Tor  0.4.5.0-alpha-dev
policies.c
Go to the documentation of this file.
1 /* Copyright (c) 2001-2004, Roger Dingledine.
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2020, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
6 /**
7  * \file policies.c
8  * \brief Code to parse and use address policies and exit policies.
9  *
10  * We have two key kinds of address policy: full and compressed. A full
11  * policy is an array of accept/reject patterns, to be applied in order.
12  * A short policy is simply a list of ports. This module handles both
13  * kinds, including generic functions to apply them to addresses, and
14  * also including code to manage the global policies that we apply to
15  * incoming and outgoing connections.
16  **/
17 
18 #define POLICIES_PRIVATE
19 
20 #include "core/or/or.h"
21 #include "feature/client/bridges.h"
22 #include "app/config/config.h"
23 #include "core/or/policies.h"
28 #include "feature/relay/router.h"
30 #include "lib/geoip/geoip.h"
31 #include "ht.h"
33 #include "lib/encoding/confline.h"
34 #include "trunnel/ed25519_cert.h"
35 
36 #include "core/or/addr_policy_st.h"
40 #include "core/or/port_cfg_st.h"
43 
44 /** Maximum length of an exit policy summary. */
45 #define MAX_EXITPOLICY_SUMMARY_LEN 1000
46 
47 /** Policy that addresses for incoming SOCKS connections must match. */
48 static smartlist_t *socks_policy = NULL;
49 /** Policy that addresses for incoming directory connections must match. */
50 static smartlist_t *dir_policy = NULL;
51 /** Policy that addresses for incoming router descriptors must match in order
52  * to be published by us. */
54 /** Policy that addresses for incoming router descriptors must match in order
55  * to be marked as valid in our networkstatus. */
57 /** Policy that addresses for incoming router descriptors must <b>not</b>
58  * match in order to not be marked as BadExit. */
60 
61 /** Parsed addr_policy_t describing which addresses we believe we can start
62  * circuits at. */
64 /** Parsed addr_policy_t describing which addresses we believe we can connect
65  * to directories at. */
67 
68 /** Element of an exit policy summary */
69 typedef struct policy_summary_item_t {
70  uint16_t prt_min; /**< Lowest port number to accept/reject. */
71  uint16_t prt_max; /**< Highest port number to accept/reject. */
72  uint64_t reject_count; /**< Number of IP-Addresses that are rejected to
73  this port range. */
74  unsigned int accepted:1; /** Has this port already been accepted */
76 
77 /** Private networks. This list is used in two places, once to expand the
78  * "private" keyword when parsing our own exit policy, secondly to ignore
79  * just such networks when building exit policy summaries. It is important
80  * that all authorities agree on that list when creating summaries, so don't
81  * just change this without a proper migration plan and a proposal and stuff.
82  */
83 static const char *private_nets[] = {
84  "0.0.0.0/8", "169.254.0.0/16",
85  "127.0.0.0/8", "192.168.0.0/16", "10.0.0.0/8", "172.16.0.0/12",
86  "[::]/8",
87  "[fc00::]/7", "[fe80::]/10", "[fec0::]/10", "[ff00::]/8", "[::]/127",
88  NULL
89 };
90 
92  config_line_t *cfg,
93  smartlist_t **dest,
94  int ipv6_exit,
95  int rejectprivate,
96  const smartlist_t *configured_addresses,
97  int reject_interface_addresses,
98  int reject_configured_port_addresses,
99  int add_default_policy,
100  int add_reduced_policy);
101 
102 /** Replace all "private" entries in *<b>policy</b> with their expanded
103  * equivalents. */
104 void
106 {
107  uint16_t port_min, port_max;
108 
109  int i;
110  smartlist_t *tmp;
111 
112  if (!*policy) /*XXXX disallow NULL policies? */
113  return;
114 
115  tmp = smartlist_new();
116 
117  SMARTLIST_FOREACH_BEGIN(*policy, addr_policy_t *, p) {
118  if (! p->is_private) {
119  smartlist_add(tmp, p);
120  continue;
121  }
122  for (i = 0; private_nets[i]; ++i) {
123  addr_policy_t newpolicy;
124  memcpy(&newpolicy, p, sizeof(addr_policy_t));
125  newpolicy.is_private = 0;
126  newpolicy.is_canonical = 0;
128  &newpolicy.addr,
129  &newpolicy.maskbits, &port_min, &port_max)<0) {
130  tor_assert_unreached();
131  }
133  }
134  addr_policy_free(p);
135  } SMARTLIST_FOREACH_END(p);
136 
137  smartlist_free(*policy);
138  *policy = tmp;
139 }
140 
141 /** Expand each of the AF_UNSPEC elements in *<b>policy</b> (which indicate
142  * protocol-neutral wildcards) into a pair of wildcard elements: one IPv4-
143  * specific and one IPv6-specific. */
144 void
146 {
147  smartlist_t *tmp;
148  if (!*policy)
149  return;
150 
151  tmp = smartlist_new();
152  SMARTLIST_FOREACH_BEGIN(*policy, addr_policy_t *, p) {
153  sa_family_t family = tor_addr_family(&p->addr);
154  if (family == AF_INET6 || family == AF_INET || p->is_private) {
155  smartlist_add(tmp, p);
156  } else if (family == AF_UNSPEC) {
157  addr_policy_t newpolicy_ipv4;
158  addr_policy_t newpolicy_ipv6;
159  memcpy(&newpolicy_ipv4, p, sizeof(addr_policy_t));
160  memcpy(&newpolicy_ipv6, p, sizeof(addr_policy_t));
161  newpolicy_ipv4.is_canonical = 0;
162  newpolicy_ipv6.is_canonical = 0;
163  if (p->maskbits != 0) {
164  log_warn(LD_BUG, "AF_UNSPEC policy with maskbits==%d", p->maskbits);
165  newpolicy_ipv4.maskbits = 0;
166  newpolicy_ipv6.maskbits = 0;
167  }
168  tor_addr_from_ipv4h(&newpolicy_ipv4.addr, 0);
169  tor_addr_from_ipv6_bytes(&newpolicy_ipv6.addr,
170  (const uint8_t *)"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
171  smartlist_add(tmp, addr_policy_get_canonical_entry(&newpolicy_ipv4));
172  smartlist_add(tmp, addr_policy_get_canonical_entry(&newpolicy_ipv6));
173  addr_policy_free(p);
174  } else {
175  log_warn(LD_BUG, "Funny-looking address policy with family %d", family);
176  smartlist_add(tmp, p);
177  }
178  } SMARTLIST_FOREACH_END(p);
179 
180  smartlist_free(*policy);
181  *policy = tmp;
182 }
183 
184 /**
185  * Given a linked list of config lines containing "accept[6]" and "reject[6]"
186  * tokens, parse them and append the result to <b>dest</b>. Return -1
187  * if any tokens are malformed (and don't append any), else return 0.
188  *
189  * If <b>assume_action</b> is nonnegative, then insert its action
190  * (ADDR_POLICY_ACCEPT or ADDR_POLICY_REJECT) for items that specify no
191  * action.
192  */
193 static int
195  int assume_action)
196 {
197  smartlist_t *result;
198  smartlist_t *entries;
199  addr_policy_t *item;
200  int malformed_list;
201  int r = 0;
202 
203  if (!cfg)
204  return 0;
205 
206  result = smartlist_new();
207  entries = smartlist_new();
208  for (; cfg; cfg = cfg->next) {
209  smartlist_split_string(entries, cfg->value, ",",
210  SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
211  SMARTLIST_FOREACH_BEGIN(entries, const char *, ent) {
212  log_debug(LD_CONFIG,"Adding new entry '%s'",ent);
213  malformed_list = 0;
214  item = router_parse_addr_policy_item_from_string(ent, assume_action,
215  &malformed_list);
216  if (item) {
217  smartlist_add(result, item);
218  } else if (malformed_list) {
219  /* the error is so severe the entire list should be discarded */
220  log_warn(LD_CONFIG, "Malformed policy '%s'. Discarding entire policy "
221  "list.", ent);
222  r = -1;
223  } else {
224  /* the error is minor: don't add the item, but keep processing the
225  * rest of the policies in the list */
226  log_debug(LD_CONFIG, "Ignored policy '%s' due to non-fatal error. "
227  "The remainder of the policy list will be used.",
228  ent);
229  }
230  } SMARTLIST_FOREACH_END(ent);
231  SMARTLIST_FOREACH(entries, char *, ent, tor_free(ent));
232  smartlist_clear(entries);
233  }
234  smartlist_free(entries);
235  if (r == -1) {
236  addr_policy_list_free(result);
237  } else {
238  policy_expand_private(&result);
239  policy_expand_unspec(&result);
240 
241  if (*dest) {
242  smartlist_add_all(*dest, result);
243  smartlist_free(result);
244  } else {
245  *dest = result;
246  }
247  }
248 
249  return r;
250 }
251 
252 /** Helper: parse the Reachable(Dir|OR)?Addresses fields into
253  * reachable_(or|dir)_addr_policy. The options should already have
254  * been validated by validate_addr_policies.
255  */
256 static int
258 {
259  const or_options_t *options = get_options();
260  int ret = 0;
261 
262  if (options->ReachableDirAddresses &&
263  options->ReachableORAddresses &&
264  options->ReachableAddresses) {
265  log_warn(LD_CONFIG,
266  "Both ReachableDirAddresses and ReachableORAddresses are set. "
267  "ReachableAddresses setting will be ignored.");
268  }
269  addr_policy_list_free(reachable_or_addr_policy);
271  if (!options->ReachableORAddresses && options->ReachableAddresses)
272  log_info(LD_CONFIG,
273  "Using ReachableAddresses as ReachableORAddresses.");
275  options->ReachableORAddresses :
276  options->ReachableAddresses,
277  &reachable_or_addr_policy, ADDR_POLICY_ACCEPT)) {
278  log_warn(LD_CONFIG,
279  "Error parsing Reachable%sAddresses entry; ignoring.",
280  options->ReachableORAddresses ? "OR" : "");
281  ret = -1;
282  }
283 
284  addr_policy_list_free(reachable_dir_addr_policy);
286  if (!options->ReachableDirAddresses && options->ReachableAddresses)
287  log_info(LD_CONFIG,
288  "Using ReachableAddresses as ReachableDirAddresses");
290  options->ReachableDirAddresses :
291  options->ReachableAddresses,
292  &reachable_dir_addr_policy, ADDR_POLICY_ACCEPT)) {
293  if (options->ReachableDirAddresses)
294  log_warn(LD_CONFIG,
295  "Error parsing ReachableDirAddresses entry; ignoring.");
296  ret = -1;
297  }
298 
299  /* We ignore ReachableAddresses for relays */
300  if (!server_mode(options)) {
303  log_warn(LD_CONFIG, "Tor cannot connect to the Internet if "
304  "ReachableAddresses, ReachableORAddresses, or "
305  "ReachableDirAddresses reject all addresses. Please accept "
306  "some addresses in these options.");
307  } else if (options->ClientUseIPv4 == 1
310  log_warn(LD_CONFIG, "You have set ClientUseIPv4 1, but "
311  "ReachableAddresses, ReachableORAddresses, or "
312  "ReachableDirAddresses reject all IPv4 addresses. "
313  "Tor will not connect using IPv4.");
314  } else if (reachable_addr_use_ipv6(options)
317  log_warn(LD_CONFIG, "You have configured tor to use or prefer IPv6 "
318  "(or UseBridges 1), but "
319  "ReachableAddresses, ReachableORAddresses, or "
320  "ReachableDirAddresses reject all IPv6 addresses. "
321  "Tor will not connect using IPv6.");
322  }
323  }
324 
325  /* Append a reject *:* to reachable_(or|dir)_addr_policy */
326  if (!ret && (options->ReachableDirAddresses ||
327  options->ReachableORAddresses ||
328  options->ReachableAddresses)) {
331  }
332 
333  return ret;
334 }
335 
336 /* Return true iff ClientUseIPv4 0 or ClientUseIPv6 0 might block any OR or Dir
337  * address:port combination. */
338 static int
339 firewall_is_fascist_impl(void)
340 {
341  const or_options_t *options = get_options();
342  /* Assume every non-bridge relay has an IPv4 address.
343  * Clients which use bridges may only know the IPv6 address of their
344  * bridge, but they will connect regardless of the ClientUseIPv6 setting. */
345  return options->ClientUseIPv4 == 0;
346 }
347 
348 /** Return true iff the firewall options, including ClientUseIPv4 0 and
349  * ClientUseIPv6 0, might block any OR address:port combination.
350  * Address preferences may still change which address is selected even if
351  * this function returns false.
352  */
353 int
355 {
356  return (reachable_or_addr_policy != NULL || firewall_is_fascist_impl());
357 }
358 
359 /** Return true iff the firewall options, including ClientUseIPv4 0 and
360  * ClientUseIPv6 0, might block any Dir address:port combination.
361  * Address preferences may still change which address is selected even if
362  * this function returns false.
363  */
364 int
366 {
367  return (reachable_dir_addr_policy != NULL || firewall_is_fascist_impl());
368 }
369 
370 /** Return true iff <b>policy</b> (possibly NULL) will allow a
371  * connection to <b>addr</b>:<b>port</b>.
372  */
373 static int
374 addr_policy_permits_tor_addr(const tor_addr_t *addr, uint16_t port,
375  smartlist_t *policy)
376 {
378  p = compare_tor_addr_to_addr_policy(addr, port, policy);
379  switch (p) {
382  return 1;
385  return 0;
386  default:
387  log_warn(LD_BUG, "Unexpected result: %d", (int)p);
388  return 0;
389  }
390 }
391 
392 /** Return true iff we think our firewall will let us make a connection to
393  * addr:port.
394  *
395  * If we are configured as a server, ignore any address family preference and
396  * just use IPv4.
397  * Otherwise:
398  * - return false for all IPv4 addresses:
399  * - if ClientUseIPv4 is 0, or
400  * if pref_only and pref_ipv6 are both true;
401  * - return false for all IPv6 addresses:
402  * - if reachable_addr_use_ipv6() is 0, or
403  * - if pref_only is true and pref_ipv6 is false.
404  *
405  * Return false if addr is NULL or tor_addr_is_null(), or if port is 0. */
406 STATIC int
408  uint16_t port,
409  smartlist_t *firewall_policy,
410  int pref_only, int pref_ipv6)
411 {
412  const or_options_t *options = get_options();
413  const int client_mode = !server_mode(options);
414 
415  if (!addr || tor_addr_is_null(addr) || !port) {
416  return 0;
417  }
418 
419  /* Clients stop using IPv4 if it's disabled. In most cases, clients also
420  * stop using IPv4 if it's not preferred.
421  * Servers must have IPv4 enabled and preferred. */
422  if (tor_addr_family(addr) == AF_INET && client_mode &&
423  (!options->ClientUseIPv4 || (pref_only && pref_ipv6))) {
424  return 0;
425  }
426 
427  /* Clients and Servers won't use IPv6 unless it's enabled (and in most
428  * cases, IPv6 must also be preferred before it will be used). */
429  if (tor_addr_family(addr) == AF_INET6 &&
430  (!reachable_addr_use_ipv6(options) || (pref_only && !pref_ipv6))) {
431  return 0;
432  }
433 
434  return addr_policy_permits_tor_addr(addr, port,
435  firewall_policy);
436 }
437 
438 /** Is this client configured to use IPv6?
439  * Returns true if the client might use IPv6 for some of its connections
440  * (including dual-stack and IPv6-only clients), and false if it will never
441  * use IPv6 for any connections.
442  * Use node_ipv6_or/dir_preferred() when checking a specific node and OR/Dir
443  * port: it supports bridge client per-node IPv6 preferences.
444  */
445 int
447 {
448  /* Clients use IPv6 if it's set, or they use bridges, or they don't use
449  * IPv4, or they prefer it.
450  * ClientPreferIPv6DirPort is deprecated, but check it anyway. */
451  return (options->ClientUseIPv6 == 1 || options->ClientUseIPv4 == 0 ||
452  options->ClientPreferIPv6ORPort == 1 ||
453  options->ClientPreferIPv6DirPort == 1 || options->UseBridges == 1);
454 }
455 
456 /** Do we prefer to connect to IPv6, ignoring ClientPreferIPv6ORPort and
457  * ClientPreferIPv6DirPort?
458  * If we're unsure, return -1, otherwise, return 1 for IPv6 and 0 for IPv4.
459  */
460 static int
462 {
463  /*
464  Cheap implementation of config options ClientUseIPv4 & ClientUseIPv6 --
465  If we're a server or IPv6 is disabled, use IPv4.
466  If IPv4 is disabled, use IPv6.
467  */
468 
469  if (server_mode(options) || !reachable_addr_use_ipv6(options)) {
470  return 0;
471  }
472 
473  if (!options->ClientUseIPv4) {
474  return 1;
475  }
476 
477  return -1;
478 }
479 
480 /** Do we prefer to connect to IPv6 ORPorts?
481  * Use node_ipv6_or_preferred() whenever possible: it supports bridge client
482  * per-node IPv6 preferences.
483  */
484 int
486 {
487  int pref_ipv6 = reachable_addr_prefer_ipv6_impl(options);
488 
489  if (pref_ipv6 >= 0) {
490  return pref_ipv6;
491  }
492 
493  /* We can use both IPv4 and IPv6 - which do we prefer? */
494  if (options->ClientPreferIPv6ORPort == 1) {
495  return 1;
496  }
497 
498  return 0;
499 }
500 
501 /** Do we prefer to connect to IPv6 DirPorts?
502  *
503  * (node_ipv6_dir_preferred() doesn't support bridge client per-node IPv6
504  * preferences. There's no reason to use it instead of this function.)
505  */
506 int
508 {
509  int pref_ipv6 = reachable_addr_prefer_ipv6_impl(options);
510 
511  if (pref_ipv6 >= 0) {
512  return pref_ipv6;
513  }
514 
515  /* We can use both IPv4 and IPv6 - which do we prefer? */
516  if (options->ClientPreferIPv6DirPort == 1) {
517  return 1;
518  }
519 
520  return 0;
521 }
522 
523 /** Return true iff we think our firewall will let us make a connection to
524  * addr:port. Uses ReachableORAddresses or ReachableDirAddresses based on
525  * fw_connection.
526  * If pref_only is true, return true if addr is in the client's preferred
527  * address family, which is IPv6 if pref_ipv6 is true, and IPv4 otherwise.
528  * If pref_only is false, ignore pref_ipv6, and return true if addr is allowed.
529  */
530 int
531 reachable_addr_allows_addr(const tor_addr_t *addr, uint16_t port,
532  firewall_connection_t fw_connection,
533  int pref_only, int pref_ipv6)
534 {
535  if (fw_connection == FIREWALL_OR_CONNECTION) {
536  return reachable_addr_allows(addr, port,
538  pref_only, pref_ipv6);
539  } else if (fw_connection == FIREWALL_DIR_CONNECTION) {
540  return reachable_addr_allows(addr, port,
542  pref_only, pref_ipv6);
543  } else {
544  log_warn(LD_BUG, "Bad firewall_connection_t value %d.",
545  fw_connection);
546  return 0;
547  }
548 }
549 
550 /** Return true iff we think our firewall will let us make a connection to
551  * addr:port (ap). Uses ReachableORAddresses or ReachableDirAddresses based on
552  * fw_connection.
553  * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
554  */
555 static int
557  firewall_connection_t fw_connection,
558  int pref_only, int pref_ipv6)
559 {
560  tor_assert(ap);
561  return reachable_addr_allows_addr(&ap->addr, ap->port,
562  fw_connection, pref_only,
563  pref_ipv6);
564 }
565 
566 /** Return true iff we think our firewall will let us make a connection to
567  * ipv4h_addr/ipv6_addr. Uses ipv4_orport/ipv6_orport/ReachableORAddresses or
568  * ipv4_dirport/ipv6_dirport/ReachableDirAddresses based on IPv4/IPv6 and
569  * <b>fw_connection</b>.
570  * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
571  */
572 static int
573 reachable_addr_allows_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport,
574  uint16_t ipv4_dirport,
575  const tor_addr_t *ipv6_addr, uint16_t ipv6_orport,
576  uint16_t ipv6_dirport,
577  firewall_connection_t fw_connection,
578  int pref_only, int pref_ipv6)
579 {
580  if (reachable_addr_allows_addr(ipv4_addr,
581  (fw_connection == FIREWALL_OR_CONNECTION
582  ? ipv4_orport
583  : ipv4_dirport),
584  fw_connection,
585  pref_only, pref_ipv6)) {
586  return 1;
587  }
588 
589  if (reachable_addr_allows_addr(ipv6_addr,
590  (fw_connection == FIREWALL_OR_CONNECTION
591  ? ipv6_orport
592  : ipv6_dirport),
593  fw_connection,
594  pref_only, pref_ipv6)) {
595  return 1;
596  }
597 
598  return 0;
599 }
600 
601 /** Like reachable_addr_allows_base(), but takes ri. */
602 static int
604  firewall_connection_t fw_connection,
605  int pref_only, int pref_ipv6)
606 {
607  if (!ri) {
608  return 0;
609  }
610 
611  /* Assume IPv4 and IPv6 DirPorts are the same */
612  return reachable_addr_allows_base(&ri->ipv4_addr, ri->ipv4_orport,
613  ri->ipv4_dirport, &ri->ipv6_addr,
614  ri->ipv6_orport, ri->ipv4_dirport,
615  fw_connection, pref_only, pref_ipv6);
616 }
617 
618 /** Like reachable_addr_allows_rs, but takes pref_ipv6. */
619 static int
621  firewall_connection_t fw_connection,
622  int pref_only, int pref_ipv6)
623 {
624  if (!rs) {
625  return 0;
626  }
627 
628  /* Assume IPv4 and IPv6 DirPorts are the same */
629  return reachable_addr_allows_base(&rs->ipv4_addr, rs->ipv4_orport,
630  rs->ipv4_dirport, &rs->ipv6_addr,
631  rs->ipv6_orport, rs->ipv4_dirport,
632  fw_connection, pref_only, pref_ipv6);
633 }
634 
635 /** Like reachable_addr_allows_base(), but takes rs.
636  * When rs is a fake_status from a dir_server_t, it can have a reachable
637  * address, even when the corresponding node does not.
638  * nodes can be missing addresses when there's no consensus (IPv4 and IPv6),
639  * or when there is a microdescriptor consensus, but no microdescriptors
640  * (microdescriptors have IPv6, the microdesc consensus does not). */
641 int
643  firewall_connection_t fw_connection, int pref_only)
644 {
645  if (!rs) {
646  return 0;
647  }
648 
649  /* We don't have access to the node-specific IPv6 preference, so use the
650  * generic IPv6 preference instead. */
651  const or_options_t *options = get_options();
652  int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION
655 
656  return reachable_addr_allows_rs_impl(rs, fw_connection, pref_only,
657  pref_ipv6);
658 }
659 
660 /** Return true iff we think our firewall will let us make a connection to
661  * ipv6_addr:ipv6_orport based on ReachableORAddresses.
662  * If <b>fw_connection</b> is FIREWALL_DIR_CONNECTION, returns 0.
663  * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
664  */
665 static int
667  firewall_connection_t fw_connection,
668  int pref_only, int pref_ipv6)
669 {
670  if (!md) {
671  return 0;
672  }
673 
674  /* Can't check dirport, it doesn't have one */
675  if (fw_connection == FIREWALL_DIR_CONNECTION) {
676  return 0;
677  }
678 
679  /* Also can't check IPv4, doesn't have that either */
681  fw_connection, pref_only,
682  pref_ipv6);
683 }
684 
685 /** Like reachable_addr_allows_base(), but takes node, and looks up pref_ipv6
686  * from node_ipv6_or/dir_preferred(). */
687 int
689  firewall_connection_t fw_connection,
690  int pref_only)
691 {
692  if (!node) {
693  return 0;
694  }
695 
696  node_assert_ok(node);
697 
698  const int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION
699  ? node_ipv6_or_preferred(node)
700  : node_ipv6_dir_preferred(node));
701 
702  /* Sometimes, the rs is missing the IPv6 address info, and we need to go
703  * all the way to the md */
704  if (node->ri && reachable_addr_allows_ri_impl(node->ri, fw_connection,
705  pref_only, pref_ipv6)) {
706  return 1;
707  } else if (node->rs && reachable_addr_allows_rs_impl(node->rs,
708  fw_connection,
709  pref_only,
710  pref_ipv6)) {
711  return 1;
712  } else if (node->md && reachable_addr_allows_md_impl(node->md,
713  fw_connection,
714  pref_only,
715  pref_ipv6)) {
716  return 1;
717  } else {
718  /* If we know nothing, assume it's unreachable, we'll never get an address
719  * to connect to. */
720  return 0;
721  }
722 }
723 
724 /** Like reachable_addr_allows_rs(), but takes ds. */
725 int
727  firewall_connection_t fw_connection,
728  int pref_only)
729 {
730  if (!ds) {
731  return 0;
732  }
733 
734  /* A dir_server_t always has a fake_status. As long as it has the same
735  * addresses/ports in both fake_status and dir_server_t, this works fine.
736  * (See #17867.)
737  * reachable_addr_allows_rs only checks the addresses in fake_status. */
738  return reachable_addr_allows_rs(&ds->fake_status, fw_connection,
739  pref_only);
740 }
741 
742 /** If a and b are both valid and allowed by fw_connection,
743  * choose one based on want_a and return it.
744  * Otherwise, return whichever is allowed.
745  * Otherwise, return NULL.
746  * pref_only and pref_ipv6 work as in reachable_addr_allows_addr().
747  */
748 static const tor_addr_port_t *
750  const tor_addr_port_t *b,
751  int want_a,
752  firewall_connection_t fw_connection,
753  int pref_only, int pref_ipv6)
754 {
755  const tor_addr_port_t *use_a = NULL;
756  const tor_addr_port_t *use_b = NULL;
757 
758  if (reachable_addr_allows_ap(a, fw_connection, pref_only,
759  pref_ipv6)) {
760  use_a = a;
761  }
762 
763  if (reachable_addr_allows_ap(b, fw_connection, pref_only,
764  pref_ipv6)) {
765  use_b = b;
766  }
767 
768  /* If both are allowed */
769  if (use_a && use_b) {
770  /* Choose a if we want it */
771  return (want_a ? use_a : use_b);
772  } else {
773  /* Choose a if we have it */
774  return (use_a ? use_a : use_b);
775  }
776 }
777 
778 /** If a and b are both valid and preferred by fw_connection,
779  * choose one based on want_a and return it.
780  * Otherwise, return whichever is preferred.
781  * If neither are preferred, and pref_only is false:
782  * - If a and b are both allowed by fw_connection,
783  * choose one based on want_a and return it.
784  * - Otherwise, return whichever is preferred.
785  * Otherwise, return NULL. */
786 STATIC const tor_addr_port_t *
788  const tor_addr_port_t *b,
789  int want_a,
790  firewall_connection_t fw_connection,
791  int pref_only, int pref_ipv6)
792 {
794  a, b, want_a,
795  fw_connection,
796  1, pref_ipv6);
797  if (pref_only || pref) {
798  /* If there is a preferred address, use it. If we can only use preferred
799  * addresses, and neither address is preferred, pref will be NULL, and we
800  * want to return NULL, so return it. */
801  return pref;
802  } else {
803  /* If there's no preferred address, and we can return addresses that are
804  * not preferred, use an address that's allowed */
805  return reachable_addr_choose_impl(a, b, want_a, fw_connection,
806  0, pref_ipv6);
807  }
808 }
809 
810 /** Copy an address and port into <b>ap</b> that we think our firewall will
811  * let us connect to. Uses ipv4_addr/ipv6_addr and
812  * ipv4_orport/ipv6_orport/ReachableORAddresses or
813  * ipv4_dirport/ipv6_dirport/ReachableDirAddresses based on IPv4/IPv6 and
814  * <b>fw_connection</b>.
815  * If pref_only, only choose preferred addresses. In either case, choose
816  * a preferred address before an address that's not preferred.
817  * If both addresses could be chosen (they are both preferred or both allowed)
818  * choose IPv6 if pref_ipv6 is true, otherwise choose IPv4. */
819 static void
821  uint16_t ipv4_orport,
822  uint16_t ipv4_dirport,
823  const tor_addr_t *ipv6_addr,
824  uint16_t ipv6_orport,
825  uint16_t ipv6_dirport,
826  firewall_connection_t fw_connection,
827  int pref_only,
828  int pref_ipv6,
829  tor_addr_port_t* ap)
830 {
831  const tor_addr_port_t *result = NULL;
832  const int want_ipv4 = !pref_ipv6;
833 
834  tor_assert(ipv6_addr);
835  tor_assert(ap);
836 
837  tor_addr_make_null(&ap->addr, AF_UNSPEC);
838  ap->port = 0;
839 
840  tor_addr_port_t ipv4_ap;
841  tor_addr_copy(&ipv4_ap.addr, ipv4_addr);
842  ipv4_ap.port = (fw_connection == FIREWALL_OR_CONNECTION
843  ? ipv4_orport
844  : ipv4_dirport);
845 
846  tor_addr_port_t ipv6_ap;
847  tor_addr_copy(&ipv6_ap.addr, ipv6_addr);
848  ipv6_ap.port = (fw_connection == FIREWALL_OR_CONNECTION
849  ? ipv6_orport
850  : ipv6_dirport);
851 
852  result = reachable_addr_choose(&ipv4_ap, &ipv6_ap,
853  want_ipv4,
854  fw_connection, pref_only,
855  pref_ipv6);
856 
857  if (result) {
858  tor_addr_copy(&ap->addr, &result->addr);
859  ap->port = result->port;
860  }
861 }
862 
863 /** Like reachable_addr_choose_base(), but takes <b>rs</b>.
864  * Consults the corresponding node, then falls back to rs if node is NULL.
865  * This should only happen when there's no valid consensus, and rs doesn't
866  * correspond to a bridge client's bridge.
867  */
868 void
870  firewall_connection_t fw_connection,
871  int pref_only, tor_addr_port_t* ap)
872 {
873  tor_assert(ap);
874 
875  tor_addr_make_null(&ap->addr, AF_UNSPEC);
876  ap->port = 0;
877 
878  if (!rs) {
879  return;
880  }
881 
882  const or_options_t *options = get_options();
883  const node_t *node = node_get_by_id(rs->identity_digest);
884 
885  if (node) {
886  reachable_addr_choose_from_node(node, fw_connection, pref_only, ap);
887  } else {
888  /* There's no node-specific IPv6 preference, so use the generic IPv6
889  * preference instead. */
890  int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION
893 
894  reachable_addr_choose_base(&rs->ipv4_addr, rs->ipv4_orport,
895  rs->ipv4_dirport, &rs->ipv6_addr,
896  rs->ipv6_orport, rs->ipv4_dirport,
897  fw_connection, pref_only, pref_ipv6,
898  ap);
899  }
900 }
901 
902 /** Like reachable_addr_choose_base(), but takes in a smartlist
903  * <b>lspecs</b> consisting of one or more link specifiers. We assume
904  * fw_connection is FIREWALL_OR_CONNECTION as link specifiers cannot
905  * contain DirPorts.
906  */
907 void
909  int pref_only, tor_addr_port_t* ap)
910 {
911  int have_v4 = 0, have_v6 = 0;
912  uint16_t port_v4 = 0, port_v6 = 0;
913  tor_addr_t addr_v4, addr_v6;
914 
915  tor_assert(ap);
916 
917  if (lspecs == NULL) {
918  log_warn(LD_BUG, "Unknown or missing link specifiers");
919  return;
920  }
921  if (smartlist_len(lspecs) == 0) {
922  log_warn(LD_PROTOCOL, "Link specifiers are empty");
923  return;
924  }
925 
926  tor_addr_make_null(&ap->addr, AF_UNSPEC);
927  ap->port = 0;
928 
929  tor_addr_make_null(&addr_v4, AF_INET);
930  tor_addr_make_null(&addr_v6, AF_INET6);
931 
932  SMARTLIST_FOREACH_BEGIN(lspecs, const link_specifier_t *, ls) {
933  switch (link_specifier_get_ls_type(ls)) {
934  case LS_IPV4:
935  /* Skip if we already seen a v4. */
936  if (have_v4) continue;
937  tor_addr_from_ipv4h(&addr_v4,
938  link_specifier_get_un_ipv4_addr(ls));
939  port_v4 = link_specifier_get_un_ipv4_port(ls);
940  have_v4 = 1;
941  break;
942  case LS_IPV6:
943  /* Skip if we already seen a v6, or deliberately skip it if we're not a
944  * direct connection. */
945  if (have_v6) continue;
946  tor_addr_from_ipv6_bytes(&addr_v6,
947  link_specifier_getconstarray_un_ipv6_addr(ls));
948  port_v6 = link_specifier_get_un_ipv6_port(ls);
949  have_v6 = 1;
950  break;
951  default:
952  /* Ignore unknown. */
953  break;
954  }
955  } SMARTLIST_FOREACH_END(ls);
956 
957  /* If we don't have IPv4 or IPv6 in link specifiers, log a bug and return. */
958  if (!have_v4 && !have_v6) {
959  if (!have_v6) {
960  log_warn(LD_PROTOCOL, "None of our link specifiers have IPv4 or IPv6");
961  } else {
962  log_warn(LD_PROTOCOL, "None of our link specifiers have IPv4");
963  }
964  return;
965  }
966 
967  /* Here, don't check for DirPorts as link specifiers are only used for
968  * ORPorts. */
969  const or_options_t *options = get_options();
970  int pref_ipv6 = reachable_addr_prefer_ipv6_orport(options);
971  /* Assume that the DirPorts are zero as link specifiers only use ORPorts. */
972  reachable_addr_choose_base(&addr_v4, port_v4, 0,
973  &addr_v6, port_v6, 0,
974  FIREWALL_OR_CONNECTION,
975  pref_only, pref_ipv6,
976  ap);
977 }
978 
979 /** Like reachable_addr_choose_base(), but takes <b>node</b>, and
980  * looks up the node's IPv6 preference rather than taking an argument
981  * for pref_ipv6. */
982 void
984  firewall_connection_t fw_connection,
985  int pref_only, tor_addr_port_t *ap)
986 {
987  tor_assert(ap);
988 
989  tor_addr_make_null(&ap->addr, AF_UNSPEC);
990  ap->port = 0;
991 
992  if (!node) {
993  return;
994  }
995 
996  node_assert_ok(node);
997 
998  const int pref_ipv6_node = (fw_connection == FIREWALL_OR_CONNECTION
999  ? node_ipv6_or_preferred(node)
1000  : node_ipv6_dir_preferred(node));
1001 
1002  tor_addr_port_t ipv4_or_ap;
1003  node_get_prim_orport(node, &ipv4_or_ap);
1004  tor_addr_port_t ipv4_dir_ap;
1005  node_get_prim_dirport(node, &ipv4_dir_ap);
1006 
1007  tor_addr_port_t ipv6_or_ap;
1008  node_get_pref_ipv6_orport(node, &ipv6_or_ap);
1009  tor_addr_port_t ipv6_dir_ap;
1010  node_get_pref_ipv6_dirport(node, &ipv6_dir_ap);
1011 
1012  /* Assume the IPv6 OR and Dir addresses are the same. */
1013  reachable_addr_choose_base(&ipv4_or_ap.addr, ipv4_or_ap.port,
1014  ipv4_dir_ap.port, &ipv6_or_ap.addr,
1015  ipv6_or_ap.port, ipv6_dir_ap.port,
1016  fw_connection, pref_only,
1017  pref_ipv6_node, ap);
1018 }
1019 
1020 /** Like reachable_addr_choose_from_rs(), but takes <b>ds</b>. */
1021 void
1023  firewall_connection_t fw_connection,
1024  int pref_only,
1025  tor_addr_port_t *ap)
1026 {
1027  tor_assert(ap);
1028 
1029  tor_addr_make_null(&ap->addr, AF_UNSPEC);
1030  ap->port = 0;
1031 
1032  if (!ds) {
1033  return;
1034  }
1035 
1036  /* A dir_server_t always has a fake_status. As long as it has the same
1037  * addresses/ports in both fake_status and dir_server_t, this works fine.
1038  * (See #17867.)
1039  * This function relies on reachable_addr_choose_from_rs looking up the
1040  * node if it can, because that will get the latest info for the relay. */
1041  reachable_addr_choose_from_rs(&ds->fake_status, fw_connection,
1042  pref_only, ap);
1043 }
1044 
1045 /** Return 1 if <b>addr</b> is permitted to connect to our dir port,
1046  * based on <b>dir_policy</b>. Else return 0.
1047  */
1048 int
1050 {
1051  return addr_policy_permits_tor_addr(addr, 1, dir_policy);
1052 }
1053 
1054 /** Return 1 if <b>addr</b> is permitted to connect to our socks port,
1055  * based on <b>socks_policy</b>. Else return 0.
1056  */
1057 int
1059 {
1060  return addr_policy_permits_tor_addr(addr, 1, socks_policy);
1061 }
1062 
1063 /** Return true iff the address <b>addr</b> is in a country listed in the
1064  * case-insensitive list of country codes <b>cc_list</b>. */
1065 static int
1066 addr_is_in_cc_list(const tor_addr_t *addr, const smartlist_t *cc_list)
1067 {
1068  country_t country;
1069  const char *name;
1070 
1071  if (!cc_list)
1072  return 0;
1073  country = geoip_get_country_by_addr(addr);
1074  name = geoip_get_country_name(country);
1075  return smartlist_contains_string_case(cc_list, name);
1076 }
1077 
1078 /** Return 1 if <b>addr</b>:<b>port</b> is permitted to publish to our
1079  * directory, based on <b>authdir_reject_policy</b>. Else return 0.
1080  */
1081 int
1082 authdir_policy_permits_address(const tor_addr_t *addr, uint16_t port)
1083 {
1085  return 0;
1086  return !addr_is_in_cc_list(addr, get_options()->AuthDirRejectCCs);
1087 }
1088 
1089 /** Return 1 if <b>addr</b>:<b>port</b> is considered valid in our
1090  * directory, based on <b>authdir_invalid_policy</b>. Else return 0.
1091  */
1092 int
1093 authdir_policy_valid_address(const tor_addr_t *addr, uint16_t port)
1094 {
1096  return 0;
1097  return !addr_is_in_cc_list(addr, get_options()->AuthDirInvalidCCs);
1098 }
1099 
1100 /** Return 1 if <b>addr</b>:<b>port</b> should be marked as a bad exit,
1101  * based on <b>authdir_badexit_policy</b>. Else return 0.
1102  */
1103 int
1104 authdir_policy_badexit_address(const tor_addr_t *addr, uint16_t port)
1105 {
1107  return 1;
1108  return addr_is_in_cc_list(addr, get_options()->AuthDirBadExitCCs);
1109 }
1110 
1111 #define REJECT(arg) \
1112  STMT_BEGIN *msg = tor_strdup(arg); goto err; STMT_END
1113 
1114 /** Check <b>or_options</b> to determine whether or not we are using the
1115  * default options for exit policy. Return true if so, false otherwise. */
1116 static int
1118 {
1119  return (or_options->ExitPolicy == NULL && or_options->ExitRelay == -1 &&
1120  or_options->ReducedExitPolicy == 0 && or_options->IPv6Exit == 0);
1121 }
1122 
1123 /** Config helper: If there's any problem with the policy configuration
1124  * options in <b>options</b>, return -1 and set <b>msg</b> to a newly
1125  * allocated description of the error. Else return 0. */
1126 int
1127 validate_addr_policies(const or_options_t *options, char **msg)
1128 {
1129  /* XXXX Maybe merge this into parse_policies_from_options, to make sure
1130  * that the two can't go out of sync. */
1131 
1132  smartlist_t *addr_policy=NULL;
1133  *msg = NULL;
1134 
1135  if (policies_parse_exit_policy_from_options(options,0,NULL,&addr_policy)) {
1136  REJECT("Error in ExitPolicy entry.");
1137  }
1138 
1139  static int warned_about_nonexit = 0;
1140 
1141  if (public_server_mode(options) && !warned_about_nonexit &&
1143  warned_about_nonexit = 1;
1144  log_notice(LD_CONFIG, "By default, Tor does not run as an exit relay. "
1145  "If you want to be an exit relay, "
1146  "set ExitRelay to 1. To suppress this message in the future, "
1147  "set ExitRelay to 0.");
1148  }
1149 
1150  /* The rest of these calls *append* to addr_policy. So don't actually
1151  * use the results for anything other than checking if they parse! */
1152  if (parse_addr_policy(options->DirPolicy, &addr_policy, -1))
1153  REJECT("Error in DirPolicy entry.");
1154  if (parse_addr_policy(options->SocksPolicy, &addr_policy, -1))
1155  REJECT("Error in SocksPolicy entry.");
1156  if (parse_addr_policy(options->AuthDirReject, &addr_policy,
1157  ADDR_POLICY_REJECT))
1158  REJECT("Error in AuthDirReject entry.");
1159  if (parse_addr_policy(options->AuthDirInvalid, &addr_policy,
1160  ADDR_POLICY_REJECT))
1161  REJECT("Error in AuthDirInvalid entry.");
1162  if (parse_addr_policy(options->AuthDirBadExit, &addr_policy,
1163  ADDR_POLICY_REJECT))
1164  REJECT("Error in AuthDirBadExit entry.");
1165 
1166  if (parse_addr_policy(options->ReachableAddresses, &addr_policy,
1167  ADDR_POLICY_ACCEPT))
1168  REJECT("Error in ReachableAddresses entry.");
1169  if (parse_addr_policy(options->ReachableORAddresses, &addr_policy,
1170  ADDR_POLICY_ACCEPT))
1171  REJECT("Error in ReachableORAddresses entry.");
1172  if (parse_addr_policy(options->ReachableDirAddresses, &addr_policy,
1173  ADDR_POLICY_ACCEPT))
1174  REJECT("Error in ReachableDirAddresses entry.");
1175 
1176  err:
1177  addr_policy_list_free(addr_policy);
1178  return *msg ? -1 : 0;
1179 #undef REJECT
1180 }
1181 
1182 /** Parse <b>string</b> in the same way that the exit policy
1183  * is parsed, and put the processed version in *<b>policy</b>.
1184  * Ignore port specifiers.
1185  */
1186 static int
1187 load_policy_from_option(config_line_t *config, const char *option_name,
1188  smartlist_t **policy,
1189  int assume_action)
1190 {
1191  int r;
1192  int killed_any_ports = 0;
1193  addr_policy_list_free(*policy);
1194  *policy = NULL;
1195  r = parse_addr_policy(config, policy, assume_action);
1196  if (r < 0) {
1197  return -1;
1198  }
1199  if (*policy) {
1200  SMARTLIST_FOREACH_BEGIN(*policy, addr_policy_t *, n) {
1201  /* ports aren't used in these. */
1202  if (n->prt_min > 1 || n->prt_max != 65535) {
1203  addr_policy_t newp, *c;
1204  memcpy(&newp, n, sizeof(newp));
1205  newp.prt_min = 1;
1206  newp.prt_max = 65535;
1207  newp.is_canonical = 0;
1209  SMARTLIST_REPLACE_CURRENT(*policy, n, c);
1210  addr_policy_free(n);
1211  killed_any_ports = 1;
1212  }
1213  } SMARTLIST_FOREACH_END(n);
1214  }
1215  if (killed_any_ports) {
1216  log_warn(LD_CONFIG, "Ignoring ports in %s option.", option_name);
1217  }
1218  return 0;
1219 }
1220 
1221 /** Set all policies based on <b>options</b>, which should have been validated
1222  * first by validate_addr_policies. */
1223 int
1225 {
1226  int ret = 0;
1227  if (load_policy_from_option(options->SocksPolicy, "SocksPolicy",
1228  &socks_policy, -1) < 0)
1229  ret = -1;
1230  if (load_policy_from_option(options->DirPolicy, "DirPolicy",
1231  &dir_policy, -1) < 0)
1232  ret = -1;
1233  if (load_policy_from_option(options->AuthDirReject, "AuthDirReject",
1234  &authdir_reject_policy, ADDR_POLICY_REJECT) < 0)
1235  ret = -1;
1236  if (load_policy_from_option(options->AuthDirInvalid, "AuthDirInvalid",
1237  &authdir_invalid_policy, ADDR_POLICY_REJECT) < 0)
1238  ret = -1;
1239  if (load_policy_from_option(options->AuthDirBadExit, "AuthDirBadExit",
1240  &authdir_badexit_policy, ADDR_POLICY_REJECT) < 0)
1241  ret = -1;
1242  if (parse_reachable_addresses() < 0)
1243  ret = -1;
1244  return ret;
1245 }
1246 
1247 /** Compare two provided address policy items, and renturn -1, 0, or 1
1248  * if the first is less than, equal to, or greater than the second. */
1249 static int
1251 {
1252  int r;
1253 #define CMP_FIELD(field) do { \
1254  if (a->field != b->field) { \
1255  return 0; \
1256  } \
1257  } while (0)
1258  CMP_FIELD(policy_type);
1259  CMP_FIELD(is_private);
1260  /* refcnt and is_canonical are irrelevant to equality,
1261  * they are hash table implementation details */
1262  if ((r=tor_addr_compare(&a->addr, &b->addr, CMP_EXACT)))
1263  return 0;
1264  CMP_FIELD(maskbits);
1265  CMP_FIELD(prt_min);
1266  CMP_FIELD(prt_max);
1267 #undef CMP_FIELD
1268  return 1;
1269 }
1270 
1271 /** As single_addr_policy_eq, but compare every element of two policies.
1272  */
1273 int
1275 {
1276  int i;
1277  int len_a = a ? smartlist_len(a) : 0;
1278  int len_b = b ? smartlist_len(b) : 0;
1279 
1280  if (len_a != len_b)
1281  return 0;
1282 
1283  for (i = 0; i < len_a; ++i) {
1284  if (! single_addr_policy_eq(smartlist_get(a, i), smartlist_get(b, i)))
1285  return 0;
1286  }
1287 
1288  return 1;
1289 }
1290 
1291 /** Node in hashtable used to store address policy entries. */
1292 typedef struct policy_map_ent_t {
1293  HT_ENTRY(policy_map_ent_t) node;
1294  addr_policy_t *policy;
1296 
1297 /* DOCDOC policy_root */
1298 static HT_HEAD(policy_map, policy_map_ent_t) policy_root = HT_INITIALIZER();
1299 
1300 /** Return true iff a and b are equal. */
1301 static inline int
1302 policy_eq(policy_map_ent_t *a, policy_map_ent_t *b)
1303 {
1304  return single_addr_policy_eq(a->policy, b->policy);
1305 }
1306 
1307 /** Return a hashcode for <b>ent</b> */
1308 static unsigned int
1310 {
1311  const addr_policy_t *a = ent->policy;
1312  addr_policy_t aa;
1313  memset(&aa, 0, sizeof(aa));
1314 
1315  aa.prt_min = a->prt_min;
1316  aa.prt_max = a->prt_max;
1317  aa.maskbits = a->maskbits;
1318  aa.policy_type = a->policy_type;
1319  aa.is_private = a->is_private;
1320 
1321  if (a->is_private) {
1322  aa.is_private = 1;
1323  } else {
1324  tor_addr_copy_tight(&aa.addr, &a->addr);
1325  }
1326 
1327  return (unsigned) siphash24g(&aa, sizeof(aa));
1328 }
1329 
1330 HT_PROTOTYPE(policy_map, policy_map_ent_t, node, policy_hash,
1331  policy_eq);
1332 HT_GENERATE2(policy_map, policy_map_ent_t, node, policy_hash,
1333  policy_eq, 0.6, tor_reallocarray_, tor_free_);
1334 
1335 /** Given a pointer to an addr_policy_t, return a copy of the pointer to the
1336  * "canonical" copy of that addr_policy_t; the canonical copy is a single
1337  * reference-counted object. */
1338 addr_policy_t *
1340 {
1341  policy_map_ent_t search, *found;
1342  if (e->is_canonical)
1343  return e;
1344 
1345  search.policy = e;
1346  found = HT_FIND(policy_map, &policy_root, &search);
1347  if (!found) {
1348  found = tor_malloc_zero(sizeof(policy_map_ent_t));
1349  found->policy = tor_memdup(e, sizeof(addr_policy_t));
1350  found->policy->is_canonical = 1;
1351  found->policy->refcnt = 0;
1352  HT_INSERT(policy_map, &policy_root, found);
1353  }
1354 
1355  tor_assert(single_addr_policy_eq(found->policy, e));
1356  ++found->policy->refcnt;
1357  return found->policy;
1358 }
1359 
1360 /** Helper for compare_tor_addr_to_addr_policy. Implements the case where
1361  * addr and port are both known. */
1362 static addr_policy_result_t
1364  const smartlist_t *policy)
1365 {
1366  /* We know the address and port, and we know the policy, so we can just
1367  * compute an exact match. */
1368  SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, tmpe) {
1369  if (tmpe->addr.family == AF_UNSPEC) {
1370  log_warn(LD_BUG, "Policy contains an AF_UNSPEC address, which only "
1371  "matches other AF_UNSPEC addresses.");
1372  }
1373  /* Address is known */
1374  if (!tor_addr_compare_masked(addr, &tmpe->addr, tmpe->maskbits,
1375  CMP_EXACT)) {
1376  if (port >= tmpe->prt_min && port <= tmpe->prt_max) {
1377  /* Exact match for the policy */
1378  return tmpe->policy_type == ADDR_POLICY_ACCEPT ?
1380  }
1381  }
1382  } SMARTLIST_FOREACH_END(tmpe);
1383 
1384  /* accept all by default. */
1385  return ADDR_POLICY_ACCEPTED;
1386 }
1387 
1388 /** Helper for compare_tor_addr_to_addr_policy. Implements the case where
1389  * addr is known but port is not. */
1390 static addr_policy_result_t
1392  const smartlist_t *policy)
1393 {
1394  /* We look to see if there's a definite match. If so, we return that
1395  match's value, unless there's an intervening possible match that says
1396  something different. */
1397  int maybe_accept = 0, maybe_reject = 0;
1398 
1399  SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, tmpe) {
1400  if (tmpe->addr.family == AF_UNSPEC) {
1401  log_warn(LD_BUG, "Policy contains an AF_UNSPEC address, which only "
1402  "matches other AF_UNSPEC addresses.");
1403  }
1404  if (!tor_addr_compare_masked(addr, &tmpe->addr, tmpe->maskbits,
1405  CMP_EXACT)) {
1406  if (tmpe->prt_min <= 1 && tmpe->prt_max >= 65535) {
1407  /* Definitely matches, since it covers all ports. */
1408  if (tmpe->policy_type == ADDR_POLICY_ACCEPT) {
1409  /* If we already hit a clause that might trigger a 'reject', than we
1410  * can't be sure of this certain 'accept'.*/
1411  return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED :
1413  } else {
1414  return maybe_accept ? ADDR_POLICY_PROBABLY_REJECTED :
1416  }
1417  } else {
1418  /* Might match. */
1419  if (tmpe->policy_type == ADDR_POLICY_REJECT)
1420  maybe_reject = 1;
1421  else
1422  maybe_accept = 1;
1423  }
1424  }
1425  } SMARTLIST_FOREACH_END(tmpe);
1426 
1427  /* accept all by default. */
1428  return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED : ADDR_POLICY_ACCEPTED;
1429 }
1430 
1431 /** Helper for compare_tor_addr_to_addr_policy. Implements the case where
1432  * port is known but address is not. */
1433 static addr_policy_result_t
1435  const smartlist_t *policy)
1436 {
1437  /* We look to see if there's a definite match. If so, we return that
1438  match's value, unless there's an intervening possible match that says
1439  something different. */
1440  int maybe_accept = 0, maybe_reject = 0;
1441 
1442  SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, tmpe) {
1443  if (tmpe->addr.family == AF_UNSPEC) {
1444  log_warn(LD_BUG, "Policy contains an AF_UNSPEC address, which only "
1445  "matches other AF_UNSPEC addresses.");
1446  }
1447  if (tmpe->prt_min <= port && port <= tmpe->prt_max) {
1448  if (tmpe->maskbits == 0) {
1449  /* Definitely matches, since it covers all addresses. */
1450  if (tmpe->policy_type == ADDR_POLICY_ACCEPT) {
1451  /* If we already hit a clause that might trigger a 'reject', than we
1452  * can't be sure of this certain 'accept'.*/
1453  return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED :
1455  } else {
1456  return maybe_accept ? ADDR_POLICY_PROBABLY_REJECTED :
1458  }
1459  } else {
1460  /* Might match. */
1461  if (tmpe->policy_type == ADDR_POLICY_REJECT)
1462  maybe_reject = 1;
1463  else
1464  maybe_accept = 1;
1465  }
1466  }
1467  } SMARTLIST_FOREACH_END(tmpe);
1468 
1469  /* accept all by default. */
1470  return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED : ADDR_POLICY_ACCEPTED;
1471 }
1472 
1473 /** Decide whether a given addr:port is definitely accepted,
1474  * definitely rejected, probably accepted, or probably rejected by a
1475  * given policy. If <b>addr</b> is 0, we don't know the IP of the
1476  * target address. If <b>port</b> is 0, we don't know the port of the
1477  * target address. (At least one of <b>addr</b> and <b>port</b> must be
1478  * provided. If you want to know whether a policy would definitely reject
1479  * an unknown address:port, use policy_is_reject_star().)
1480  *
1481  * We could do better by assuming that some ranges never match typical
1482  * addresses (127.0.0.1, and so on). But we'll try this for now.
1483  */
1485 compare_tor_addr_to_addr_policy,(const tor_addr_t *addr, uint16_t port,
1486  const smartlist_t *policy))
1487 {
1488  if (!policy) {
1489  /* no policy? accept all. */
1490  return ADDR_POLICY_ACCEPTED;
1491  } else if (addr == NULL || tor_addr_is_null(addr)) {
1492  if (port == 0) {
1493  log_info(LD_BUG, "Rejecting null address with 0 port (family %d)",
1494  addr ? tor_addr_family(addr) : -1);
1495  return ADDR_POLICY_REJECTED;
1496  }
1497  return compare_unknown_tor_addr_to_addr_policy(port, policy);
1498  } else if (port == 0) {
1499  return compare_known_tor_addr_to_addr_policy_noport(addr, policy);
1500  } else {
1501  return compare_known_tor_addr_to_addr_policy(addr, port, policy);
1502  }
1503 }
1504 
1505 /** Return true iff the address policy <b>a</b> covers every case that
1506  * would be covered by <b>b</b>, so that a,b is redundant. */
1507 static int
1509 {
1510  if (tor_addr_family(&a->addr) != tor_addr_family(&b->addr)) {
1511  /* You can't cover a different family. */
1512  return 0;
1513  }
1514  /* We can ignore accept/reject, since "accept *:80, reject *:80" reduces
1515  * to "accept *:80". */
1516  if (a->maskbits > b->maskbits) {
1517  /* a has more fixed bits than b; it can't possibly cover b. */
1518  return 0;
1519  }
1520  if (tor_addr_compare_masked(&a->addr, &b->addr, a->maskbits, CMP_EXACT)) {
1521  /* There's a fixed bit in a that's set differently in b. */
1522  return 0;
1523  }
1524  return (a->prt_min <= b->prt_min && a->prt_max >= b->prt_max);
1525 }
1526 
1527 /** Return true iff the address policies <b>a</b> and <b>b</b> intersect,
1528  * that is, there exists an address/port that is covered by <b>a</b> that
1529  * is also covered by <b>b</b>.
1530  */
1531 static int
1533 {
1534  maskbits_t minbits;
1535  /* All the bits we care about are those that are set in both
1536  * netmasks. If they are equal in a and b's networkaddresses
1537  * then the networks intersect. If there is a difference,
1538  * then they do not. */
1539  if (a->maskbits < b->maskbits)
1540  minbits = a->maskbits;
1541  else
1542  minbits = b->maskbits;
1543  if (tor_addr_compare_masked(&a->addr, &b->addr, minbits, CMP_EXACT))
1544  return 0;
1545  if (a->prt_max < b->prt_min || b->prt_max < a->prt_min)
1546  return 0;
1547  return 1;
1548 }
1549 
1550 /** Add the exit policy described by <b>more</b> to <b>policy</b>.
1551  */
1552 STATIC void
1553 append_exit_policy_string(smartlist_t **policy, const char *more)
1554 {
1555  config_line_t tmp;
1556 
1557  tmp.key = NULL;
1558  tmp.value = (char*) more;
1559  tmp.next = NULL;
1560  if (parse_addr_policy(&tmp, policy, -1)<0) {
1561  log_warn(LD_BUG, "Unable to parse internally generated policy %s",more);
1562  }
1563 }
1564 
1565 /** Add "reject <b>addr</b>:*" to <b>dest</b>, creating the list as needed. */
1566 void
1568 {
1569  tor_assert(dest);
1570  tor_assert(addr);
1571 
1572  addr_policy_t p, *add;
1573  memset(&p, 0, sizeof(p));
1574  p.policy_type = ADDR_POLICY_REJECT;
1575  p.maskbits = tor_addr_family(addr) == AF_INET6 ? 128 : 32;
1576  tor_addr_copy(&p.addr, addr);
1577  p.prt_min = 1;
1578  p.prt_max = 65535;
1579 
1581  if (!*dest)
1582  *dest = smartlist_new();
1583  smartlist_add(*dest, add);
1584  log_debug(LD_CONFIG, "Adding a reject ExitPolicy 'reject %s:*'",
1585  fmt_addr(addr));
1586 }
1587 
1588 /* Is addr public for the purposes of rejection? */
1589 static int
1590 tor_addr_is_public_for_reject(const tor_addr_t *addr)
1591 {
1592  return (!tor_addr_is_null(addr) && !tor_addr_is_internal(addr, 0)
1593  && !tor_addr_is_multicast(addr));
1594 }
1595 
1596 /* Add "reject <b>addr</b>:*" to <b>dest</b>, creating the list as needed.
1597  * Filter the address, only adding an IPv4 reject rule if ipv4_rules
1598  * is true, and similarly for ipv6_rules. Check each address returns true for
1599  * tor_addr_is_public_for_reject before adding it.
1600  */
1601 static void
1602 addr_policy_append_reject_addr_filter(smartlist_t **dest,
1603  const tor_addr_t *addr,
1604  int ipv4_rules,
1605  int ipv6_rules)
1606 {
1607  tor_assert(dest);
1608  tor_assert(addr);
1609 
1610  /* Only reject IP addresses which are public */
1611  if (tor_addr_is_public_for_reject(addr)) {
1612 
1613  /* Reject IPv4 addresses and IPv6 addresses based on the filters */
1614  int is_ipv4 = tor_addr_is_v4(addr);
1615  if ((is_ipv4 && ipv4_rules) || (!is_ipv4 && ipv6_rules)) {
1616  addr_policy_append_reject_addr(dest, addr);
1617  }
1618  }
1619 }
1620 
1621 /** Add "reject addr:*" to <b>dest</b>, for each addr in addrs, creating the
1622  * list as needed. */
1623 void
1625  const smartlist_t *addrs)
1626 {
1627  tor_assert(dest);
1628  tor_assert(addrs);
1629 
1630  SMARTLIST_FOREACH_BEGIN(addrs, tor_addr_t *, addr) {
1631  addr_policy_append_reject_addr(dest, addr);
1632  } SMARTLIST_FOREACH_END(addr);
1633 }
1634 
1635 /** Add "reject addr:*" to <b>dest</b>, for each addr in addrs, creating the
1636  * list as needed. Filter using */
1637 static void
1639  const smartlist_t *addrs,
1640  int ipv4_rules,
1641  int ipv6_rules)
1642 {
1643  tor_assert(dest);
1644  tor_assert(addrs);
1645 
1646  SMARTLIST_FOREACH_BEGIN(addrs, tor_addr_t *, addr) {
1647  addr_policy_append_reject_addr_filter(dest, addr, ipv4_rules, ipv6_rules);
1648  } SMARTLIST_FOREACH_END(addr);
1649 }
1650 
1651 /** Detect and excise "dead code" from the policy *<b>dest</b>. */
1652 static void
1654 {
1655  addr_policy_t *ap, *tmp;
1656  int i, j;
1657 
1658  /* Step one: kill every ipv4 thing after *4:*, every IPv6 thing after *6:*
1659  */
1660  {
1661  int kill_v4=0, kill_v6=0;
1662  for (i = 0; i < smartlist_len(dest); ++i) {
1663  sa_family_t family;
1664  ap = smartlist_get(dest, i);
1665  family = tor_addr_family(&ap->addr);
1666  if ((family == AF_INET && kill_v4) ||
1667  (family == AF_INET6 && kill_v6)) {
1668  smartlist_del_keeporder(dest, i--);
1669  addr_policy_free(ap);
1670  continue;
1671  }
1672 
1673  if (ap->maskbits == 0 && ap->prt_min <= 1 && ap->prt_max >= 65535) {
1674  /* This is a catch-all line -- later lines are unreachable. */
1675  if (family == AF_INET) {
1676  kill_v4 = 1;
1677  } else if (family == AF_INET6) {
1678  kill_v6 = 1;
1679  }
1680  }
1681  }
1682  }
1683 
1684  /* Step two: for every entry, see if there's a redundant entry
1685  * later on, and remove it. */
1686  for (i = 0; i < smartlist_len(dest)-1; ++i) {
1687  ap = smartlist_get(dest, i);
1688  for (j = i+1; j < smartlist_len(dest); ++j) {
1689  tmp = smartlist_get(dest, j);
1690  tor_assert(j > i);
1691  if (addr_policy_covers(ap, tmp)) {
1692  char p1[POLICY_BUF_LEN], p2[POLICY_BUF_LEN];
1693  policy_write_item(p1, sizeof(p1), tmp, 0);
1694  policy_write_item(p2, sizeof(p2), ap, 0);
1695  log_debug(LD_CONFIG, "Removing exit policy %s (%d). It is made "
1696  "redundant by %s (%d).", p1, j, p2, i);
1697  smartlist_del_keeporder(dest, j--);
1698  addr_policy_free(tmp);
1699  }
1700  }
1701  }
1702 
1703  /* Step three: for every entry A, see if there's an entry B making this one
1704  * redundant later on. This is the case if A and B are of the same type
1705  * (accept/reject), A is a subset of B, and there is no other entry of
1706  * different type in between those two that intersects with A.
1707  *
1708  * Anybody want to double-check the logic here? XXX
1709  */
1710  for (i = 0; i < smartlist_len(dest)-1; ++i) {
1711  ap = smartlist_get(dest, i);
1712  for (j = i+1; j < smartlist_len(dest); ++j) {
1713  // tor_assert(j > i); // j starts out at i+1; j only increases; i only
1714  // // decreases.
1715  tmp = smartlist_get(dest, j);
1716  if (ap->policy_type != tmp->policy_type) {
1717  if (addr_policy_intersects(ap, tmp))
1718  break;
1719  } else { /* policy_types are equal. */
1720  if (addr_policy_covers(tmp, ap)) {
1721  char p1[POLICY_BUF_LEN], p2[POLICY_BUF_LEN];
1722  policy_write_item(p1, sizeof(p1), ap, 0);
1723  policy_write_item(p2, sizeof(p2), tmp, 0);
1724  log_debug(LD_CONFIG, "Removing exit policy %s. It is already "
1725  "covered by %s.", p1, p2);
1726  smartlist_del_keeporder(dest, i--);
1727  addr_policy_free(ap);
1728  break;
1729  }
1730  }
1731  }
1732  }
1733 }
1734 
1735 /** Reject private helper for policies_parse_exit_policy_internal: rejects
1736  * publicly routable addresses on this exit relay.
1737  *
1738  * Add reject entries to the linked list *<b>dest</b>:
1739  * <ul>
1740  * <li>if configured_addresses is non-NULL, add entries that reject each
1741  * tor_addr_t in the list as a destination.
1742  * <li>if reject_interface_addresses is true, add entries that reject each
1743  * public IPv4 and IPv6 address of each interface on this machine.
1744  * <li>if reject_configured_port_addresses is true, add entries that reject
1745  * each IPv4 and IPv6 address configured for a port.
1746  * </ul>
1747  *
1748  * IPv6 entries are only added if ipv6_exit is true. (All IPv6 addresses are
1749  * already blocked by policies_parse_exit_policy_internal if ipv6_exit is
1750  * false.)
1751  *
1752  * The list in <b>dest</b> is created as needed.
1753  */
1754 void
1756  smartlist_t **dest,
1757  int ipv6_exit,
1758  const smartlist_t *configured_addresses,
1759  int reject_interface_addresses,
1760  int reject_configured_port_addresses)
1761 {
1762  tor_assert(dest);
1763 
1764  /* Reject configured addresses, if they are from public netblocks. */
1765  if (configured_addresses) {
1766  addr_policy_append_reject_addr_list_filter(dest, configured_addresses,
1767  1, ipv6_exit);
1768  }
1769 
1770  /* Reject configured port addresses, if they are from public netblocks. */
1771  if (reject_configured_port_addresses) {
1772  const smartlist_t *port_addrs = get_configured_ports();
1773 
1774  SMARTLIST_FOREACH_BEGIN(port_addrs, port_cfg_t *, port) {
1775 
1776  /* Only reject port IP addresses, not port unix sockets */
1777  if (!port->is_unix_addr) {
1778  addr_policy_append_reject_addr_filter(dest, &port->addr, 1, ipv6_exit);
1779  }
1780  } SMARTLIST_FOREACH_END(port);
1781  }
1782 
1783  /* Reject local addresses from public netblocks on any interface. */
1784  if (reject_interface_addresses) {
1785  smartlist_t *public_addresses = NULL;
1786 
1787  /* Reject public IPv4 addresses on any interface */
1788  public_addresses = get_interface_address6_list(LOG_INFO, AF_INET, 0);
1789  addr_policy_append_reject_addr_list_filter(dest, public_addresses, 1, 0);
1790  interface_address6_list_free(public_addresses);
1791 
1792  /* Don't look for IPv6 addresses if we're configured as IPv4-only */
1793  if (ipv6_exit) {
1794  /* Reject public IPv6 addresses on any interface */
1795  public_addresses = get_interface_address6_list(LOG_INFO, AF_INET6, 0);
1796  addr_policy_append_reject_addr_list_filter(dest, public_addresses, 0, 1);
1797  interface_address6_list_free(public_addresses);
1798  }
1799  }
1800 
1801  /* If addresses were added multiple times, remove all but one of them. */
1802  if (*dest) {
1804  }
1805 }
1806 
1807 /**
1808  * Iterate through <b>policy</b> looking for redundant entries. Log a
1809  * warning message with the first redundant entry, if any is found.
1810  */
1811 static void
1813 {
1814  int found_final_effective_entry = 0;
1815  int first_redundant_entry = 0;
1816  tor_assert(policy);
1817  SMARTLIST_FOREACH_BEGIN(policy, const addr_policy_t *, p) {
1818  sa_family_t family;
1819  int found_ipv4_wildcard = 0, found_ipv6_wildcard = 0;
1820  const int i = p_sl_idx;
1821 
1822  /* Look for accept/reject *[4|6|]:* entires */
1823  if (p->prt_min <= 1 && p->prt_max == 65535 && p->maskbits == 0) {
1824  family = tor_addr_family(&p->addr);
1825  /* accept/reject *:* may have already been expanded into
1826  * accept/reject *4:*,accept/reject *6:*
1827  * But handle both forms.
1828  */
1829  if (family == AF_INET || family == AF_UNSPEC) {
1830  found_ipv4_wildcard = 1;
1831  }
1832  if (family == AF_INET6 || family == AF_UNSPEC) {
1833  found_ipv6_wildcard = 1;
1834  }
1835  }
1836 
1837  /* We also find accept *4:*,reject *6:* ; and
1838  * accept *4:*,<other policies>,accept *6:* ; and similar.
1839  * That's ok, because they make any subsequent entries redundant. */
1840  if (found_ipv4_wildcard && found_ipv6_wildcard) {
1841  found_final_effective_entry = 1;
1842  /* if we're not on the final entry in the list */
1843  if (i < smartlist_len(policy) - 1) {
1844  first_redundant_entry = i + 1;
1845  }
1846  break;
1847  }
1848  } SMARTLIST_FOREACH_END(p);
1849 
1850  /* Work out if there are redundant trailing entries in the policy list */
1851  if (found_final_effective_entry && first_redundant_entry > 0) {
1852  const addr_policy_t *p;
1853  /* Longest possible policy is
1854  * "accept6 ffff:ffff:..255/128:10000-65535",
1855  * which contains a max-length IPv6 address, plus 24 characters. */
1856  char line[TOR_ADDR_BUF_LEN + 32];
1857 
1858  tor_assert(first_redundant_entry < smartlist_len(policy));
1859  p = smartlist_get(policy, first_redundant_entry);
1860  /* since we've already parsed the policy into an addr_policy_t struct,
1861  * we might not log exactly what the user typed in */
1862  policy_write_item(line, TOR_ADDR_BUF_LEN + 32, p, 0);
1863  log_warn(LD_DIR, "Exit policy '%s' and all following policies are "
1864  "redundant, as it follows accept/reject *:* rules for both "
1865  "IPv4 and IPv6. They will be removed from the exit policy. (Use "
1866  "accept/reject *:* as the last entry in any exit policy.)",
1867  line);
1868  }
1869 }
1870 
1871 #define DEFAULT_EXIT_POLICY \
1872  "reject *:25,reject *:119,reject *:135-139,reject *:445," \
1873  "reject *:563,reject *:1214,reject *:4661-4666," \
1874  "reject *:6346-6429,reject *:6699,reject *:6881-6999,accept *:*"
1875 
1876 #define REDUCED_EXIT_POLICY \
1877  "accept *:20-23,accept *:43,accept *:53,accept *:79-81,accept *:88," \
1878  "accept *:110,accept *:143,accept *:194,accept *:220,accept *:389," \
1879  "accept *:443,accept *:464,accept *:465,accept *:531,accept *:543-544," \
1880  "accept *:554,accept *:563,accept *:587,accept *:636,accept *:706," \
1881  "accept *:749,accept *:873,accept *:902-904,accept *:981,accept *:989-995," \
1882  "accept *:1194,accept *:1220,accept *:1293,accept *:1500,accept *:1533," \
1883  "accept *:1677,accept *:1723,accept *:1755,accept *:1863," \
1884  "accept *:2082-2083,accept *:2086-2087,accept *:2095-2096," \
1885  "accept *:2102-2104,accept *:3128,accept *:3389,accept *:3690," \
1886  "accept *:4321,accept *:4643,accept *:5050,accept *:5190," \
1887  "accept *:5222-5223,accept *:5228,accept *:5900,accept *:6660-6669," \
1888  "accept *:6679,accept *:6697,accept *:8000,accept *:8008,accept *:8074," \
1889  "accept *:8080,accept *:8082,accept *:8087-8088,accept *:8232-8233," \
1890  "accept *:8332-8333,accept *:8443,accept *:8888,accept *:9418," \
1891  "accept *:9999,accept *:10000,accept *:11371,accept *:19294," \
1892  "accept *:19638,accept *:50002,accept *:64738,reject *:*"
1893 
1894 /** Parse the exit policy <b>cfg</b> into the linked list *<b>dest</b>.
1895  *
1896  * If <b>ipv6_exit</b> is false, prepend "reject *6:*" to the policy.
1897  *
1898  * If <b>configured_addresses</b> contains addresses:
1899  * - prepend entries that reject the addresses in this list. These may be the
1900  * advertised relay addresses and/or the outbound bind addresses,
1901  * depending on the ExitPolicyRejectPrivate and
1902  * ExitPolicyRejectLocalInterfaces settings.
1903  * If <b>rejectprivate</b> is true:
1904  * - prepend "reject private:*" to the policy.
1905  * If <b>reject_interface_addresses</b> is true:
1906  * - prepend entries that reject publicly routable interface addresses on
1907  * this exit relay by calling policies_parse_exit_policy_reject_private
1908  * If <b>reject_configured_port_addresses</b> is true:
1909  * - prepend entries that reject all configured port addresses
1910  *
1911  * If cfg doesn't end in an absolute accept or reject and if
1912  * <b>add_default_policy</b> is true, add the default exit
1913  * policy afterwards.
1914  *
1915  * Return -1 if we can't parse cfg, else return 0.
1916  *
1917  * This function is used to parse the exit policy from our torrc. For
1918  * the functions used to parse the exit policy from a router descriptor,
1919  * see router_add_exit_policy.
1920  */
1921 static int
1923  smartlist_t **dest,
1924  int ipv6_exit,
1925  int rejectprivate,
1926  const smartlist_t *configured_addresses,
1927  int reject_interface_addresses,
1928  int reject_configured_port_addresses,
1929  int add_default_policy,
1930  int add_reduced_policy)
1931 {
1932  if (!ipv6_exit) {
1933  append_exit_policy_string(dest, "reject *6:*");
1934  }
1935  if (rejectprivate) {
1936  /* Reject IPv4 and IPv6 reserved private netblocks */
1937  append_exit_policy_string(dest, "reject private:*");
1938  }
1939 
1940  /* Consider rejecting IPv4 and IPv6 advertised relay addresses, outbound bind
1941  * addresses, publicly routable addresses, and configured port addresses
1942  * on this exit relay */
1944  configured_addresses,
1945  reject_interface_addresses,
1946  reject_configured_port_addresses);
1947 
1948  if (parse_addr_policy(cfg, dest, -1))
1949  return -1;
1950 
1951  /* Before we add the default policy and final rejects, check to see if
1952  * there are any lines after accept *:* or reject *:*. These lines have no
1953  * effect, and are most likely an error. */
1955 
1956  if (add_reduced_policy) {
1957  append_exit_policy_string(dest, REDUCED_EXIT_POLICY);
1958  } else if (add_default_policy) {
1959  append_exit_policy_string(dest, DEFAULT_EXIT_POLICY);
1960  } else {
1961  append_exit_policy_string(dest, "reject *4:*");
1962  append_exit_policy_string(dest, "reject *6:*");
1963  }
1965 
1966  return 0;
1967 }
1968 
1969 /** Parse exit policy in <b>cfg</b> into <b>dest</b> smartlist.
1970  *
1971  * Prepend an entry that rejects all IPv6 destinations unless
1972  * <b>EXIT_POLICY_IPV6_ENABLED</b> bit is set in <b>options</b> bitmask.
1973  *
1974  * If <b>EXIT_POLICY_REJECT_PRIVATE</b> bit is set in <b>options</b>:
1975  * - prepend an entry that rejects all destinations in all netblocks
1976  * reserved for private use.
1977  * - prepend entries that reject the advertised relay addresses in
1978  * configured_addresses
1979  * If <b>EXIT_POLICY_REJECT_LOCAL_INTERFACES</b> bit is set in <b>options</b>:
1980  * - prepend entries that reject publicly routable addresses on this exit
1981  * relay by calling policies_parse_exit_policy_internal
1982  * - prepend entries that reject the outbound bind addresses in
1983  * configured_addresses
1984  * - prepend entries that reject all configured port addresses
1985  *
1986  * If <b>EXIT_POLICY_ADD_DEFAULT</b> bit is set in <b>options</b>, append
1987  * default exit policy entries to <b>result</b> smartlist.
1988  */
1989 int
1991  exit_policy_parser_cfg_t options,
1992  const smartlist_t *configured_addresses)
1993 {
1994  int ipv6_enabled = (options & EXIT_POLICY_IPV6_ENABLED) ? 1 : 0;
1995  int reject_private = (options & EXIT_POLICY_REJECT_PRIVATE) ? 1 : 0;
1996  int add_default = (options & EXIT_POLICY_ADD_DEFAULT) ? 1 : 0;
1997  int reject_local_interfaces = (options &
1998  EXIT_POLICY_REJECT_LOCAL_INTERFACES) ? 1 : 0;
1999  int add_reduced = (options & EXIT_POLICY_ADD_REDUCED) ? 1 : 0;
2000 
2001  return policies_parse_exit_policy_internal(cfg,dest,ipv6_enabled,
2002  reject_private,
2003  configured_addresses,
2004  reject_local_interfaces,
2005  reject_local_interfaces,
2006  add_default,
2007  add_reduced);
2008 }
2009 
2010 /** Helper function that adds a copy of addr to a smartlist as long as it is
2011  * non-NULL and not tor_addr_is_null().
2012  *
2013  * The caller is responsible for freeing all the tor_addr_t* in the smartlist.
2014  */
2015 static void
2017 {
2018  if (addr && !tor_addr_is_null(addr)) {
2019  tor_addr_t *addr_copy = tor_malloc(sizeof(tor_addr_t));
2020  tor_addr_copy(addr_copy, addr);
2021  smartlist_add(addr_list, addr_copy);
2022  }
2023 }
2024 
2025 /** Helper function that adds copies of or_options->OutboundBindAddresses
2026  * to a smartlist as tor_addr_t *, as long as or_options is non-NULL, and
2027  * the addresses are not tor_addr_is_null(), by passing them to
2028  * policies_add_addr_to_smartlist.
2029  *
2030  * The caller is responsible for freeing all the tor_addr_t* in the smartlist.
2031  */
2032 static void
2034  const or_options_t *or_options)
2035 {
2036  if (or_options) {
2037  for (int i=0;i<OUTBOUND_ADDR_MAX;i++) {
2038  for (int j=0;j<2;j++) {
2039  if (!tor_addr_is_null(&or_options->OutboundBindAddresses[i][j])) {
2041  &or_options->OutboundBindAddresses[i][j]);
2042  }
2043  }
2044  }
2045  }
2046 }
2047 
2048 /** Parse <b>ExitPolicy</b> member of <b>or_options</b> into <b>result</b>
2049  * smartlist.
2050  * If <b>or_options->IPv6Exit</b> is false, prepend an entry that
2051  * rejects all IPv6 destinations.
2052  *
2053  * If <b>or_options->ExitPolicyRejectPrivate</b> is true:
2054  * - prepend an entry that rejects all destinations in all netblocks reserved
2055  * for private use.
2056  * - if ipv4_local_address is non-zero, treat it as a host-order IPv4 address,
2057  * and add it to the list of configured addresses.
2058  * - if ipv6_local_address is non-NULL, and not the null tor_addr_t, add it
2059  * to the list of configured addresses.
2060  * If <b>or_options->ExitPolicyRejectLocalInterfaces</b> is true:
2061  * - if or_options->OutboundBindAddresses[][0] (=IPv4) is not the null
2062  * tor_addr_t, add it to the list of configured addresses.
2063  * - if or_options->OutboundBindAddresses[][1] (=IPv6) is not the null
2064  * tor_addr_t, add it to the list of configured addresses.
2065  *
2066  * If <b>or_options->BridgeRelay</b> is false, append entries of default
2067  * Tor exit policy into <b>result</b> smartlist.
2068  *
2069  * If or_options->ExitRelay is false, or is auto without specifying an exit
2070  * policy, then make our exit policy into "reject *:*" regardless.
2071  */
2072 int
2074  const tor_addr_t *ipv4_local_address,
2075  const tor_addr_t *ipv6_local_address,
2076  smartlist_t **result)
2077 {
2078  exit_policy_parser_cfg_t parser_cfg = 0;
2079  smartlist_t *configured_addresses = NULL;
2080  int rv = 0;
2081 
2082  /* Short-circuit for non-exit relays, or for relays where we didn't specify
2083  * ExitPolicy or ReducedExitPolicy or IPv6Exit and ExitRelay is auto. */
2084  if (or_options->ExitRelay == 0 ||
2085  policy_using_default_exit_options(or_options)) {
2086  append_exit_policy_string(result, "reject *4:*");
2087  append_exit_policy_string(result, "reject *6:*");
2088  return 0;
2089  }
2090 
2091  configured_addresses = smartlist_new();
2092 
2093  /* Configure the parser */
2094  if (or_options->IPv6Exit) {
2095  parser_cfg |= EXIT_POLICY_IPV6_ENABLED;
2096  }
2097 
2098  if (or_options->ExitPolicyRejectPrivate) {
2099  parser_cfg |= EXIT_POLICY_REJECT_PRIVATE;
2100  }
2101 
2102  if (!or_options->BridgeRelay) {
2103  if (or_options->ReducedExitPolicy)
2104  parser_cfg |= EXIT_POLICY_ADD_REDUCED;
2105  else
2106  parser_cfg |= EXIT_POLICY_ADD_DEFAULT;
2107  }
2108 
2109  if (or_options->ExitPolicyRejectLocalInterfaces) {
2110  parser_cfg |= EXIT_POLICY_REJECT_LOCAL_INTERFACES;
2111  }
2112 
2113  /* Copy the configured addresses into the tor_addr_t* list */
2114  if (or_options->ExitPolicyRejectPrivate) {
2115  policies_copy_addr_to_smartlist(configured_addresses, ipv4_local_address);
2116  policies_copy_addr_to_smartlist(configured_addresses, ipv6_local_address);
2117  }
2118 
2119  if (or_options->ExitPolicyRejectLocalInterfaces) {
2120  policies_copy_outbound_addresses_to_smartlist(configured_addresses,
2121  or_options);
2122  }
2123 
2124  rv = policies_parse_exit_policy(or_options->ExitPolicy, result, parser_cfg,
2125  configured_addresses);
2126 
2127  SMARTLIST_FOREACH(configured_addresses, tor_addr_t *, a, tor_free(a));
2128  smartlist_free(configured_addresses);
2129 
2130  return rv;
2131 }
2132 
2133 /** Add "reject *:*" to the end of the policy in *<b>dest</b>, allocating
2134  * *<b>dest</b> as needed. */
2135 void
2137 {
2138  append_exit_policy_string(dest, "reject *4:*");
2139  append_exit_policy_string(dest, "reject *6:*");
2140 }
2141 
2142 /** Replace the exit policy of <b>node</b> with reject *:* */
2143 void
2145 {
2146  node->rejects_all = 1;
2147 }
2148 
2149 /** Return 1 if there is at least one /8 subnet in <b>policy</b> that
2150  * allows exiting to <b>port</b>. Otherwise, return 0. */
2151 static int
2153 {
2154  uint32_t mask, ip, i;
2155  /* Is this /8 rejected (1), or undecided (0)? */
2156  char subnet_status[256];
2157 
2158  memset(subnet_status, 0, sizeof(subnet_status));
2159  SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, p) {
2160  if (tor_addr_family(&p->addr) != AF_INET)
2161  continue; /* IPv4 only for now */
2162  if (p->prt_min > port || p->prt_max < port)
2163  continue; /* Doesn't cover our port. */
2164  mask = 0;
2165  tor_assert(p->maskbits <= 32);
2166 
2167  if (p->maskbits)
2168  mask = UINT32_MAX<<(32-p->maskbits);
2169  ip = tor_addr_to_ipv4h(&p->addr);
2170 
2171  /* Calculate the first and last subnet that this exit policy touches
2172  * and set it as loop boundaries. */
2173  for (i = ((mask & ip)>>24); i <= (~((mask & ip) ^ mask)>>24); ++i) {
2174  tor_addr_t addr;
2175  if (subnet_status[i] != 0)
2176  continue; /* We already reject some part of this /8 */
2177  tor_addr_from_ipv4h(&addr, i<<24);
2178  if (tor_addr_is_internal(&addr, 0) &&
2179  !get_options()->DirAllowPrivateAddresses) {
2180  continue; /* Local or non-routable addresses */
2181  }
2182  if (p->policy_type == ADDR_POLICY_ACCEPT) {
2183  if (p->maskbits > 8)
2184  continue; /* Narrower than a /8. */
2185  /* We found an allowed subnet of at least size /8. Done
2186  * for this port! */
2187  return 1;
2188  } else if (p->policy_type == ADDR_POLICY_REJECT) {
2189  subnet_status[i] = 1;
2190  }
2191  }
2192  } SMARTLIST_FOREACH_END(p);
2193  return 0;
2194 }
2195 
2196 /** Return true iff <b>ri</b> is "useful as an exit node", meaning
2197  * it allows exit to at least one /8 address space for each of ports 80
2198  * and 443. */
2199 int
2201 {
2202  if (!policy) /*XXXX disallow NULL policies? */
2203  return 0;
2204 
2205  return (exit_policy_is_general_exit_helper(policy, 80) &&
2206  exit_policy_is_general_exit_helper(policy, 443));
2207 }
2208 
2209 /** Return false if <b>policy</b> might permit access to some addr:port;
2210  * otherwise if we are certain it rejects everything, return true. If no
2211  * part of <b>policy</b> matches, return <b>default_reject</b>.
2212  * NULL policies are allowed, and treated as empty. */
2213 int
2215  int default_reject)
2216 {
2217  if (!policy)
2218  return default_reject;
2219  SMARTLIST_FOREACH_BEGIN(policy, const addr_policy_t *, p) {
2220  if (p->policy_type == ADDR_POLICY_ACCEPT &&
2221  (tor_addr_family(&p->addr) == family ||
2222  tor_addr_family(&p->addr) == AF_UNSPEC)) {
2223  return 0;
2224  } else if (p->policy_type == ADDR_POLICY_REJECT &&
2225  p->prt_min <= 1 && p->prt_max == 65535 &&
2226  p->maskbits == 0 &&
2227  (tor_addr_family(&p->addr) == family ||
2228  tor_addr_family(&p->addr) == AF_UNSPEC)) {
2229  return 1;
2230  }
2231  } SMARTLIST_FOREACH_END(p);
2232  return default_reject;
2233 }
2234 
2235 /** Write a single address policy to the buf_len byte buffer at buf. Return
2236  * the number of characters written, or -1 on failure. */
2237 int
2238 policy_write_item(char *buf, size_t buflen, const addr_policy_t *policy,
2239  int format_for_desc)
2240 {
2241  size_t written = 0;
2242  char addrbuf[TOR_ADDR_BUF_LEN];
2243  const char *addrpart;
2244  int result;
2245  const int is_accept = policy->policy_type == ADDR_POLICY_ACCEPT;
2246  const sa_family_t family = tor_addr_family(&policy->addr);
2247  const int is_ip6 = (family == AF_INET6);
2248 
2249  tor_addr_to_str(addrbuf, &policy->addr, sizeof(addrbuf), 1);
2250 
2251  /* write accept/reject 1.2.3.4 */
2252  if (policy->is_private) {
2253  addrpart = "private";
2254  } else if (policy->maskbits == 0) {
2255  if (format_for_desc)
2256  addrpart = "*";
2257  else if (family == AF_INET6)
2258  addrpart = "*6";
2259  else if (family == AF_INET)
2260  addrpart = "*4";
2261  else
2262  addrpart = "*";
2263  } else {
2264  addrpart = addrbuf;
2265  }
2266 
2267  result = tor_snprintf(buf, buflen, "%s%s %s",
2268  is_accept ? "accept" : "reject",
2269  (is_ip6&&format_for_desc)?"6":"",
2270  addrpart);
2271  if (result < 0)
2272  return -1;
2273  written += strlen(buf);
2274  /* If the maskbits is 32 (IPv4) or 128 (IPv6) we don't need to give it. If
2275  the mask is 0, we already wrote "*". */
2276  if (policy->maskbits < (is_ip6?128:32) && policy->maskbits > 0) {
2277  if (tor_snprintf(buf+written, buflen-written, "/%d", policy->maskbits)<0)
2278  return -1;
2279  written += strlen(buf+written);
2280  }
2281  if (policy->prt_min <= 1 && policy->prt_max == 65535) {
2282  /* There is no port set; write ":*" */
2283  if (written+4 > buflen)
2284  return -1;
2285  strlcat(buf+written, ":*", buflen-written);
2286  written += 2;
2287  } else if (policy->prt_min == policy->prt_max) {
2288  /* There is only one port; write ":80". */
2289  result = tor_snprintf(buf+written, buflen-written, ":%d", policy->prt_min);
2290  if (result<0)
2291  return -1;
2292  written += result;
2293  } else {
2294  /* There is a range of ports; write ":79-80". */
2295  result = tor_snprintf(buf+written, buflen-written, ":%d-%d",
2296  policy->prt_min, policy->prt_max);
2297  if (result<0)
2298  return -1;
2299  written += result;
2300  }
2301  if (written < buflen)
2302  buf[written] = '\0';
2303  else
2304  return -1;
2305 
2306  return (int)written;
2307 }
2308 
2309 /** Create a new exit policy summary, initially only with a single
2310  * port 1-64k item */
2311 /* XXXX This entire thing will do most stuff in O(N^2), or worse. Use an
2312  * RB-tree if that turns out to matter. */
2313 static smartlist_t *
2315 {
2316  smartlist_t *summary;
2317  policy_summary_item_t* item;
2318 
2319  item = tor_malloc_zero(sizeof(policy_summary_item_t));
2320  item->prt_min = 1;
2321  item->prt_max = 65535;
2322  item->reject_count = 0;
2323  item->accepted = 0;
2324 
2325  summary = smartlist_new();
2326  smartlist_add(summary, item);
2327 
2328  return summary;
2329 }
2330 
2331 /** Split the summary item in <b>item</b> at the port <b>new_starts</b>.
2332  * The current item is changed to end at new-starts - 1, the new item
2333  * copies reject_count and accepted from the old item,
2334  * starts at new_starts and ends at the port where the original item
2335  * previously ended.
2336  */
2337 static policy_summary_item_t*
2339 {
2340  policy_summary_item_t* new;
2341 
2342  new = tor_malloc_zero(sizeof(policy_summary_item_t));
2343  new->prt_min = new_starts;
2344  new->prt_max = old->prt_max;
2345  new->reject_count = old->reject_count;
2346  new->accepted = old->accepted;
2347 
2348  old->prt_max = new_starts-1;
2349 
2350  tor_assert(old->prt_min <= old->prt_max);
2351  tor_assert(new->prt_min <= new->prt_max);
2352  return new;
2353 }
2354 
2355 /* XXXX Nick says I'm going to hell for this. If he feels charitably towards
2356  * my immortal soul, he can clean it up himself. */
2357 #define AT(x) ((policy_summary_item_t*)smartlist_get(summary, x))
2358 
2359 #define IPV4_BITS (32)
2360 /* Every IPv4 address is counted as one rejection */
2361 #define REJECT_CUTOFF_SCALE_IPV4 (0)
2362 /* Ports are rejected in an IPv4 summary if they are rejected in more than two
2363  * IPv4 /8 address blocks */
2364 #define REJECT_CUTOFF_COUNT_IPV4 (UINT64_C(1) << \
2365  (IPV4_BITS - REJECT_CUTOFF_SCALE_IPV4 - 7))
2366 
2367 #define IPV6_BITS (128)
2368 /* IPv6 /64s are counted as one rejection, anything smaller is ignored */
2369 #define REJECT_CUTOFF_SCALE_IPV6 (64)
2370 /* Ports are rejected in an IPv6 summary if they are rejected in more than one
2371  * IPv6 /16 address block.
2372  * This is roughly equivalent to the IPv4 cutoff, as only five IPv6 /12s (and
2373  * some scattered smaller blocks) have been allocated to the RIRs.
2374  * Network providers are typically allocated one or more IPv6 /32s.
2375  */
2376 #define REJECT_CUTOFF_COUNT_IPV6 (UINT64_C(1) << \
2377  (IPV6_BITS - REJECT_CUTOFF_SCALE_IPV6 - 16))
2378 
2379 /** Split an exit policy summary so that prt_min and prt_max
2380  * fall at exactly the start and end of an item respectively.
2381  */
2382 static int
2384  uint16_t prt_min, uint16_t prt_max)
2385 {
2386  int start_at_index;
2387 
2388  int i = 0;
2389 
2390  while (AT(i)->prt_max < prt_min)
2391  i++;
2392  if (AT(i)->prt_min != prt_min) {
2393  policy_summary_item_t* new_item;
2394  new_item = policy_summary_item_split(AT(i), prt_min);
2395  smartlist_insert(summary, i+1, new_item);
2396  i++;
2397  }
2398  start_at_index = i;
2399 
2400  while (AT(i)->prt_max < prt_max)
2401  i++;
2402  if (AT(i)->prt_max != prt_max) {
2403  policy_summary_item_t* new_item;
2404  new_item = policy_summary_item_split(AT(i), prt_max+1);
2405  smartlist_insert(summary, i+1, new_item);
2406  }
2407 
2408  return start_at_index;
2409 }
2410 
2411 /** Mark port ranges as accepted if they are below the reject_count for family
2412  */
2413 static void
2415  uint16_t prt_min, uint16_t prt_max,
2416  sa_family_t family)
2417 {
2418  tor_assert_nonfatal_once(family == AF_INET || family == AF_INET6);
2419  uint64_t family_reject_count = ((family == AF_INET) ?
2420  REJECT_CUTOFF_COUNT_IPV4 :
2421  REJECT_CUTOFF_COUNT_IPV6);
2422 
2423  int i = policy_summary_split(summary, prt_min, prt_max);
2424  while (i < smartlist_len(summary) &&
2425  AT(i)->prt_max <= prt_max) {
2426  if (!AT(i)->accepted &&
2427  AT(i)->reject_count <= family_reject_count)
2428  AT(i)->accepted = 1;
2429  i++;
2430  }
2431  tor_assert(i < smartlist_len(summary) || prt_max==65535);
2432 }
2433 
2434 /** Count the number of addresses in a network in family with prefixlen
2435  * maskbits against the given portrange. */
2436 static void
2438  maskbits_t maskbits,
2439  uint16_t prt_min, uint16_t prt_max,
2440  sa_family_t family)
2441 {
2442  tor_assert_nonfatal_once(family == AF_INET || family == AF_INET6);
2443 
2444  int i = policy_summary_split(summary, prt_min, prt_max);
2445 
2446  /* The length of a single address mask */
2447  int addrbits = (family == AF_INET) ? IPV4_BITS : IPV6_BITS;
2448  tor_assert_nonfatal_once(addrbits >= maskbits);
2449 
2450  /* We divide IPv6 address counts by (1 << scale) to keep them in a uint64_t
2451  */
2452  int scale = ((family == AF_INET) ?
2453  REJECT_CUTOFF_SCALE_IPV4 :
2454  REJECT_CUTOFF_SCALE_IPV6);
2455 
2456  tor_assert_nonfatal_once(addrbits >= scale);
2457  if (maskbits > (addrbits - scale)) {
2458  tor_assert_nonfatal_once(family == AF_INET6);
2459  /* The address range is so small, we'd need billions of them to reach the
2460  * rejection limit. So we ignore this range in the reject count. */
2461  return;
2462  }
2463 
2464  uint64_t count = 0;
2465  if (addrbits - scale - maskbits >= 64) {
2466  tor_assert_nonfatal_once(family == AF_INET6);
2467  /* The address range is so large, it's an automatic rejection for all ports
2468  * in the range. */
2469  count = UINT64_MAX;
2470  } else {
2471  count = (UINT64_C(1) << (addrbits - scale - maskbits));
2472  }
2473  tor_assert_nonfatal_once(count > 0);
2474  while (i < smartlist_len(summary) &&
2475  AT(i)->prt_max <= prt_max) {
2476  if (AT(i)->reject_count <= UINT64_MAX - count) {
2477  AT(i)->reject_count += count;
2478  } else {
2479  /* IPv4 would require a 4-billion address redundant policy to get here,
2480  * but IPv6 just needs to have ::/0 */
2481  if (family == AF_INET) {
2482  tor_assert_nonfatal_unreached_once();
2483  }
2484  /* If we do get here, use saturating arithmetic */
2485  AT(i)->reject_count = UINT64_MAX;
2486  }
2487  i++;
2488  }
2489  tor_assert(i < smartlist_len(summary) || prt_max==65535);
2490 }
2491 
2492 /** Add a single exit policy item to our summary:
2493  *
2494  * If it is an accept, ignore it unless it is for all IP addresses
2495  * ("*", i.e. its prefixlen/maskbits is 0). Otherwise call
2496  * policy_summary_accept().
2497  *
2498  * If it is a reject, ignore it if it is about one of the private
2499  * networks. Otherwise call policy_summary_reject().
2500  */
2501 static void
2503 {
2504  if (p->policy_type == ADDR_POLICY_ACCEPT) {
2505  if (p->maskbits == 0) {
2506  policy_summary_accept(summary, p->prt_min, p->prt_max, p->addr.family);
2507  }
2508  } else if (p->policy_type == ADDR_POLICY_REJECT) {
2509 
2510  int is_private = 0;
2511  int i;
2512  for (i = 0; private_nets[i]; ++i) {
2513  tor_addr_t addr;
2514  maskbits_t maskbits;
2515  if (tor_addr_parse_mask_ports(private_nets[i], 0, &addr,
2516  &maskbits, NULL, NULL)<0) {
2517  tor_assert(0);
2518  }
2519  if (tor_addr_compare(&p->addr, &addr, CMP_EXACT) == 0 &&
2520  p->maskbits == maskbits) {
2521  is_private = 1;
2522  break;
2523  }
2524  }
2525 
2526  if (!is_private) {
2527  policy_summary_reject(summary, p->maskbits, p->prt_min, p->prt_max,
2528  p->addr.family);
2529  }
2530  } else
2531  tor_assert(0);
2532 }
2533 
2534 /** Create a string representing a summary for an exit policy.
2535  * The summary will either be an "accept" plus a comma-separated list of port
2536  * ranges or a "reject" plus port-ranges, depending on which is shorter.
2537  *
2538  * If no exits are allowed at all then "reject 1-65535" is returned. If no
2539  * ports are blocked instead of "reject " we return "accept 1-65535". (These
2540  * are an exception to the shorter-representation-wins rule).
2541  */
2542 char *
2544 {
2545  smartlist_t *summary = policy_summary_create();
2546  smartlist_t *accepts, *rejects;
2547  int i, last, start_prt;
2548  size_t accepts_len, rejects_len;
2549  char *accepts_str = NULL, *rejects_str = NULL, *shorter_str, *result;
2550  const char *prefix;
2551 
2552  tor_assert(policy);
2553 
2554  /* Create the summary list */
2555  SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, p) {
2556  sa_family_t f = tor_addr_family(&p->addr);
2557  if (f != AF_INET && f != AF_INET6) {
2558  log_warn(LD_BUG, "Weird family when summarizing address policy");
2559  }
2560  if (f != family)
2561  continue;
2562  policy_summary_add_item(summary, p);
2563  } SMARTLIST_FOREACH_END(p);
2564 
2565  /* Now create two lists of strings, one for accepted and one
2566  * for rejected ports. We take care to merge ranges so that
2567  * we avoid getting stuff like "1-4,5-9,10", instead we want
2568  * "1-10"
2569  */
2570  i = 0;
2571  start_prt = 1;
2572  accepts = smartlist_new();
2573  rejects = smartlist_new();
2574  while (1) {
2575  last = i == smartlist_len(summary)-1;
2576  if (last ||
2577  AT(i)->accepted != AT(i+1)->accepted) {
2578  char buf[POLICY_BUF_LEN];
2579 
2580  if (start_prt == AT(i)->prt_max)
2581  tor_snprintf(buf, sizeof(buf), "%d", start_prt);
2582  else
2583  tor_snprintf(buf, sizeof(buf), "%d-%d", start_prt, AT(i)->prt_max);
2584 
2585  if (AT(i)->accepted)
2586  smartlist_add_strdup(accepts, buf);
2587  else
2588  smartlist_add_strdup(rejects, buf);
2589 
2590  if (last)
2591  break;
2592 
2593  start_prt = AT(i+1)->prt_min;
2594  };
2595  i++;
2596  };
2597 
2598  /* Figure out which of the two stringlists will be shorter and use
2599  * that to build the result
2600  */
2601  if (smartlist_len(accepts) == 0) { /* no exits at all */
2602  result = tor_strdup("reject 1-65535");
2603  goto cleanup;
2604  }
2605  if (smartlist_len(rejects) == 0) { /* no rejects at all */
2606  result = tor_strdup("accept 1-65535");
2607  goto cleanup;
2608  }
2609 
2610  accepts_str = smartlist_join_strings(accepts, ",", 0, &accepts_len);
2611  rejects_str = smartlist_join_strings(rejects, ",", 0, &rejects_len);
2612 
2613  if (rejects_len > MAX_EXITPOLICY_SUMMARY_LEN-strlen("reject")-1 &&
2614  accepts_len > MAX_EXITPOLICY_SUMMARY_LEN-strlen("accept")-1) {
2615  char *c;
2616  shorter_str = accepts_str;
2617  prefix = "accept";
2618 
2619  c = shorter_str + (MAX_EXITPOLICY_SUMMARY_LEN-strlen(prefix)-1);
2620  while (*c != ',' && c >= shorter_str)
2621  c--;
2622  tor_assert(c >= shorter_str);
2623  tor_assert(*c == ',');
2624  *c = '\0';
2625 
2626  } else if (rejects_len < accepts_len) {
2627  shorter_str = rejects_str;
2628  prefix = "reject";
2629  } else {
2630  shorter_str = accepts_str;
2631  prefix = "accept";
2632  }
2633 
2634  tor_asprintf(&result, "%s %s", prefix, shorter_str);
2635 
2636  cleanup:
2637  /* cleanup */
2639  smartlist_free(summary);
2640 
2641  tor_free(accepts_str);
2642  SMARTLIST_FOREACH(accepts, char *, s, tor_free(s));
2643  smartlist_free(accepts);
2644 
2645  tor_free(rejects_str);
2646  SMARTLIST_FOREACH(rejects, char *, s, tor_free(s));
2647  smartlist_free(rejects);
2648 
2649  return result;
2650 }
2651 
2652 /** Convert a summarized policy string into a short_policy_t. Return NULL
2653  * if the string is not well-formed. */
2655 parse_short_policy(const char *summary)
2656 {
2657  const char *orig_summary = summary;
2658  short_policy_t *result;
2659  int is_accept;
2660  int n_entries;
2661  short_policy_entry_t entries[MAX_EXITPOLICY_SUMMARY_LEN]; /* overkill */
2662  char *next;
2663 
2664  if (!strcmpstart(summary, "accept ")) {
2665  is_accept = 1;
2666  summary += strlen("accept ");
2667  } else if (!strcmpstart(summary, "reject ")) {
2668  is_accept = 0;
2669  summary += strlen("reject ");
2670  } else {
2671  log_fn(LOG_PROTOCOL_WARN, LD_DIR, "Unrecognized policy summary keyword");
2672  return NULL;
2673  }
2674 
2675  n_entries = 0;
2676  for ( ; *summary; summary = next) {
2677  if (n_entries == MAX_EXITPOLICY_SUMMARY_LEN) {
2678  log_fn(LOG_PROTOCOL_WARN, LD_DIR, "Impossibly long policy summary %s",
2679  escaped(orig_summary));
2680  return NULL;
2681  }
2682 
2683  unsigned low, high;
2684  int ok;
2685  low = (unsigned) tor_parse_ulong(summary, 10, 1, 65535, &ok, &next);
2686  if (!ok) {
2687  if (! TOR_ISDIGIT(*summary) || *summary == ',') {
2688  /* Unrecognized format: skip it. */
2689  goto skip_ent;
2690  } else {
2691  goto bad_ent;
2692  }
2693  }
2694 
2695  switch (*next) {
2696  case ',':
2697  ++next;
2698  FALLTHROUGH;
2699  case '\0':
2700  high = low;
2701  break;
2702  case '-':
2703  high = (unsigned) tor_parse_ulong(next+1, 10, low, 65535, &ok, &next);
2704  if (!ok)
2705  goto bad_ent;
2706 
2707  if (*next == ',')
2708  ++next;
2709  else if (*next != '\0')
2710  goto bad_ent;
2711 
2712  break;
2713  default:
2714  goto bad_ent;
2715  }
2716 
2717  entries[n_entries].min_port = low;
2718  entries[n_entries].max_port = high;
2719  n_entries++;
2720 
2721  continue;
2722  skip_ent:
2723  next = strchr(next, ',');
2724  if (!next)
2725  break;
2726  ++next;
2727  }
2728 
2729  if (n_entries == 0) {
2730  log_fn(LOG_PROTOCOL_WARN, LD_DIR,
2731  "Found no port-range entries in summary %s", escaped(orig_summary));
2732  return NULL;
2733  }
2734 
2735  {
2736  size_t size = offsetof(short_policy_t, entries) +
2737  sizeof(short_policy_entry_t)*(n_entries);
2738  result = tor_malloc_zero(size);
2739 
2740  tor_assert( (char*)&result->entries[n_entries-1] < ((char*)result)+size);
2741  }
2742 
2743  result->is_accept = is_accept;
2744  result->n_entries = n_entries;
2745  memcpy(result->entries, entries, sizeof(short_policy_entry_t)*n_entries);
2746  return result;
2747 
2748  bad_ent:
2749  log_fn(LOG_PROTOCOL_WARN, LD_DIR,"Found bad entry in policy summary %s",
2750  escaped(orig_summary));
2751  return NULL;
2752 }
2753 
2754 /** Write <b>policy</b> back out into a string. */
2755 char *
2757 {
2758  int i;
2759  char *answer;
2760  smartlist_t *sl = smartlist_new();
2761 
2762  smartlist_add_asprintf(sl, "%s", policy->is_accept ? "accept " : "reject ");
2763 
2764  for (i=0; i < policy->n_entries; i++) {
2765  const short_policy_entry_t *e = &policy->entries[i];
2766  if (e->min_port == e->max_port) {
2767  smartlist_add_asprintf(sl, "%d", e->min_port);
2768  } else {
2769  smartlist_add_asprintf(sl, "%d-%d", e->min_port, e->max_port);
2770  }
2771  if (i < policy->n_entries-1)
2772  smartlist_add_strdup(sl, ",");
2773  }
2774  answer = smartlist_join_strings(sl, "", 0, NULL);
2775  SMARTLIST_FOREACH(sl, char *, a, tor_free(a));
2776  smartlist_free(sl);
2777  return answer;
2778 }
2779 
2780 /** Release all storage held in <b>policy</b>. */
2781 void
2783 {
2784  tor_free(policy);
2785 }
2786 
2787 /** See whether the <b>addr</b>:<b>port</b> address is likely to be accepted
2788  * or rejected by the summarized policy <b>policy</b>. Return values are as
2789  * for compare_tor_addr_to_addr_policy. Unlike the regular addr_policy
2790  * functions, requires the <b>port</b> be specified. */
2793  const short_policy_t *policy)
2794 {
2795  int i;
2796  int found_match = 0;
2797  int accept_;
2798 
2799  tor_assert(port != 0);
2800 
2801  if (addr && tor_addr_is_null(addr))
2802  addr = NULL; /* Unspec means 'no address at all,' in this context. */
2803 
2804  if (addr && get_options()->ClientRejectInternalAddresses &&
2805  (tor_addr_is_internal(addr, 0) || tor_addr_is_loopback(addr)))
2806  return ADDR_POLICY_REJECTED;
2807 
2808  for (i=0; i < policy->n_entries; ++i) {
2809  const short_policy_entry_t *e = &policy->entries[i];
2810  if (e->min_port <= port && port <= e->max_port) {
2811  found_match = 1;
2812  break;
2813  }
2814  }
2815 
2816  if (found_match)
2817  accept_ = policy->is_accept;
2818  else
2819  accept_ = ! policy->is_accept;
2820 
2821  /* ???? are these right? -NM */
2822  /* We should be sure not to return ADDR_POLICY_ACCEPTED in the accept
2823  * case here, because it would cause clients to believe that the node
2824  * allows exit enclaving. Trying it anyway would open up a cool attack
2825  * where the node refuses due to exitpolicy, the client reacts in
2826  * surprise by rewriting the node's exitpolicy to reject *:*, and then
2827  * an adversary targets users by causing them to attempt such connections
2828  * to 98% of the exits.
2829  *
2830  * Once microdescriptors can handle addresses in special cases (e.g. if
2831  * we ever solve ticket 1774), we can provide certainty here. -RD */
2832  if (accept_)
2834  else
2835  return ADDR_POLICY_REJECTED;
2836 }
2837 
2838 /** Return true iff <b>policy</b> seems reject all ports */
2839 int
2841 {
2842  /* This doesn't need to be as much on the lookout as policy_is_reject_star,
2843  * since policy summaries are from the consensus or from consensus
2844  * microdescs.
2845  */
2846  tor_assert(policy);
2847  /* Check for an exact match of "reject 1-65535". */
2848  return (policy->is_accept == 0 && policy->n_entries == 1 &&
2849  policy->entries[0].min_port == 1 &&
2850  policy->entries[0].max_port == 65535);
2851 }
2852 
2853 /** Decide whether addr:port is probably or definitely accepted or rejected by
2854  * <b>node</b>. See compare_tor_addr_to_addr_policy for details on addr/port
2855  * interpretation. */
2857 compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port,
2858  const node_t *node)
2859 {
2860  if (node->rejects_all)
2861  return ADDR_POLICY_REJECTED;
2862 
2863  if (addr && tor_addr_family(addr) == AF_INET6) {
2864  const short_policy_t *p = NULL;
2865  if (node->ri)
2866  p = node->ri->ipv6_exit_policy;
2867  else if (node->md)
2868  p = node->md->ipv6_exit_policy;
2869  if (p)
2870  return compare_tor_addr_to_short_policy(addr, port, p);
2871  else
2872  return ADDR_POLICY_REJECTED;
2873  }
2874 
2875  if (node->ri) {
2876  return compare_tor_addr_to_addr_policy(addr, port, node->ri->exit_policy);
2877  } else if (node->md) {
2878  if (node->md->exit_policy == NULL)
2879  return ADDR_POLICY_REJECTED;
2880  else
2881  return compare_tor_addr_to_short_policy(addr, port,
2882  node->md->exit_policy);
2883  } else {
2885  }
2886 }
2887 
2888 /**
2889  * Given <b>policy_list</b>, a list of addr_policy_t, produce a string
2890  * representation of the list.
2891  * If <b>include_ipv4</b> is true, include IPv4 entries.
2892  * If <b>include_ipv6</b> is true, include IPv6 entries.
2893  */
2894 char *
2896  int include_ipv4,
2897  int include_ipv6)
2898 {
2899  smartlist_t *policy_string_list;
2900  char *policy_string = NULL;
2901 
2902  policy_string_list = smartlist_new();
2903 
2904  SMARTLIST_FOREACH_BEGIN(policy_list, addr_policy_t *, tmpe) {
2905  char *pbuf;
2906  int bytes_written_to_pbuf;
2907  if ((tor_addr_family(&tmpe->addr) == AF_INET6) && (!include_ipv6)) {
2908  continue; /* Don't include IPv6 parts of address policy */
2909  }
2910  if ((tor_addr_family(&tmpe->addr) == AF_INET) && (!include_ipv4)) {
2911  continue; /* Don't include IPv4 parts of address policy */
2912  }
2913 
2914  pbuf = tor_malloc(POLICY_BUF_LEN);
2915  bytes_written_to_pbuf = policy_write_item(pbuf,POLICY_BUF_LEN, tmpe, 1);
2916 
2917  if (bytes_written_to_pbuf < 0) {
2918  log_warn(LD_BUG, "policy_dump_to_string ran out of room!");
2919  tor_free(pbuf);
2920  goto done;
2921  }
2922 
2923  smartlist_add(policy_string_list,pbuf);
2924  } SMARTLIST_FOREACH_END(tmpe);
2925 
2926  policy_string = smartlist_join_strings(policy_string_list, "\n", 0, NULL);
2927 
2928  done:
2929  SMARTLIST_FOREACH(policy_string_list, char *, str, tor_free(str));
2930  smartlist_free(policy_string_list);
2931 
2932  return policy_string;
2933 }
2934 
2935 /** Implementation for GETINFO control command: knows the answer for questions
2936  * about "exit-policy/..." */
2937 int
2939  const char *question, char **answer,
2940  const char **errmsg)
2941 {
2942  (void) conn;
2943  (void) errmsg;
2944  if (!strcmp(question, "exit-policy/default")) {
2945  *answer = tor_strdup(DEFAULT_EXIT_POLICY);
2946  } else if (!strcmp(question, "exit-policy/reject-private/default")) {
2947  smartlist_t *private_policy_strings;
2948  const char **priv = private_nets;
2949 
2950  private_policy_strings = smartlist_new();
2951 
2952  while (*priv != NULL) {
2953  /* IPv6 addresses are in "[]" and contain ":",
2954  * IPv4 addresses are not in "[]" and contain "." */
2955  smartlist_add_asprintf(private_policy_strings, "reject %s:*", *priv);
2956  priv++;
2957  }
2958 
2959  *answer = smartlist_join_strings(private_policy_strings,
2960  ",", 0, NULL);
2961 
2962  SMARTLIST_FOREACH(private_policy_strings, char *, str, tor_free(str));
2963  smartlist_free(private_policy_strings);
2964  } else if (!strcmp(question, "exit-policy/reject-private/relay")) {
2965  const or_options_t *options = get_options();
2966  int err = 0;
2968 
2969  if (!me) {
2970  *errmsg = routerinfo_err_to_string(err);
2971  return routerinfo_err_is_transient(err) ? -1 : 0;
2972  }
2973 
2974  if (!options->ExitPolicyRejectPrivate &&
2975  !options->ExitPolicyRejectLocalInterfaces) {
2976  *answer = tor_strdup("");
2977  return 0;
2978  }
2979 
2980  smartlist_t *private_policy_list = smartlist_new();
2981  smartlist_t *configured_addresses = smartlist_new();
2982 
2983  /* Copy the configured addresses into the tor_addr_t* list */
2984  if (options->ExitPolicyRejectPrivate) {
2985  policies_copy_addr_to_smartlist(configured_addresses, &me->ipv4_addr);
2986  policies_copy_addr_to_smartlist(configured_addresses, &me->ipv6_addr);
2987  }
2988 
2989  if (options->ExitPolicyRejectLocalInterfaces) {
2990  policies_copy_outbound_addresses_to_smartlist(configured_addresses,
2991  options);
2992  }
2993 
2995  &private_policy_list,
2996  options->IPv6Exit,
2997  configured_addresses,
3000  *answer = policy_dump_to_string(private_policy_list, 1, 1);
3001 
3002  addr_policy_list_free(private_policy_list);
3003  SMARTLIST_FOREACH(configured_addresses, tor_addr_t *, a, tor_free(a));
3004  smartlist_free(configured_addresses);
3005  } else if (!strcmpstart(question, "exit-policy/")) {
3006  int include_ipv4 = 0;
3007  int include_ipv6 = 0;
3008 
3009  int err = 0;
3011 
3012  if (!me) {
3013  *errmsg = routerinfo_err_to_string(err);
3014  return routerinfo_err_is_transient(err) ? -1 : 0;
3015  }
3016 
3017  if (!strcmp(question, "exit-policy/ipv4")) {
3018  include_ipv4 = 1;
3019  } else if (!strcmp(question, "exit-policy/ipv6")) {
3020  include_ipv6 = 1;
3021  } else if (!strcmp(question, "exit-policy/full")) {
3022  include_ipv4 = include_ipv6 = 1;
3023  } else {
3024  return 0; /* No such key. */
3025  }
3026 
3027  *answer = router_dump_exit_policy_to_string(me,include_ipv4,
3028  include_ipv6);
3029  }
3030 
3031  return 0;
3032 }
3033 
3034 /** Release all storage held by <b>p</b>. */
3035 void
3037 {
3038  if (!lst)
3039  return;
3040  SMARTLIST_FOREACH(lst, addr_policy_t *, policy, addr_policy_free(policy));
3041  smartlist_free(lst);
3042 }
3043 
3044 /** Release all storage held by <b>p</b>. */
3045 void
3047 {
3048  if (!p)
3049  return;
3050 
3051  if (--p->refcnt <= 0) {
3052  if (p->is_canonical) {
3053  policy_map_ent_t search, *found;
3054  search.policy = p;
3055  found = HT_REMOVE(policy_map, &policy_root, &search);
3056  if (found) {
3057  tor_assert(p == found->policy);
3058  tor_free(found);
3059  }
3060  }
3061  tor_free(p);
3062  }
3063 }
3064 
3065 /** Release all storage held by policy variables. */
3066 void
3068 {
3069  addr_policy_list_free(reachable_or_addr_policy);
3070  reachable_or_addr_policy = NULL;
3071  addr_policy_list_free(reachable_dir_addr_policy);
3073  addr_policy_list_free(socks_policy);
3074  socks_policy = NULL;
3075  addr_policy_list_free(dir_policy);
3076  dir_policy = NULL;
3077  addr_policy_list_free(authdir_reject_policy);
3078  authdir_reject_policy = NULL;
3079  addr_policy_list_free(authdir_invalid_policy);
3080  authdir_invalid_policy = NULL;
3081  addr_policy_list_free(authdir_badexit_policy);
3082  authdir_badexit_policy = NULL;
3083 
3084  if (!HT_EMPTY(&policy_root)) {
3085  policy_map_ent_t **ent;
3086  int n = 0;
3087  char buf[POLICY_BUF_LEN];
3088 
3089  log_warn(LD_MM, "Still had %d address policies cached at shutdown.",
3090  (int)HT_SIZE(&policy_root));
3091 
3092  /* Note the first 10 cached policies to try to figure out where they
3093  * might be coming from. */
3094  HT_FOREACH(ent, policy_map, &policy_root) {
3095  if (++n > 10)
3096  break;
3097  if (policy_write_item(buf, sizeof(buf), (*ent)->policy, 0) >= 0)
3098  log_warn(LD_MM," %d [%d]: %s", n, (*ent)->policy->refcnt, buf);
3099  }
3100  }
3101  HT_CLEAR(policy_map, &policy_root);
3102 }
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:287
routerstatus_t::ipv4_dirport
uint16_t ipv4_dirport
Definition: routerstatus_st.h:34
country_t
int16_t country_t
Definition: country.h:17
microdesc_t
Definition: microdesc_st.h:27
short_policy_t::n_entries
unsigned int n_entries
Definition: policies.h:62
socks_policy_permits_address
int socks_policy_permits_address(const tor_addr_t *addr)
Definition: policies.c:1058
router_parse_addr_policy_item_from_string
addr_policy_t * router_parse_addr_policy_item_from_string(const char *s, int assume_action, int *malformed_list)
Definition: policy_parse.c:44
routermode.h
Header file for routermode.c.
reachable_addr_allows_dir_server
int reachable_addr_allows_dir_server(const dir_server_t *ds, firewall_connection_t fw_connection, int pref_only)
Definition: policies.c:726
tor_addr_compare
int tor_addr_compare(const tor_addr_t *addr1, const tor_addr_t *addr2, tor_addr_comparison_t how)
Definition: address.c:984
tor_free
#define tor_free(p)
Definition: malloc.h:52
routerinfo_t
Definition: routerinfo_st.h:20
policy_summary_item_t::reject_count
uint64_t reject_count
Definition: policies.c:72
dir_server_st.h
Trusted/fallback directory server structure.
tor_free_
void tor_free_(void *mem)
Definition: malloc.c:227
smartlist_split_string
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
Definition: smartlist_split.c:37
tor_addr_family
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
dir_policy_permits_address
int dir_policy_permits_address(const tor_addr_t *addr)
Definition: policies.c:1049
routerinfo_err_to_string
const char * routerinfo_err_to_string(int err)
Definition: router.c:145
authdir_policy_permits_address
int authdir_policy_permits_address(const tor_addr_t *addr, uint16_t port)
Definition: policies.c:1082
ADDR_POLICY_PROBABLY_REJECTED
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
or_options_t::ClientUseIPv6
int ClientUseIPv6
Definition: or_options_st.h:673
tor_addr_make_null
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
or_options_t::IPv6Exit
int IPv6Exit
Definition: or_options_st.h:916
name
const char * name
Definition: config.c:2443
or_options_t::DirPolicy
struct config_line_t * DirPolicy
Definition: or_options_st.h:127
smartlist_insert
void smartlist_insert(smartlist_t *sl, int idx, void *val)
Definition: smartlist_core.c:244
or_options_t::ReachableAddresses
struct config_line_t * ReachableAddresses
Definition: or_options_st.h:332
addr_policy_free_
void addr_policy_free_(addr_policy_t *p)
Definition: policies.c:3046
exit_policy_is_general_exit_helper
static int exit_policy_is_general_exit_helper(smartlist_t *policy, int port)
Definition: policies.c:2152
short_policy_t
Definition: policies.h:57
tor_addr_copy_tight
void tor_addr_copy_tight(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:947
tor_addr_t
Definition: address.h:69
compare_tor_addr_to_addr_policy
addr_policy_result_t compare_tor_addr_to_addr_policy(const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)
Definition: policies.c:1486
smartlist_add_strdup
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
Definition: smartlist_core.c:137
firewall_is_fascist_or
int firewall_is_fascist_or(void)
Definition: policies.c:354
or_options_t::BridgeRelay
int BridgeRelay
Definition: or_options_st.h:248
parse_reachable_addresses
static int parse_reachable_addresses(void)
Definition: policies.c:257
ADDR_POLICY_REJECTED
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
tor_addr_to_str
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
addr_policy_t::prt_min
uint16_t prt_min
Definition: addr_policy_st.h:47
policy_dump_to_string
char * policy_dump_to_string(const smartlist_t *policy_list, int include_ipv4, int include_ipv6)
Definition: policies.c:2895
node_get_prim_dirport
void node_get_prim_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1841
port_cfg_st.h
Listener port configuration structure.
addr_policy_st.h
Address policy structures.
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
microdesc.h
Header file for microdesc.c.
LD_BUG
#define LD_BUG
Definition: log.h:86
router.h
Header file for router.c.
routerinfo_t::ipv6_exit_policy
struct short_policy_t * ipv6_exit_policy
Definition: routerinfo_st.h:63
validate_addr_policies
int validate_addr_policies(const or_options_t *options, char **msg)
Definition: policies.c:1127
addr_policy_append_reject_addr
void addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr)
Definition: policies.c:1567
or_options_t::ReducedExitPolicy
int ReducedExitPolicy
Definition: or_options_st.h:125
addr_policy_t::refcnt
int refcnt
Definition: addr_policy_st.h:27
reachable_addr_choose
STATIC const tor_addr_port_t * reachable_addr_choose(const tor_addr_port_t *a, const tor_addr_port_t *b, int want_a, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:787
LD_MM
#define LD_MM
Definition: log.h:74
smartlist_add_all
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
Definition: smartlist_core.c:125
addr_is_in_cc_list
static int addr_is_in_cc_list(const tor_addr_t *addr, const smartlist_t *cc_list)
Definition: policies.c:1066
or_options_t::ClientPreferIPv6ORPort
int ClientPreferIPv6ORPort
Definition: or_options_st.h:678
smartlist_del_keeporder
void smartlist_del_keeporder(smartlist_t *sl, int idx)
Definition: smartlist_core.c:228
addr_policy_intersects
static int addr_policy_intersects(addr_policy_t *a, addr_policy_t *b)
Definition: policies.c:1532
tor_reallocarray_
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
get_interface_address6_list
smartlist_t * get_interface_address6_list(int severity, sa_family_t family, int include_internal)
Definition: address.c:1777
node_get_by_id
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:223
compare_known_tor_addr_to_addr_policy_noport
static addr_policy_result_t compare_known_tor_addr_to_addr_policy_noport(const tor_addr_t *addr, const smartlist_t *policy)
Definition: policies.c:1391
smartlist_add
void smartlist_add(smartlist_t *sl, void *element)
Definition: smartlist_core.c:117
reachable_or_addr_policy
static smartlist_t * reachable_or_addr_policy
Definition: policies.c:63
node_ipv6_dir_preferred
int node_ipv6_dir_preferred(const node_t *node)
Definition: nodelist.c:1818
dir_policy
static smartlist_t * dir_policy
Definition: policies.c:50
tor_addr_from_ipv6_bytes
void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const uint8_t *ipv6_bytes)
Definition: address.c:900
reachable_addr_allows_rs
int reachable_addr_allows_rs(const routerstatus_t *rs, firewall_connection_t fw_connection, int pref_only)
Definition: policies.c:642
policies_copy_outbound_addresses_to_smartlist
static void policies_copy_outbound_addresses_to_smartlist(smartlist_t *addr_list, const or_options_t *or_options)
Definition: policies.c:2033
routerstatus_t
Definition: routerstatus_st.h:19
load_policy_from_option
static int load_policy_from_option(config_line_t *config, const char *option_name, smartlist_t **policy, int assume_action)
Definition: policies.c:1187
TOR_ADDR_BUF_LEN
#define TOR_ADDR_BUF_LEN
Definition: address.h:224
reachable_addr_choose_from_rs
void reachable_addr_choose_from_rs(const routerstatus_t *rs, firewall_connection_t fw_connection, int pref_only, tor_addr_port_t *ap)
Definition: policies.c:869
smartlist_new
smartlist_t * smartlist_new(void)
Definition: smartlist_core.c:26
policy_summary_item_t
Definition: policies.c:69
reachable_addr_prefer_ipv6_impl
static int reachable_addr_prefer_ipv6_impl(const or_options_t *options)
Definition: policies.c:461
tor_snprintf
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
routerinfo_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
compare_unknown_tor_addr_to_addr_policy
static addr_policy_result_t compare_unknown_tor_addr_to_addr_policy(uint16_t port, const smartlist_t *policy)
Definition: policies.c:1434
reachable_addr_allows_ap
static int reachable_addr_allows_ap(const tor_addr_port_t *ap, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:556
reachable_addr_choose_base
static void reachable_addr_choose_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport, uint16_t ipv4_dirport, const tor_addr_t *ipv6_addr, uint16_t ipv6_orport, uint16_t ipv6_dirport, firewall_connection_t fw_connection, int pref_only, int pref_ipv6, tor_addr_port_t *ap)
Definition: policies.c:820
SMARTLIST_FOREACH
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: smartlist_foreach.h:112
or_options_t::ClientPreferIPv6DirPort
int ClientPreferIPv6DirPort
Definition: or_options_st.h:683
exit_policy_remove_redundancies
static void exit_policy_remove_redundancies(smartlist_t *dest)
Definition: policies.c:1653
addr_policy_t::is_private
unsigned int is_private
Definition: addr_policy_st.h:30
networkstatus.h
Header file for networkstatus.c.
addr_policy_t
Definition: addr_policy_st.h:26
authdir_badexit_policy
static smartlist_t * authdir_badexit_policy
Definition: policies.c:59
addr_policy_t::policy_type
addr_policy_action_bitfield_t policy_type
Definition: addr_policy_st.h:29
socks_policy
static smartlist_t * socks_policy
Definition: policies.c:48
compare_tor_addr_to_short_policy
addr_policy_result_t compare_tor_addr_to_short_policy(const tor_addr_t *addr, uint16_t port, const short_policy_t *policy)
Definition: policies.c:2792
policy_write_item
int policy_write_item(char *buf, size_t buflen, const addr_policy_t *policy, int format_for_desc)
Definition: policies.c:2238
policies_parse_exit_policy_internal
static int policies_parse_exit_policy_internal(config_line_t *cfg, smartlist_t **dest, int ipv6_exit, int rejectprivate, const smartlist_t *configured_addresses, int reject_interface_addresses, int reject_configured_port_addresses, int add_default_policy, int add_reduced_policy)
Definition: policies.c:1922
policy_summary_accept
static void policy_summary_accept(smartlist_t *summary, uint16_t prt_min, uint16_t prt_max, sa_family_t family)
Definition: policies.c:2414
policy_summary_item_split
static policy_summary_item_t * policy_summary_item_split(policy_summary_item_t *old, uint16_t new_starts)
Definition: policies.c:2338
node_t::rejects_all
unsigned int rejects_all
Definition: node_st.h:83
compare_known_tor_addr_to_addr_policy
static addr_policy_result_t compare_known_tor_addr_to_addr_policy(const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)
Definition: policies.c:1363
ADDR_POLICY_PROBABLY_ACCEPTED
@ ADDR_POLICY_PROBABLY_ACCEPTED
Definition: policies.h:45
reachable_addr_allows_addr
int reachable_addr_allows_addr(const tor_addr_t *addr, uint16_t port, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:531
authdir_invalid_policy
static smartlist_t * authdir_invalid_policy
Definition: policies.c:56
bridges.h
Header file for circuitbuild.c.
geoip.h
Header file for geoip.c.
exit_policy_is_general_exit
int exit_policy_is_general_exit(smartlist_t *policy)
Definition: policies.c:2200
or_options_t::SocksPolicy
struct config_line_t * SocksPolicy
Definition: or_options_st.h:126
tor_addr_from_ipv4h
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:327
routerinfo_t::ipv4_addr
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
reachable_addr_allows_ri_impl
static int reachable_addr_allows_ri_impl(const routerinfo_t *ri, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:603
tor_addr_port_t
Definition: address.h:81
routerstatus_t::ipv4_orport
uint16_t ipv4_orport
Definition: routerstatus_st.h:33
tor_addr_to_ipv4h
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:160
authdir_reject_policy
static smartlist_t * authdir_reject_policy
Definition: policies.c:53
or_options_t::OutboundBindAddresses
tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2]
Definition: or_options_st.h:137
append_exit_policy_string
STATIC void append_exit_policy_string(smartlist_t **policy, const char *more)
Definition: policies.c:1553
tor_addr_is_v4
int tor_addr_is_v4(const tor_addr_t *addr)
Definition: address.c:750
policies_parse_exit_policy
int policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest, exit_policy_parser_cfg_t options, const smartlist_t *configured_addresses)
Definition: policies.c:1990
or_options_t::ExitRelay
int ExitRelay
Definition: or_options_st.h:933
or_options_t::AuthDirBadExit
struct config_line_t * AuthDirBadExit
Definition: or_options_st.h:473
node_t
Definition: node_st.h:34
policy_summary_split
static int policy_summary_split(smartlist_t *summary, uint16_t prt_min, uint16_t prt_max)
Definition: policies.c:2383
microdesc_t::exit_policy
struct short_policy_t * exit_policy
Definition: microdesc_st.h:85
reachable_addr_choose_impl
static const tor_addr_port_t * reachable_addr_choose_impl(const tor_addr_port_t *a, const tor_addr_port_t *b, int want_a, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:749
tor_addr_is_loopback
int tor_addr_is_loopback(const tor_addr_t *addr)
Definition: address.c:805
microdesc_t::ipv6_orport
uint16_t ipv6_orport
Definition: microdesc_st.h:81
or_options_t::ReachableDirAddresses
struct config_line_t * ReachableDirAddresses
Definition: or_options_st.h:334
escaped
const char * escaped(const char *s)
Definition: escape.c:126
tor_addr_is_multicast
int tor_addr_is_multicast(const tor_addr_t *a)
Definition: address.c:1624
strcmpstart
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:215
node_ipv6_or_preferred
int node_ipv6_or_preferred(const node_t *node)
Definition: nodelist.c:1710
microdesc_st.h
Microdescriptor structure.
routerinfo_t::exit_policy
smartlist_t * exit_policy
Definition: routerinfo_st.h:59
port_cfg_t
Definition: port_cfg_st.h:19
or_options_t::ExitPolicyRejectPrivate
int ExitPolicyRejectPrivate
Definition: or_options_st.h:118
policies_parse_from_options
int policies_parse_from_options(const or_options_t *options)
Definition: policies.c:1224
nodelist.h
Header file for nodelist.c.
policy_using_default_exit_options
static int policy_using_default_exit_options(const or_options_t *or_options)
Definition: policies.c:1117
parse_addr_policy
static int parse_addr_policy(config_line_t *cfg, smartlist_t **dest, int assume_action)
Definition: policies.c:194
dir_server_t::fake_status
routerstatus_t fake_status
Definition: dir_server_st.h:51
maskbits_t
uint8_t maskbits_t
Definition: address.h:62
policy_summary_item_t::prt_max
uint16_t prt_max
Definition: policies.c:71
policies_set_node_exitpolicy_to_reject_all
void policies_set_node_exitpolicy_to_reject_all(node_t *node)
Definition: policies.c:2144
policy_summarize
char * policy_summarize(smartlist_t *policy, sa_family_t family)
Definition: policies.c:2543
routerinfo_st.h
Router descriptor structure.
ADDR_POLICY_ACCEPTED
@ ADDR_POLICY_ACCEPTED
Definition: policies.h:40
LD_CONFIG
#define LD_CONFIG
Definition: log.h:68
dir_server_t
Definition: dir_server_st.h:21
addr_policy_permits_tor_addr
static int addr_policy_permits_tor_addr(const tor_addr_t *addr, uint16_t port, smartlist_t *policy)
Definition: policies.c:374
geoip_get_country_by_addr
int geoip_get_country_by_addr(const tor_addr_t *addr)
Definition: geoip.c:424
policies_exit_policy_append_reject_star
void policies_exit_policy_append_reject_star(smartlist_t **dest)
Definition: policies.c:2136
short_policy_is_reject_star
int short_policy_is_reject_star(const short_policy_t *policy)
Definition: policies.c:2840
HT_HEAD
typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht
policy_summary_reject
static void policy_summary_reject(smartlist_t *summary, maskbits_t maskbits, uint16_t prt_min, uint16_t prt_max, sa_family_t family)
Definition: policies.c:2437
reachable_addr_allows
STATIC int reachable_addr_allows(const tor_addr_t *addr, uint16_t port, smartlist_t *firewall_policy, int pref_only, int pref_ipv6)
Definition: policies.c:407
addr_policy_t::maskbits
maskbits_t maskbits
Definition: addr_policy_st.h:35
reachable_addr_allows_base
static int reachable_addr_allows_base(const tor_addr_t *ipv4_addr, uint16_t ipv4_orport, uint16_t ipv4_dirport, const tor_addr_t *ipv6_addr, uint16_t ipv6_orport, uint16_t ipv6_dirport, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:573
LOG_INFO
#define LOG_INFO
Definition: log.h:45
reachable_addr_use_ipv6
int reachable_addr_use_ipv6(const or_options_t *options)
Definition: policies.c:446
fmt_addr
#define fmt_addr(a)
Definition: address.h:239
crypto_rand.h
Common functions for using (pseudo-)random number generators.
node_get_pref_ipv6_orport
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1776
get_options
const or_options_t * get_options(void)
Definition: config.c:928
addr_policy_list_free_
void addr_policy_list_free_(smartlist_t *lst)
Definition: policies.c:3036
or_options_t::ExitPolicy
struct config_line_t * ExitPolicy
Definition: or_options_st.h:117
SMARTLIST_REPLACE_CURRENT
#define SMARTLIST_REPLACE_CURRENT(sl, var, val)
Definition: smartlist_foreach.h:141
short_policy_t::is_accept
unsigned int is_accept
Definition: policies.h:60
MAX_EXITPOLICY_SUMMARY_LEN
#define MAX_EXITPOLICY_SUMMARY_LEN
Definition: policies.c:45
or_options_t::AuthDirReject
struct config_line_t * AuthDirReject
Definition: or_options_st.h:475
write_short_policy
char * write_short_policy(const short_policy_t *policy)
Definition: policies.c:2756
router_get_my_routerinfo_with_err
const routerinfo_t * router_get_my_routerinfo_with_err(int *err)
Definition: router.c:1770
policies_free_all
void policies_free_all(void)
Definition: policies.c:3067
smartlist_clear
void smartlist_clear(smartlist_t *sl)
Definition: smartlist_core.c:50
parse_short_policy
short_policy_t * parse_short_policy(const char *summary)
Definition: policies.c:2655
policy_expand_unspec
void policy_expand_unspec(smartlist_t **policy)
Definition: policies.c:145
firewall_is_fascist_dir
int firewall_is_fascist_dir(void)
Definition: policies.c:365
routerstatus_st.h
Routerstatus (consensus entry) structure.
smartlist_contains_string_case
int smartlist_contains_string_case(const smartlist_t *sl, const char *element)
Definition: smartlist.c:133
reachable_addr_choose_from_node
void reachable_addr_choose_from_node(const node_t *node, firewall_connection_t fw_connection, int pref_only, tor_addr_port_t *ap)
Definition: policies.c:983
reachable_addr_prefer_ipv6_dirport
int reachable_addr_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:507
router_dump_exit_policy_to_string
char * router_dump_exit_policy_to_string(const routerinfo_t *router, int include_ipv4, int include_ipv6)
Definition: router.c:3106
addr_policy_get_canonical_entry
addr_policy_t * addr_policy_get_canonical_entry(addr_policy_t *e)
Definition: policies.c:1339
authdir_policy_valid_address
int authdir_policy_valid_address(const tor_addr_t *addr, uint16_t port)
Definition: policies.c:1093
policy_parse.h
Header file for policy_parse.c.
tor_addr_parse_mask_ports
int tor_addr_parse_mask_ports(const char *s, unsigned flags, tor_addr_t *addr_out, maskbits_t *maskbits_out, uint16_t *port_min_out, uint16_t *port_max_out)
Definition: address.c:543
single_addr_policy_eq
static int single_addr_policy_eq(const addr_policy_t *a, const addr_policy_t *b)
Definition: policies.c:1250
or_options_t::ExitPolicyRejectLocalInterfaces
int ExitPolicyRejectLocalInterfaces
Definition: or_options_st.h:121
confline.h
Header for confline.c.
policies_parse_exit_policy_from_options
int policies_parse_exit_policy_from_options(const or_options_t *or_options, const tor_addr_t *ipv4_local_address, const tor_addr_t *ipv6_local_address, smartlist_t **result)
Definition: policies.c:2073
or_options_t::ReachableORAddresses
struct config_line_t * ReachableORAddresses
Definition: or_options_st.h:333
addr_policy_append_reject_addr_list
void addr_policy_append_reject_addr_list(smartlist_t **dest, const smartlist_t *addrs)
Definition: policies.c:1624
policies_log_first_redundant_entry
static void policies_log_first_redundant_entry(const smartlist_t *policy)
Definition: policies.c:1812
server_mode
int server_mode(const or_options_t *options)
Definition: routermode.c:34
get_configured_ports
const smartlist_t * get_configured_ports(void)
Definition: config.c:6561
tor_addr_is_null
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
reachable_addr_allows_rs_impl
static int reachable_addr_allows_rs_impl(const routerstatus_t *rs, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:620
tor_asprintf
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
reachable_addr_choose_from_dir_server
void reachable_addr_choose_from_dir_server(const dir_server_t *ds, firewall_connection_t fw_connection, int pref_only, tor_addr_port_t *ap)
Definition: policies.c:1022
microdesc_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: microdesc_st.h:79
SMARTLIST_FOREACH_BEGIN
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Definition: smartlist_foreach.h:78
node_get_pref_ipv6_dirport
void node_get_pref_ipv6_dirport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1879
policy_summary_create
static smartlist_t * policy_summary_create(void)
Definition: policies.c:2314
addr_policy_result_t
addr_policy_result_t
Definition: policies.h:38
or_options_t::ClientUseIPv4
int ClientUseIPv4
Definition: or_options_st.h:668
or_options_t::AuthDirInvalid
struct config_line_t * AuthDirInvalid
Definition: or_options_st.h:477
node_get_prim_orport
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1740
public_server_mode
int public_server_mode(const or_options_t *options)
Definition: routermode.c:43
or_options_t::UseBridges
int UseBridges
Definition: or_options_st.h:233
node_st.h
Node information structure.
policy_hash
static unsigned int policy_hash(const policy_map_ent_t *ent)
Definition: policies.c:1309
routerstatus_t::ipv6_addr
tor_addr_t ipv6_addr
Definition: routerstatus_st.h:35
control_connection_t
Definition: control_connection_st.h:19
reachable_addr_choose_from_ls
void reachable_addr_choose_from_ls(const smartlist_t *lspecs, int pref_only, tor_addr_port_t *ap)
Definition: policies.c:908
reachable_addr_allows_md_impl
static int reachable_addr_allows_md_impl(const microdesc_t *md, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
Definition: policies.c:666
policies.h
Header file for policies.c.
HT_PROTOTYPE
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
tor_parse_ulong
unsigned long tor_parse_ulong(const char *s, int base, unsigned long min, unsigned long max, int *ok, char **next)
Definition: parse_int.c:78
config_line_t
Definition: confline.h:29
config.h
Header file for config.c.
addr_policy_t::addr
tor_addr_t addr
Definition: addr_policy_st.h:46
compare_tor_addr_to_node_policy
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2857
short_policy_t::entries
short_policy_entry_t entries[FLEXIBLE_ARRAY_MEMBER]
Definition: policies.h:67
policy_summary_add_item
static void policy_summary_add_item(smartlist_t *summary, addr_policy_t *p)
Definition: policies.c:2502
reachable_addr_prefer_ipv6_orport
int reachable_addr_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:485
smartlist_add_asprintf
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
reachable_addr_allows_node
int reachable_addr_allows_node(const node_t *node, firewall_connection_t fw_connection, int pref_only)
Definition: policies.c:688
authdir_policy_badexit_address
int authdir_policy_badexit_address(const tor_addr_t *addr, uint16_t port)
Definition: policies.c:1104
policies_copy_addr_to_smartlist
static void policies_copy_addr_to_smartlist(smartlist_t *addr_list, const tor_addr_t *addr)
Definition: policies.c:2016
policy_is_reject_star
int policy_is_reject_star(const smartlist_t *policy, sa_family_t family, int default_reject)
Definition: policies.c:2214
sa_family_t
uint16_t sa_family_t
Definition: inaddr_st.h:77
addr_policy_append_reject_addr_list_filter
static void addr_policy_append_reject_addr_list_filter(smartlist_t **dest, const smartlist_t *addrs, int ipv4_rules, int ipv6_rules)
Definition: policies.c:1638
or_options_t
Definition: or_options_st.h:45
addr_policies_eq
int addr_policies_eq(const smartlist_t *a, const smartlist_t *b)
Definition: policies.c:1274
policy_expand_private
void policy_expand_private(smartlist_t **policy)
Definition: policies.c:105
microdesc_t::ipv6_exit_policy
struct short_policy_t * ipv6_exit_policy
Definition: microdesc_st.h:87
STATIC
#define STATIC
Definition: testsupport.h:32
routerstatus_t::ipv6_orport
uint16_t ipv6_orport
Definition: routerstatus_st.h:36
LD_DIR
#define LD_DIR
Definition: log.h:88
addr_policy_t::prt_max
uint16_t prt_max
Definition: addr_policy_st.h:48
addr_policy_covers
static int addr_policy_covers(addr_policy_t *a, addr_policy_t *b)
Definition: policies.c:1508
reachable_dir_addr_policy
static smartlist_t * reachable_dir_addr_policy
Definition: policies.c:66
getinfo_helper_policies
int getinfo_helper_policies(control_connection_t *conn, const char *question, char **answer, const char **errmsg)
Definition: policies.c:2938
tor_addr_compare_masked
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:1005
routerstatus_t::identity_digest
char identity_digest[DIGEST_LEN]
Definition: routerstatus_st.h:27
short_policy_free_
void short_policy_free_(short_policy_t *policy)
Definition: policies.c:2782
smartlist_t
Definition: smartlist_core.h:26
smartlist_join_strings
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
policy_summary_item_t::prt_min
uint16_t prt_min
Definition: policies.c:70
geoip_get_country_name
const char * geoip_get_country_name(country_t num)
Definition: geoip.c:447
policy_map_ent_t
Definition: policies.c:1292
tor_addr_copy
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
private_nets
static const char * private_nets[]
Definition: policies.c:83
addr_policy_t::is_canonical
unsigned int is_canonical
Definition: addr_policy_st.h:32
policies_parse_exit_policy_reject_private
void policies_parse_exit_policy_reject_private(smartlist_t **dest, int ipv6_exit, const smartlist_t *configured_addresses, int reject_interface_addresses, int reject_configured_port_addresses)
Definition: policies.c:1755
short_policy_entry_t
Definition: policies.h:52
or.h
Master header file for Tor-specific functionality.
routerinfo_err_is_transient
int routerinfo_err_is_transient(int err)
Definition: router.c:174
LD_PROTOCOL
#define LD_PROTOCOL
Definition: log.h:72