|
Tor
0.4.7.0-alpha-dev
|
The addressmap module manages the processes by which we rewrite addresses in client requess. It handles the MapAddress controller and torrc commands, and the TrackHostExits feature, and the client-side DNS cache (deprecated). More...
#include "lib/crypt_ops/crypto_rand.h"#include "core/or/or.h"#include "feature/client/addressmap.h"#include "core/or/circuituse.h"#include "app/config/config.h"#include "core/or/connection_edge.h"#include "feature/control/control_events.h"#include "feature/nodelist/nodelist.h"#include "feature/nodelist/routerset.h"#include "core/or/entry_connection_st.h"Go to the source code of this file.
Data Structures | |
| struct | addressmap_entry_t |
| struct | virtaddress_entry_t |
Macros | |
| #define | ADDRESSMAP_PRIVATE |
| #define | addressmap_ent_free(ent) FREE_AND_NULL(addressmap_entry_t, addressmap_ent_free_, (ent)) |
| #define | addressmap_virtaddress_ent_free(ent) FREE_AND_NULL(virtaddress_entry_t, addressmap_virtaddress_ent_free_, (ent)) |
Functions | |
| void | addressmap_init (void) |
| static void | addressmap_ent_free_ (addressmap_entry_t *ent) |
| static void | addressmap_ent_free_void (void *ent) |
| static void | addressmap_virtaddress_ent_free_ (virtaddress_entry_t *ent) |
| static void | addressmap_virtaddress_ent_free_void (void *ent) |
| static void | addressmap_virtaddress_remove (const char *address, addressmap_entry_t *ent) |
| static void | addressmap_ent_remove (const char *address, addressmap_entry_t *ent) |
| void | clear_trackexithost_mappings (const char *exitname) |
| void | addressmap_clear_excluded_trackexithosts (const or_options_t *options) |
| int | addressmap_address_should_automap (const char *address, const or_options_t *options) |
| void | addressmap_clear_invalid_automaps (const or_options_t *options) |
| void | addressmap_clear_configured (void) |
| void | addressmap_clear_transient (void) |
| void | addressmap_clean (time_t now) |
| void | addressmap_free_all (void) |
| static addressmap_entry_t * | addressmap_match_superdomains (char *address) |
| int | addressmap_rewrite (char *address, size_t maxlen, unsigned flags, time_t *expires_out, addressmap_entry_source_t *exit_source_out) |
| int | addressmap_rewrite_reverse (char *address, size_t maxlen, unsigned flags, time_t *expires_out) |
| int | addressmap_have_mapping (const char *address, int update_expiry) |
| void | addressmap_register (const char *address, char *new_address, time_t expires, addressmap_entry_source_t source, const int wildcard_addr, const int wildcard_new_addr, uint64_t stream_id) |
| int | client_dns_incr_failures (const char *address) |
| void | client_dns_clear_failures (const char *address) |
| static void | client_dns_set_addressmap_impl (entry_connection_t *for_conn, const char *address, const char *name, const char *exitname, int ttl) |
| void | client_dns_set_addressmap (entry_connection_t *for_conn, const char *address, const tor_addr_t *val, const char *exitname, int ttl) |
| void | client_dns_set_reverse_addressmap (entry_connection_t *for_conn, const char *address, const char *v, const char *exitname, int ttl) |
| int | parse_virtual_addr_network (const char *val, sa_family_t family, int validate_only, char **msg) |
| int | address_is_in_virtual_range (const char *address) |
| STATIC void | get_random_virtual_addr (const virtual_addr_conf_t *conf, tor_addr_t *addr_out) |
| static char * | addressmap_get_virtual_address (int type) |
| const char * | addressmap_register_virtual_address (int type, char *new_address) |
| int | address_is_invalid_destination (const char *address, int client) |
| void | addressmap_get_mappings (smartlist_t *sl, time_t min_expires, time_t max_expires, int want_expiry) |
Variables | |
| static strmap_t * | addressmap =NULL |
| static strmap_t * | virtaddress_reversemap =NULL |
| static virtual_addr_conf_t | virtaddr_conf_ipv4 |
| static virtual_addr_conf_t | virtaddr_conf_ipv6 |
The addressmap module manages the processes by which we rewrite addresses in client requess. It handles the MapAddress controller and torrc commands, and the TrackHostExits feature, and the client-side DNS cache (deprecated).
Definition in file addressmap.c.
| int address_is_in_virtual_range | ( | const char * | address | ) |
Return true iff addr is likely to have been returned by client_dns_get_unused_address.
Definition at line 860 of file addressmap.c.
Referenced by addressmap_virtaddress_remove().
| int address_is_invalid_destination | ( | const char * | address, |
| int | client | ||
| ) |
Return 1 if address has funny characters in it like colons. Return 0 if it's fine, or if we're configured to allow it anyway. client should be true if we're using this address as a client; false if we're using it as a server.
Definition at line 1082 of file addressmap.c.
Referenced by address_is_invalid_mapaddress_target(), and addressmap_register_auto().
| int addressmap_address_should_automap | ( | const char * | address, |
| const or_options_t * | options | ||
| ) |
Return true iff address is one that we are configured to automap on resolve according to options.
Definition at line 249 of file addressmap.c.
| void addressmap_clean | ( | time_t | now | ) |
Clean out entries from the addressmap cache that were added long enough ago that they are no longer valid.
Definition at line 320 of file addressmap.c.
Referenced by circuit_expire_old_circs_as_needed().
| void addressmap_clear_configured | ( | void | ) |
Remove all entries from the addressmap that were set via the configuration file or the command line.
Definition at line 304 of file addressmap.c.
Referenced by config_register_addressmaps().
| void addressmap_clear_excluded_trackexithosts | ( | const or_options_t * | options | ) |
Remove all TRACKEXIT mappings from the addressmap for which the target host is unknown or no longer allowed, or for which the source address is no longer in trackexithosts.
Definition at line 197 of file addressmap.c.
| void addressmap_clear_invalid_automaps | ( | const or_options_t * | options | ) |
Remove all AUTOMAP mappings from the addressmap for which the source address no longer matches AutomapHostsSuffixes, which is no longer allowed by AutomapHostsOnResolve, or for which the target address is no longer in the virtual network.
Definition at line 271 of file addressmap.c.
| void addressmap_clear_transient | ( | void | ) |
Remove all entries from the addressmap that are set to expire, ever.
Definition at line 311 of file addressmap.c.
|
static |
Free the memory associated with the addressmap entry _ent.
Definition at line 101 of file addressmap.c.
|
static |
Remove ent (which must be mapped to by address) from the client address maps, and then free it.
Definition at line 165 of file addressmap.c.
Referenced by addressmap_get_mappings(), and addressmap_register().
| void addressmap_free_all | ( | void | ) |
Free all the elements in the addressmap, and free the addressmap itself.
Definition at line 328 of file addressmap.c.
| void addressmap_get_mappings | ( | smartlist_t * | sl, |
| time_t | min_expires, | ||
| time_t | max_expires, | ||
| int | want_expiry | ||
| ) |
Iterate over all address mappings which have expiry times between min_expires and max_expires, inclusive. If sl is provided, add an "old-addr new-addr expiry" string to sl for each mapping, omitting the expiry time if want_expiry is false. If sl is NULL, remove the mappings.
Definition at line 1119 of file addressmap.c.
Referenced by addressmap_clean(), addressmap_clear_configured(), and addressmap_clear_transient().
|
static |
Return a newly allocated string holding an address of type (one of RESOLVED_TYPE_{IPV4|IPV6|HOSTNAME}) that has not yet been mapped, and that is very unlikely to be the address of any real host.
May return NULL if we have run out of virtual addresses.
Definition at line 925 of file addressmap.c.
| int addressmap_have_mapping | ( | const char * | address, |
| int | update_expiry | ||
| ) |
Return 1 if address is already registered, else return 0. If address is already registered, and update_expires is non-zero, then update the expiry time on the mapping with update_expires if it is a mapping created by TrackHostExits.
Definition at line 544 of file addressmap.c.
Referenced by process_socks4_request().
| void addressmap_init | ( | void | ) |
Initialize addressmap.
Definition at line 90 of file addressmap.c.
Referenced by addressmap_get_mappings(), and tor_init().
|
static |
Try to find a match for AddressMap expressions that use wildcard notation such as '*.c.d *.e.f' (so 'a.c.d' will map to 'a.e.f') or '*.c.d a.b.c' (so 'a.c.d' will map to a.b.c). Return the matching entry in AddressMap or NULL if no match is found. For expressions such as '*.c.d *.e.f', truncate address 'a.c.d' to 'a' before we return the matching AddressMap entry.
This function does not handle the case where a pattern of the form "*.c.d" matches the address c.d – that's done by the main addressmap_rewrite function.
Definition at line 349 of file addressmap.c.
| void addressmap_register | ( | const char * | address, |
| char * | new_address, | ||
| time_t | expires, | ||
| addressmap_entry_source_t | source, | ||
| const int | wildcard_addr, | ||
| const int | wildcard_new_addr, | ||
| uint64_t | stream_id | ||
| ) |
Register a request to map address to new_address, which will expire on expires (or 0 if never expires from config file, 1 if never expires from controller, 2 if never expires (virtual address mapping) from the controller.)
new_address should be a newly dup'ed string, which we'll use or free as appropriate. We will leave address alone.
If wildcard_addr is true, then the mapping will match any address equal to address, or any address ending with a period followed by address. If wildcard_addr and wildcard_new_addr are both true, the mapping will rewrite addresses that end with ".<b>address</b>" into ones that end with ".<b>new_address</b>".
If new_address is NULL, or new_address is equal to address and wildcard_addr is equal to wildcard_new_addr, remove any mappings that exist from address.
It is an error to set wildcard_new_addr if wildcard_addr is not set.
Definition at line 576 of file addressmap.c.
Referenced by addressmap_register_auto(), and client_dns_set_addressmap_impl().
| const char* addressmap_register_virtual_address | ( | int | type, |
| char * | new_address | ||
| ) |
A controller has requested that we map some address of type type to the address new_address. Choose an address that is unlikely to be used, and map it, and return it in a newly allocated string. If another address of the same type is already mapped to new_address, try to return a copy of that address.
The string in new_address may be freed or inserted into a map as appropriate. May return NULL if are out of virtual addresses.
Definition at line 1000 of file addressmap.c.
| int addressmap_rewrite | ( | char * | address, |
| size_t | maxlen, | ||
| unsigned | flags, | ||
| time_t * | expires_out, | ||
| addressmap_entry_source_t * | exit_source_out | ||
| ) |
Look at address, and rewrite it until it doesn't want any more rewrites; but don't get into an infinite loop. Don't write more than maxlen chars into address. Return true if the address changed; false otherwise. Set *expires_out to the expiry time of the result, or to time_max if the result does not expire.
If exit_source_out is non-null, we set it as follows. If we the address starts out as a non-exit address, and we remap it to an .exit address at any point, then set *exit_source_out to the address_entry_source_t of the first such rule. Set *exit_source_out to ADDRMAPSRC_NONE if there is no such rewrite, or if the original address was a .exit.
Definition at line 383 of file addressmap.c.
| int addressmap_rewrite_reverse | ( | char * | address, |
| size_t | maxlen, | ||
| unsigned | flags, | ||
| time_t * | expires_out | ||
| ) |
If we have a cached reverse DNS entry for the address stored in the maxlen-byte buffer address (typically, a dotted quad) then rewrite to the cached value and return 1. Otherwise return 0. Set *expires_out to the expiry time of the result, or to time_max if the result does not expire.
Definition at line 503 of file addressmap.c.
|
static |
Free storage held by a virtaddress_entry_t* entry in _ent.
Definition at line 121 of file addressmap.c.
|
static |
Remove address (which must map to ent) from the virtual address map.
Definition at line 140 of file addressmap.c.
Referenced by addressmap_ent_remove().
| void clear_trackexithost_mappings | ( | const char * | exitname | ) |
Unregister all TrackHostExits mappings from any address to *.exitname.exit.
Definition at line 174 of file addressmap.c.
| void client_dns_clear_failures | ( | const char * | address | ) |
If address is in the client DNS addressmap, reset the number of resolve failures we have on record for it. This is used when we fail a stream because it won't resolve: otherwise future attempts on that address will only try once.
Definition at line 660 of file addressmap.c.
| int client_dns_incr_failures | ( | const char * | address | ) |
An attempt to resolve address failed at some OR. Increment the number of resolve failures we have on record for it, and then return that number.
Definition at line 638 of file addressmap.c.
| void client_dns_set_addressmap | ( | entry_connection_t * | for_conn, |
| const char * | address, | ||
| const tor_addr_t * | val, | ||
| const char * | exitname, | ||
| int | ttl | ||
| ) |
Record the fact that address resolved to val. We can now use this in subsequent streams via addressmap_rewrite() so we can more correctly choose an exit that will allow address.
If exitname is defined, then append the addresses with ".exitname.exit" before registering the mapping.
If ttl is nonnegative, the mapping will be valid for ttlseconds; otherwise, we use the default.
Definition at line 728 of file addressmap.c.
|
static |
Record the fact that address resolved to name. We can now use this in subsequent streams via addressmap_rewrite() so we can more correctly choose an exit that will allow address.
If exitname is defined, then append the addresses with ".exitname.exit" before registering the mapping.
If ttl is nonnegative, the mapping will be valid for ttlseconds; otherwise, we use the default.
Definition at line 678 of file addressmap.c.
Referenced by client_dns_set_addressmap().
| void client_dns_set_reverse_addressmap | ( | entry_connection_t * | for_conn, |
| const char * | address, | ||
| const char * | v, | ||
| const char * | exitname, | ||
| int | ttl | ||
| ) |
Add a cache entry noting that address (ordinarily a dotted quad) resolved via a RESOLVE_PTR request to the hostname v.
If exitname is defined, then append the addresses with ".exitname.exit" before registering the mapping.
If ttl is nonnegative, the mapping will be valid for ttlseconds; otherwise, we use the default.
Definition at line 767 of file addressmap.c.
| STATIC void get_random_virtual_addr | ( | const virtual_addr_conf_t * | conf, |
| tor_addr_t * | addr_out | ||
| ) |
Return a random address conforming to the virtual address configuration in conf.
Definition at line 879 of file addressmap.c.
| int parse_virtual_addr_network | ( | const char * | val, |
| sa_family_t | family, | ||
| int | validate_only, | ||
| char ** | msg | ||
| ) |
Read a netmask of the form 127.192.0.0/10 from "val", and check whether it's a valid set of virtual addresses to hand out in response to MAPADDRESS requests. Return 0 on success; set *msg (if provided) to a newly allocated string and return -1 on failure. If validate_only is false, sets the actual virtual address range to the parsed value.
Definition at line 802 of file addressmap.c.
|
static |
A hash table to store client-side address rewrite instructions.
Definition at line 74 of file addressmap.c.
Referenced by addressmap_clear_excluded_trackexithosts(), addressmap_clear_invalid_automaps(), addressmap_get_mappings(), addressmap_have_mapping(), addressmap_init(), addressmap_match_superdomains(), addressmap_register(), clear_trackexithost_mappings(), client_dns_clear_failures(), and client_dns_incr_failures().
|
static |
Table mapping addresses to which virtual address, if any, we assigned them to.
We maintain the following invariant: if [A,B] is in virtaddress_reversemap, then B must be a virtual address, and [A,B] must be in addressmap. We do not require that the converse hold: if it fails, then we could end up mapping two virtual addresses to the same address, which is no disaster.
Definition at line 86 of file addressmap.c.
Referenced by addressmap_init(), and addressmap_virtaddress_remove().
1.9.1