[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] obey exit policies for addresses too
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or
Modified Files:
or.h routers.c
Log Message:
obey exit policies for addresses too
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.158
retrieving revision 1.159
diff -u -d -r1.158 -r1.159
--- or.h 7 Oct 2003 16:30:05 -0000 1.158
+++ or.h 7 Oct 2003 22:18:14 -0000 1.159
@@ -421,6 +421,7 @@
char *RouterFile;
char *Nickname;
char *Address;
+ char *ExitPolicy;
double CoinWeight;
int Daemon;
int ORPort;
Index: routers.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routers.c,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -d -r1.72 -r1.73
--- routers.c 7 Oct 2003 22:15:47 -0000 1.72
+++ routers.c 7 Oct 2003 22:18:14 -0000 1.73
@@ -1038,6 +1038,7 @@
*/
int router_compare_to_exit_policy(connection_t *conn) {
struct exit_policy_t *tmpe;
+ struct in_addr in;
assert(desc_routerinfo);
@@ -1045,10 +1046,14 @@
assert(tmpe->address);
assert(tmpe->port);
- /* Totally ignore the address field of the exit policy, for now. */
-
- if(!strcmp(tmpe->port,"*") || atoi(tmpe->port) == conn->port) {
- log_fn(LOG_INFO,"Port '%s' matches '%d'. %s.",
+ if(inet_aton(tmpe->address,&in) == 0) { /* malformed IP. reject. */
+ log_fn(LOG_WARNING,"Malformed IP %s in exit policy. Rejecting.",tmpe->address);
+ return -1;
+ }
+ if(conn->addr == ntohl(in.s_addr) &&
+ (!strcmp(tmpe->port,"*") || atoi(tmpe->port) == conn->port)) {
+ log_fn(LOG_INFO,"Address '%s' matches '%s' and port '%s' matches '%d'. %s.",
+ tmpe->address, conn->address,
tmpe->port, conn->port,
tmpe->policy_type == EXIT_POLICY_ACCEPT ? "Accepting" : "Rejecting");
if(tmpe->policy_type == EXIT_POLICY_ACCEPT)
@@ -1057,7 +1062,6 @@
return -1;
}
}
-
return 0; /* accept all by default. */
}