source == ADDRMAPSRC_DNS) {
-      sa_family_t f;
-      tor_addr_t tmp;
-      f = tor_addr_parse(&tmp, ent->new_address);
-      if (f == AF_INET && !(flags & AMR_FLAG_USE_IPV4_DNS))
-        goto done;
-      else if (f == AF_INET6 && !(flags & AMR_FLAG_USE_IPV6_DNS))
+    switch (ent->source) {
+      case ADDRMAPSRC_DNS:
+        {
+          sa_family_t f;
+          tor_addr_t tmp;
+          f = tor_addr_parse(&tmp, ent->new_address);
+          if (f == AF_INET && !(flags & AMR_FLAG_USE_IPV4_DNS))
+            goto done;
+          else if (f == AF_INET6 && !(flags & AMR_FLAG_USE_IPV6_DNS))
+            goto done;
+        }
+        break;
+      case ADDRMAPSRC_CONTROLLER:
+      case ADDRMAPSRC_TORRC:
+        if (!(flags & AMR_FLAG_USE_MAPADDRESS))
+          goto done;
+        break;
+      case ADDRMAPSRC_AUTOMAP:
+        if (!(flags & AMR_FLAG_USE_AUTOMAP))
+          goto done;
+        break;
+      case ADDRMAPSRC_TRACKEXIT:
+        if (!(flags & AMR_FLAG_USE_TRACKEXIT))
+          goto done;
+        break;
+      case ADDRMAPSRC_NONE:
+      default:
+        log_warn(LD_BUG, "Unknown addrmap source value %d. Ignoring it.",
+                 (int) ent->source);
         goto done;
     }
 
diff --git a/src/or/addressmap.h b/src/or/addressmap.h
index bb737e4..ff108df 100644
--- a/src/or/addressmap.h
+++ b/src/or/addressmap.h
@@ -16,8 +16,11 @@ void addressmap_clean(time_t now);
 void addressmap_clear_configured(void);
 void addressmap_clear_transient(void);
 void addressmap_free_all(void);
-#define AMR_FLAG_USE_IPV4_DNS (1u<<0)
-#define AMR_FLAG_USE_IPV6_DNS (1u<<1)
+#define AMR_FLAG_USE_IPV4_DNS   (1u<<0)
+#define AMR_FLAG_USE_IPV6_DNS   (1u<<1)
+#define AMR_FLAG_USE_MAPADDRESS (1u<<2)
+#define AMR_FLAG_USE_AUTOMAP    (1u<<3)
+#define AMR_FLAG_USE_TRACKEXIT  (1u<<4)
 int addressmap_rewrite(char *address, size_t maxlen, unsigned flags,
                        time_t *expires_out,
                        addressmap_entry_source_t *exit_source_out);
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index ca99a86..7a77f5e 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -946,6 +946,15 @@ connection_ap_handshake_rewrite(entry_connection_t *conn,
   if (! conn->original_dest_address)
     conn->original_dest_address = tor_strdup(conn->socks_request->address);
 
+  if (socks->command != SOCKS_COMMAND_RESOLVE_PTR) {
+    const unsigned rewrite_flags = AMR_FLAG_USE_MAPADDRESS;
+    if (addressmap_rewrite(socks->address, sizeof(socks->address),
+                       rewrite_flags, &out->map_expires, &out->exit_source)) {
+      control_event_stream_status(conn, STREAM_EVENT_REMAP,
+                                  REMAP_STREAM_SOURCE_CACHE);
+    }
+  }
+
   if (socks->command == SOCKS_COMMAND_RESOLVE &&
       tor_addr_parse(&addr_tmp, socks->address)<0 &&
       options->AutomapHostsOnResolve) {
@@ -1014,16 +1023,20 @@ connection_ap_handshake_rewrite(entry_connection_t *conn,
     }
   } else if (!out->automap) {
     /* For address map controls, remap the address. */
-    unsigned rewrite_flags = 0;
+    unsigned rewrite_flags = AMR_FLAG_USE_AUTOMAP | AMR_FLAG_USE_TRACKEXIT;
+    addressmap_entry_source_t exit_source2;
     if (conn->use_cached_ipv4_answers)
       rewrite_flags |= AMR_FLAG_USE_IPV4_DNS;
     if (conn->use_cached_ipv6_answers)
       rewrite_flags |= AMR_FLAG_USE_IPV6_DNS;
     if (addressmap_rewrite(socks->address, sizeof(socks->address),
-                           rewrite_flags, &out->map_expires, &out->exit_source)) {
+                        rewrite_flags, &out->map_expires, &exit_source2)) {
       control_event_stream_status(conn, STREAM_EVENT_REMAP,
                                   REMAP_STREAM_SOURCE_CACHE);
     }
+    if (out->exit_source == ADDRMAPSRC_NONE) {
+      out->exit_source = exit_source2;
+    }
   }
 
   if (!out->automap && address_is_in_virtual_range(socks->address)) {
diff --git a/src/test/test_config.c b/src/test/test_config.c
index fb8e402..b1f5017 100644
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@ -51,8 +51,7 @@ test_config_addressmap(void *arg)
 
 /* Use old interface for now, so we don't need to rewrite the unit tests */
 #define addressmap_rewrite(a,s,eo,ao)                                   \
-  addressmap_rewrite((a),(s),AMR_FLAG_USE_IPV4_DNS|AMR_FLAG_USE_IPV6_DNS, \
-                     (eo),(ao))
+  addressmap_rewrite((a),(s), ~0, (eo),(ao))
 
   /* MapAddress .invalidwildcard.com .torserver.exit  - no match */
   strlcpy(address, "www.invalidwildcard.com", sizeof(address));
diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c
index fefd2ea..0d0f2b0 100644
--- a/src/test/test_entryconn.c
+++ b/src/test/test_entryconn.c
@@ -643,7 +643,6 @@ test_entryconn_rewrite_mapaddress_automap_onion(void *arg)
   connection_free_(ENTRY_TO_CONN(ec4));
 }
 
-#if 0
 /* This fails because of #7555 */
 /* This time is the same, but we start with a mapping from a non-onion
  * address. */
@@ -654,6 +653,7 @@ test_entryconn_rewrite_mapaddress_automap_onion2(void *arg)
   entry_connection_t *ec2 = NULL;
   entry_connection_t *ec3 = NULL;
   rewrite_result_t rr;
+  char *msg = NULL;
 
   ec2 = entry_connection_new(CONN_TYPE_AP, AF_INET);
   ec3 = entry_connection_new(CONN_TYPE_AP, AF_INET);
@@ -662,6 +662,7 @@ test_entryconn_rewrite_mapaddress_automap_onion2(void *arg)
   get_options_mutable()->AllowDotExit = 1;
   smartlist_add(get_options_mutable()->AutomapHostsSuffixes,
                 tor_strdup(".onion"));
+  parse_virtual_addr_network("192.168.0.0/16", AF_INET, 0, &msg);
   config_line_append(&get_options_mutable()->AddressMap,
                      "MapAddress", "irc.example.com abcdefghijklmnop.onion");
   config_register_addressmaps(get_options());
@@ -708,7 +709,6 @@ test_entryconn_rewrite_mapaddress_automap_onion2(void *arg)
   connection_free_(ENTRY_TO_CONN(ec2));
   connection_free_(ENTRY_TO_CONN(ec3));
 }
-#endif
 
 #define REWRITE(name)                           \
   { #name, test_entryconn_##name, TT_FORK, &test_rewrite_setup, NULL }
@@ -727,10 +727,8 @@ struct testcase_t entryconn_tests[] = {
   REWRITE(rewrite_automap_exit),
   REWRITE(rewrite_mapaddress_exit),
   REWRITE(rewrite_mapaddress_automap_onion),
-  /*
-    This fails because of #7555
   REWRITE(rewrite_mapaddress_automap_onion2),
-  */
+
   END_OF_TESTCASES
 };
 



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits