Tor  0.4.7.0-alpha-dev
Data Structures | Macros | Typedefs | Enumerations | Functions
policies.h File Reference

Header file for policies.c. More...

Go to the source code of this file.

Data Structures

struct  short_policy_entry_t
 
struct  short_policy_t
 

Macros

#define POLICY_BUF_LEN   72
 
#define EXIT_POLICY_IPV6_ENABLED   (1 << 0)
 
#define EXIT_POLICY_REJECT_PRIVATE   (1 << 1)
 
#define EXIT_POLICY_ADD_DEFAULT   (1 << 2)
 
#define EXIT_POLICY_REJECT_LOCAL_INTERFACES   (1 << 3)
 
#define EXIT_POLICY_ADD_REDUCED   (1 << 4)
 
#define EXIT_POLICY_OPTION_MAX   EXIT_POLICY_ADD_REDUCED
 
#define EXIT_POLICY_OPTION_ALL   ((EXIT_POLICY_OPTION_MAX << 1) - 1)
 
#define addr_policy_list_free(lst)    FREE_AND_NULL(smartlist_t, addr_policy_list_free_, (lst))
 
#define addr_policy_free(p)    FREE_AND_NULL(addr_policy_t, addr_policy_free_, (p))
 
#define short_policy_free(p)    FREE_AND_NULL(short_policy_t, short_policy_free_, (p))
 

Typedefs

typedef int exit_policy_parser_cfg_t
 

Enumerations

enum  firewall_connection_t { FIREWALL_OR_CONNECTION = 0 , FIREWALL_DIR_CONNECTION = 1 }
 
enum  addr_policy_result_t { ADDR_POLICY_ACCEPTED =0 , ADDR_POLICY_REJECTED =-1 , ADDR_POLICY_PROBABLY_ACCEPTED =1 , ADDR_POLICY_PROBABLY_REJECTED =2 }
 

Functions

int firewall_is_fascist_or (void)
 
int firewall_is_fascist_dir (void)
 
int reachable_addr_use_ipv6 (const or_options_t *options)
 
int reachable_addr_prefer_ipv6_orport (const or_options_t *options)
 
int reachable_addr_prefer_ipv6_dirport (const or_options_t *options)
 
int reachable_addr_allows_addr (const tor_addr_t *addr, uint16_t port, firewall_connection_t fw_connection, int pref_only, int pref_ipv6)
 
int reachable_addr_allows_rs (const routerstatus_t *rs, firewall_connection_t fw_connection, int pref_only)
 
int reachable_addr_allows_node (const node_t *node, firewall_connection_t fw_connection, int pref_only)
 
int reachable_addr_allows_dir_server (const dir_server_t *ds, firewall_connection_t fw_connection, int pref_only)
 
void reachable_addr_choose_from_rs (const routerstatus_t *rs, firewall_connection_t fw_connection, int pref_only, tor_addr_port_t *ap)
 
void reachable_addr_choose_from_ls (const smartlist_t *lspecs, int pref_only, tor_addr_port_t *ap)
 
void reachable_addr_choose_from_node (const node_t *node, firewall_connection_t fw_connection, int pref_only, tor_addr_port_t *ap)
 
void reachable_addr_choose_from_dir_server (const dir_server_t *ds, firewall_connection_t fw_connection, int pref_only, tor_addr_port_t *ap)
 
int dir_policy_permits_address (const tor_addr_t *addr)
 
int socks_policy_permits_address (const tor_addr_t *addr)
 
int metrics_policy_permits_address (const tor_addr_t *addr)
 
int authdir_policy_permits_address (const tor_addr_t *addr, uint16_t port)
 
int authdir_policy_valid_address (const tor_addr_t *addr, uint16_t port)
 
int authdir_policy_badexit_address (const tor_addr_t *addr, uint16_t port)
 
int validate_addr_policies (const or_options_t *options, char **msg)
 
void policy_expand_private (smartlist_t **policy)
 
void policy_expand_unspec (smartlist_t **policy)
 
int policies_parse_from_options (const or_options_t *options)
 
addr_policy_taddr_policy_get_canonical_entry (addr_policy_t *ent)
 
int addr_policies_eq (const smartlist_t *a, const smartlist_t *b)
 
addr_policy_result_t compare_tor_addr_to_addr_policy (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)
 
addr_policy_result_t compare_tor_addr_to_node_policy (const tor_addr_t *addr, uint16_t port, const node_t *node)
 
int policies_parse_exit_policy_from_options (const or_options_t *or_options, const tor_addr_t *ipv4_local_address, const tor_addr_t *ipv6_local_address, smartlist_t **result)
 
int policies_parse_exit_policy (struct config_line_t *cfg, smartlist_t **dest, exit_policy_parser_cfg_t options, const smartlist_t *configured_addresses)
 
void policies_parse_exit_policy_reject_private (smartlist_t **dest, int ipv6_exit, const smartlist_t *configured_addresses, int reject_interface_addresses, int reject_configured_port_addresses)
 
void policies_exit_policy_append_reject_star (smartlist_t **dest)
 
void addr_policy_append_reject_addr (smartlist_t **dest, const tor_addr_t *addr)
 
void addr_policy_append_reject_addr_list (smartlist_t **dest, const smartlist_t *addrs)
 
void policies_set_node_exitpolicy_to_reject_all (node_t *exitrouter)
 
int exit_policy_is_general_exit (smartlist_t *policy)
 
int policy_is_reject_star (const smartlist_t *policy, sa_family_t family, int reject_by_default)
 
char * policy_dump_to_string (const smartlist_t *policy_list, int include_ipv4, int include_ipv6)
 
int getinfo_helper_policies (control_connection_t *conn, const char *question, char **answer, const char **errmsg)
 
int policy_write_item (char *buf, size_t buflen, const addr_policy_t *item, int format_for_desc)
 
void addr_policy_list_free_ (smartlist_t *p)
 
void addr_policy_free_ (addr_policy_t *p)
 
void policies_free_all (void)
 
char * policy_summarize (smartlist_t *policy, sa_family_t family)
 
short_policy_tparse_short_policy (const char *summary)
 
char * write_short_policy (const short_policy_t *policy)
 
void short_policy_free_ (short_policy_t *policy)
 
int short_policy_is_reject_star (const short_policy_t *policy)
 
addr_policy_result_t compare_tor_addr_to_short_policy (const tor_addr_t *addr, uint16_t port, const short_policy_t *policy)
 

Detailed Description

Header file for policies.c.

Definition in file policies.h.

Enumeration Type Documentation

◆ addr_policy_result_t

Outcome of applying an address policy to an address.

Enumerator
ADDR_POLICY_ACCEPTED 

The address was accepted

ADDR_POLICY_REJECTED 

The address was rejected

ADDR_POLICY_PROBABLY_ACCEPTED 

Part of the address was unknown, but as far as we can tell, it was accepted.

ADDR_POLICY_PROBABLY_REJECTED 

Part of the address was unknown, but as far as we can tell, it was rejected.

Definition at line 38 of file policies.h.

Function Documentation

◆ addr_policies_eq()

int addr_policies_eq ( const smartlist_t a,
const smartlist_t b 
)

As single_addr_policy_eq, but compare every element of two policies.

Definition at line 1304 of file policies.c.

Referenced by router_differences_are_cosmetic().

◆ addr_policy_append_reject_addr()

void addr_policy_append_reject_addr ( smartlist_t **  dest,
const tor_addr_t addr 
)

Add "reject <b>addr</b>:*" to dest, creating the list as needed.

Definition at line 1597 of file policies.c.

Referenced by addr_policy_append_reject_addr_list().

◆ addr_policy_append_reject_addr_list()

void addr_policy_append_reject_addr_list ( smartlist_t **  dest,
const smartlist_t addrs 
)

Add "reject addr:*" to dest, for each addr in addrs, creating the list as needed.

Definition at line 1654 of file policies.c.

◆ addr_policy_free_()

void addr_policy_free_ ( addr_policy_t p)

Release all storage held by p.

Definition at line 3076 of file policies.c.

◆ addr_policy_get_canonical_entry()

addr_policy_t* addr_policy_get_canonical_entry ( addr_policy_t e)

Given a pointer to an addr_policy_t, return a copy of the pointer to the "canonical" copy of that addr_policy_t; the canonical copy is a single reference-counted object.

Definition at line 1369 of file policies.c.

◆ addr_policy_list_free_()

void addr_policy_list_free_ ( smartlist_t lst)

Release all storage held by p.

Definition at line 3066 of file policies.c.

◆ authdir_policy_badexit_address()

int authdir_policy_badexit_address ( const tor_addr_t addr,
uint16_t  port 
)

Return 1 if addr:port should be marked as a bad exit, based on authdir_badexit_policy. Else return 0.

Definition at line 1115 of file policies.c.

◆ authdir_policy_permits_address()

int authdir_policy_permits_address ( const tor_addr_t addr,
uint16_t  port 
)

Return 1 if addr:port is permitted to publish to our directory, based on authdir_reject_policy. Else return 0.

Definition at line 1093 of file policies.c.

◆ authdir_policy_valid_address()

int authdir_policy_valid_address ( const tor_addr_t addr,
uint16_t  port 
)

Return 1 if addr:port is considered valid in our directory, based on authdir_invalid_policy. Else return 0.

Definition at line 1104 of file policies.c.

◆ compare_tor_addr_to_addr_policy()

addr_policy_result_t compare_tor_addr_to_addr_policy ( const tor_addr_t addr,
uint16_t  port,
const smartlist_t policy 
)

Decide whether a given addr:port is definitely accepted, definitely rejected, probably accepted, or probably rejected by a given policy. If addr is 0, we don't know the IP of the target address. If port is 0, we don't know the port of the target address. (At least one of addr and port must be provided. If you want to know whether a policy would definitely reject an unknown address:port, use policy_is_reject_star().)

We could do better by assuming that some ranges never match typical addresses (127.0.0.1, and so on). But we'll try this for now.

Definition at line 1516 of file policies.c.

Referenced by addr_policy_permits_tor_addr(), compare_tor_addr_to_node_policy(), router_compare_to_my_exit_policy(), and routerset_contains2().

◆ compare_tor_addr_to_node_policy()

addr_policy_result_t compare_tor_addr_to_node_policy ( const tor_addr_t addr,
uint16_t  port,
const node_t node 
)

Decide whether addr:port is probably or definitely accepted or rejected by node. See compare_tor_addr_to_addr_policy for details on addr/port interpretation.

Definition at line 2887 of file policies.c.

Referenced by circuit_stream_is_being_handled(), connection_ap_can_use_exit(), connection_ap_get_begincell_flags(), router_exit_policy_all_nodes_reject(), and router_find_exact_exit_enclave().

◆ compare_tor_addr_to_short_policy()

addr_policy_result_t compare_tor_addr_to_short_policy ( const tor_addr_t addr,
uint16_t  port,
const short_policy_t policy 
)

See whether the addr:port address is likely to be accepted or rejected by the summarized policy policy. Return values are as for compare_tor_addr_to_addr_policy. Unlike the regular addr_policy functions, requires the port be specified.

Definition at line 2822 of file policies.c.

Referenced by compare_tor_addr_to_node_policy(), and router_compare_to_my_exit_policy().

◆ dir_policy_permits_address()

int dir_policy_permits_address ( const tor_addr_t addr)

Return 1 if addr is permitted to connect to our dir port, based on dir_policy. Else return 0.

Definition at line 1051 of file policies.c.

◆ exit_policy_is_general_exit()

int exit_policy_is_general_exit ( smartlist_t policy)

Return true iff ri is "useful as an exit node", meaning it allows exit to at least one /8 address space for each of ports 80 and 443.

Definition at line 2230 of file policies.c.

◆ firewall_is_fascist_dir()

int firewall_is_fascist_dir ( void  )

Return true iff the firewall options, including ClientUseIPv4 0 and ClientUseIPv6 0, might block any Dir address:port combination. Address preferences may still change which address is selected even if this function returns false.

Definition at line 367 of file policies.c.

◆ firewall_is_fascist_or()

int firewall_is_fascist_or ( void  )

Return true iff the firewall options, including ClientUseIPv4 0 and ClientUseIPv6 0, might block any OR address:port combination. Address preferences may still change which address is selected even if this function returns false.

Definition at line 356 of file policies.c.

◆ getinfo_helper_policies()

int getinfo_helper_policies ( control_connection_t conn,
const char *  question,
char **  answer,
const char **  errmsg 
)

Implementation for GETINFO control command: knows the answer for questions about "exit-policy/..."

Definition at line 2968 of file policies.c.

◆ metrics_policy_permits_address()

int metrics_policy_permits_address ( const tor_addr_t addr)

Return 1 if addr is permitted to connect to our metrics port, based on socks_policy. Else return 0.

Definition at line 1069 of file policies.c.

Referenced by metrics_request_allowed().

◆ parse_short_policy()

short_policy_t* parse_short_policy ( const char *  summary)

Convert a summarized policy string into a short_policy_t. Return NULL if the string is not well-formed.

Definition at line 2685 of file policies.c.

◆ policies_exit_policy_append_reject_star()

void policies_exit_policy_append_reject_star ( smartlist_t **  dest)

Add "reject *:*" to the end of the policy in *dest, allocating *dest as needed.

Definition at line 2166 of file policies.c.

◆ policies_free_all()

void policies_free_all ( void  )

Release all storage held by policy variables.

Definition at line 3097 of file policies.c.

◆ policies_parse_exit_policy()

int policies_parse_exit_policy ( config_line_t cfg,
smartlist_t **  dest,
exit_policy_parser_cfg_t  options,
const smartlist_t configured_addresses 
)

Parse exit policy in cfg into dest smartlist.

Prepend an entry that rejects all IPv6 destinations unless EXIT_POLICY_IPV6_ENABLED bit is set in options bitmask.

If EXIT_POLICY_REJECT_PRIVATE bit is set in options:

  • prepend an entry that rejects all destinations in all netblocks reserved for private use.
  • prepend entries that reject the advertised relay addresses in configured_addresses If EXIT_POLICY_REJECT_LOCAL_INTERFACES bit is set in options:
  • prepend entries that reject publicly routable addresses on this exit relay by calling policies_parse_exit_policy_internal
  • prepend entries that reject the outbound bind addresses in configured_addresses
  • prepend entries that reject all configured port addresses

If EXIT_POLICY_ADD_DEFAULT bit is set in options, append default exit policy entries to result smartlist.

Definition at line 2020 of file policies.c.

◆ policies_parse_exit_policy_from_options()

int policies_parse_exit_policy_from_options ( const or_options_t or_options,
const tor_addr_t ipv4_local_address,
const tor_addr_t ipv6_local_address,
smartlist_t **  result 
)

Parse ExitPolicy member of or_options into result smartlist. If or_options->IPv6Exit is false, prepend an entry that rejects all IPv6 destinations.

If or_options->ExitPolicyRejectPrivate is true:

  • prepend an entry that rejects all destinations in all netblocks reserved for private use.
  • if ipv4_local_address is non-zero, treat it as a host-order IPv4 address, and add it to the list of configured addresses.
  • if ipv6_local_address is non-NULL, and not the null tor_addr_t, add it to the list of configured addresses. If or_options->ExitPolicyRejectLocalInterfaces is true:
  • if or_options->OutboundBindAddresses[][0] (=IPv4) is not the null tor_addr_t, add it to the list of configured addresses.
  • if or_options->OutboundBindAddresses[][1] (=IPv6) is not the null tor_addr_t, add it to the list of configured addresses.

If or_options->BridgeRelay is false, append entries of default Tor exit policy into result smartlist.

If or_options->ExitRelay is false, or is auto without specifying an exit policy, then make our exit policy into "reject *:*" regardless.

Definition at line 2103 of file policies.c.

Referenced by validate_addr_policies().

◆ policies_parse_exit_policy_reject_private()

void policies_parse_exit_policy_reject_private ( smartlist_t **  dest,
int  ipv6_exit,
const smartlist_t configured_addresses,
int  reject_interface_addresses,
int  reject_configured_port_addresses 
)

Reject private helper for policies_parse_exit_policy_internal: rejects publicly routable addresses on this exit relay.

Add reject entries to the linked list *dest:

  • if configured_addresses is non-NULL, add entries that reject each tor_addr_t in the list as a destination.
  • if reject_interface_addresses is true, add entries that reject each public IPv4 and IPv6 address of each interface on this machine.
  • if reject_configured_port_addresses is true, add entries that reject each IPv4 and IPv6 address configured for a port.

IPv6 entries are only added if ipv6_exit is true. (All IPv6 addresses are already blocked by policies_parse_exit_policy_internal if ipv6_exit is false.)

The list in dest is created as needed.

Definition at line 1785 of file policies.c.

Referenced by policies_parse_exit_policy_internal().

◆ policies_parse_from_options()

int policies_parse_from_options ( const or_options_t options)

Set all policies based on options, which should have been validated first by validate_addr_policies.

Definition at line 1251 of file policies.c.

◆ policies_set_node_exitpolicy_to_reject_all()

void policies_set_node_exitpolicy_to_reject_all ( node_t node)

Replace the exit policy of node with reject *:*

Definition at line 2174 of file policies.c.

◆ policy_dump_to_string()

char* policy_dump_to_string ( const smartlist_t policy_list,
int  include_ipv4,
int  include_ipv6 
)

Given policy_list, a list of addr_policy_t, produce a string representation of the list. If include_ipv4 is true, include IPv4 entries. If include_ipv6 is true, include IPv6 entries.

Definition at line 2925 of file policies.c.

◆ policy_expand_private()

void policy_expand_private ( smartlist_t **  policy)

Replace all "private" entries in *policy with their expanded equivalents.

Definition at line 107 of file policies.c.

◆ policy_expand_unspec()

void policy_expand_unspec ( smartlist_t **  policy)

Expand each of the AF_UNSPEC elements in *policy (which indicate protocol-neutral wildcards) into a pair of wildcard elements: one IPv4- specific and one IPv6-specific.

Definition at line 147 of file policies.c.

◆ policy_is_reject_star()

int policy_is_reject_star ( const smartlist_t policy,
sa_family_t  family,
int  default_reject 
)

Return false if policy might permit access to some addr:port; otherwise if we are certain it rejects everything, return true. If no part of policy matches, return default_reject. NULL policies are allowed, and treated as empty.

Definition at line 2244 of file policies.c.

◆ policy_summarize()

char* policy_summarize ( smartlist_t policy,
sa_family_t  family 
)

Create a string representing a summary for an exit policy. The summary will either be an "accept" plus a comma-separated list of port ranges or a "reject" plus port-ranges, depending on which is shorter.

If no exits are allowed at all then "reject 1-65535" is returned. If no ports are blocked instead of "reject " we return "accept 1-65535". (These are an exception to the shorter-representation-wins rule).

Definition at line 2573 of file policies.c.

◆ policy_write_item()

int policy_write_item ( char *  buf,
size_t  buflen,
const addr_policy_t policy,
int  format_for_desc 
)

Write a single address policy to the buf_len byte buffer at buf. Return the number of characters written, or -1 on failure.

Definition at line 2268 of file policies.c.

◆ reachable_addr_allows_addr()

int reachable_addr_allows_addr ( const tor_addr_t addr,
uint16_t  port,
firewall_connection_t  fw_connection,
int  pref_only,
int  pref_ipv6 
)

Return true iff we think our firewall will let us make a connection to addr:port. Uses ReachableORAddresses or ReachableDirAddresses based on fw_connection. If pref_only is true, return true if addr is in the client's preferred address family, which is IPv6 if pref_ipv6 is true, and IPv4 otherwise. If pref_only is false, ignore pref_ipv6, and return true if addr is allowed.

Definition at line 533 of file policies.c.

Referenced by bridge_passes_guard_filter(), directory_command_should_use_begindir(), reachable_addr_allows_ap(), and reachable_addr_allows_base().

◆ reachable_addr_allows_dir_server()

int reachable_addr_allows_dir_server ( const dir_server_t ds,
firewall_connection_t  fw_connection,
int  pref_only 
)

Like reachable_addr_allows_rs(), but takes ds.

Definition at line 728 of file policies.c.

◆ reachable_addr_allows_node()

int reachable_addr_allows_node ( const node_t node,
firewall_connection_t  fw_connection,
int  pref_only 
)

Like reachable_addr_allows_base(), but takes node, and looks up pref_ipv6 from node_ipv6_or/dir_preferred().

Definition at line 690 of file policies.c.

Referenced by node_passes_guard_filter().

◆ reachable_addr_allows_rs()

int reachable_addr_allows_rs ( const routerstatus_t rs,
firewall_connection_t  fw_connection,
int  pref_only 
)

Like reachable_addr_allows_base(), but takes rs. When rs is a fake_status from a dir_server_t, it can have a reachable address, even when the corresponding node does not. nodes can be missing addresses when there's no consensus (IPv4 and IPv6), or when there is a microdescriptor consensus, but no microdescriptors (microdescriptors have IPv6, the microdesc consensus does not).

Definition at line 644 of file policies.c.

Referenced by reachable_addr_allows_dir_server().

◆ reachable_addr_choose_from_dir_server()

void reachable_addr_choose_from_dir_server ( const dir_server_t ds,
firewall_connection_t  fw_connection,
int  pref_only,
tor_addr_port_t ap 
)

Like reachable_addr_choose_from_rs(), but takes ds.

Definition at line 1024 of file policies.c.

◆ reachable_addr_choose_from_ls()

void reachable_addr_choose_from_ls ( const smartlist_t lspecs,
int  pref_only,
tor_addr_port_t ap 
)

Like reachable_addr_choose_base(), but takes in a smartlist lspecs consisting of one or more link specifiers. We assume fw_connection is FIREWALL_OR_CONNECTION as link specifiers cannot contain DirPorts.

Definition at line 910 of file policies.c.

◆ reachable_addr_choose_from_node()

void reachable_addr_choose_from_node ( const node_t node,
firewall_connection_t  fw_connection,
int  pref_only,
tor_addr_port_t ap 
)

Like reachable_addr_choose_base(), but takes node, and looks up the node's IPv6 preference rather than taking an argument for pref_ipv6.

Definition at line 985 of file policies.c.

Referenced by extend_info_from_node(), and reachable_addr_choose_from_rs().

◆ reachable_addr_choose_from_rs()

void reachable_addr_choose_from_rs ( const routerstatus_t rs,
firewall_connection_t  fw_connection,
int  pref_only,
tor_addr_port_t ap 
)

Like reachable_addr_choose_base(), but takes rs. Consults the corresponding node, then falls back to rs if node is NULL. This should only happen when there's no valid consensus, and rs doesn't correspond to a bridge client's bridge.

Definition at line 871 of file policies.c.

Referenced by reachable_addr_choose_from_dir_server().

◆ reachable_addr_prefer_ipv6_dirport()

int reachable_addr_prefer_ipv6_dirport ( const or_options_t options)

Do we prefer to connect to IPv6 DirPorts?

(node_ipv6_dir_preferred() doesn't support bridge client per-node IPv6 preferences. There's no reason to use it instead of this function.)

Definition at line 509 of file policies.c.

◆ reachable_addr_prefer_ipv6_orport()

int reachable_addr_prefer_ipv6_orport ( const or_options_t options)

Do we prefer to connect to IPv6 ORPorts? Use node_ipv6_or_preferred() whenever possible: it supports bridge client per-node IPv6 preferences.

Definition at line 487 of file policies.c.

◆ reachable_addr_use_ipv6()

int reachable_addr_use_ipv6 ( const or_options_t options)

Is this client configured to use IPv6? Returns true if the client might use IPv6 for some of its connections (including dual-stack and IPv6-only clients), and false if it will never use IPv6 for any connections. Use node_ipv6_or/dir_preferred() when checking a specific node and OR/Dir port: it supports bridge client per-node IPv6 preferences.

Definition at line 448 of file policies.c.

Referenced by reachable_addr_allows(), and reachable_addr_prefer_ipv6_impl().

◆ short_policy_free_()

void short_policy_free_ ( short_policy_t policy)

Release all storage held in policy.

Definition at line 2812 of file policies.c.

◆ short_policy_is_reject_star()

int short_policy_is_reject_star ( const short_policy_t policy)

Return true iff policy seems reject all ports

Definition at line 2870 of file policies.c.

◆ socks_policy_permits_address()

int socks_policy_permits_address ( const tor_addr_t addr)

Return 1 if addr is permitted to connect to our socks port, based on socks_policy. Else return 0.

Definition at line 1060 of file policies.c.

◆ validate_addr_policies()

int validate_addr_policies ( const or_options_t options,
char **  msg 
)

Config helper: If there's any problem with the policy configuration options in options, return -1 and set msg to a newly allocated description of the error. Else return 0.

Definition at line 1138 of file policies.c.

◆ write_short_policy()

char* write_short_policy ( const short_policy_t policy)

Write policy back out into a string.

Definition at line 2786 of file policies.c.