Line data    Source code

       1             : /* Copyright (c) 2018-2021, The Tor Project, Inc. */
       2             : /* See LICENSE for licensing information */
       3             : 
       4             : /**
       5             :  * \file address_set.c
       6             :  * \brief Implementation for a set of addresses.
       7             :  *
       8             :  * This module was first written on a semi-emergency basis to improve the
       9             :  * robustness of the anti-DoS module.  As such, it's written in a pretty
      10             :  * conservative way, and should be susceptible to improvement later on.
      11             :  **/
      12             : 
      13             : #include "orconfig.h"
      14             : #include "core/or/address_set.h"
      15             : #include "lib/net/address.h"
      16             : #include "lib/container/bloomfilt.h"
      17             : #include "lib/crypt_ops/crypto_rand.h"
      18             : 
      19             : /** Wrap our hash function to have the signature that the bloom filter
      20             :  * needs. */
      21             : static uint64_t
      22       13554 : bloomfilt_addr_hash(const struct sipkey *key,
      23             :                     const void *item)
      24             : {
      25       13554 :   return tor_addr_keyed_hash(key, item);
      26             : }
      27             : 
      28             : /**
      29             :  * Allocate and return an address_set, suitable for holding up to
      30             :  * <b>max_address_guess</b> distinct values.
      31             :  */
      32             : address_set_t *
      33          42 : address_set_new(int max_addresses_guess)
      34             : {
      35          42 :   uint8_t k[BLOOMFILT_KEY_LEN];
      36          42 :   crypto_rand((void*)k, sizeof(k));
      37          42 :   return bloomfilt_new(max_addresses_guess, bloomfilt_addr_hash, k);
      38             : }
      39             : 
      40             : /**
      41             :  * Add <b>addr</b> to <b>set</b>.
      42             :  *
      43             :  * All future queries for <b>addr</b> in set will return true. Removing
      44             :  * items is not possible.
      45             :  */
      46             : void
      47        6753 : address_set_add(address_set_t *set, const struct tor_addr_t *addr)
      48             : {
      49        6753 :   bloomfilt_add(set, addr);
      50        6753 : }
      51             : 
      52             : /** As address_set_add(), but take an ipv4 address in host order. */
      53             : void
      54           1 : address_set_add_ipv4h(address_set_t *set, uint32_t addr)
      55             : {
      56           1 :   tor_addr_t a;
      57           1 :   tor_addr_from_ipv4h(&a, addr);
      58           1 :   address_set_add(set, &a);
      59           1 : }
      60             : 
      61             : /**
      62             :  * Return true if <b>addr</b> is a member of <b>set</b>.  (And probably,
      63             :  * return false if <b>addr</b> is not a member of set.)
      64             :  */
      65             : int
      66          24 : address_set_probably_contains(const address_set_t *set,
      67             :                               const struct tor_addr_t *addr)
      68             : {
      69          24 :   return bloomfilt_probably_contains(set, addr);
      70             : }