Commit b35a0d11 authored by Nick Mathewson's avatar Nick Mathewson
Browse files

Add IPv6 support to compare_to_addr_to_node_policy

parent 04ea5501
......@@ -1616,16 +1616,29 @@ compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port,
if (node->rejects_all)
return ADDR_POLICY_REJECTED;
if (node->ri)
if (addr && tor_addr_family(addr) == AF_INET6) {
const short_policy_t *p = NULL;
if (node->ri)
p = node->ri->ipv6_exit_policy;
else if (node->md)
p = node->md->ipv6_exit_policy;
if (p)
return compare_tor_addr_to_short_policy(addr, port, p);
else
return ADDR_POLICY_REJECTED;
}
if (node->ri) {
return compare_tor_addr_to_addr_policy(addr, port, node->ri->exit_policy);
else if (node->md) {
} else if (node->md) {
if (node->md->exit_policy == NULL)
return ADDR_POLICY_REJECTED;
else
return compare_tor_addr_to_short_policy(addr, port,
node->md->exit_policy);
} else
} else {
return ADDR_POLICY_PROBABLY_REJECTED;
}
}
/** Implementation for GETINFO control command: knows the answer for questions
......
......@@ -1609,6 +1609,11 @@ router_rebuild_descriptor(int force)
}
ri->policy_is_reject_star =
policy_is_reject_star(ri->exit_policy);
#if 0
/* XXXX024 Don't actually enable this code until exiting to an IPv6
* address works. */
ri->ipv6_exit_policy = policy_summarize(&ri->exit_policy, AF_INET6);
#endif
#if 0
/* XXXX NM NM I belive this is safe to remove */
......@@ -2150,6 +2155,20 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
}
}
if (router->ipv6_exit_policy) {
char *p6 = write_short_policy(router->ipv6_exit_policy);
if (p6 && strcmp(p6, "reject 1-65535")) {
result = tor_snprintf(s+written, maxlen-written,
"ipv6-policy %s\n", p6);
if (result<0) {
log_warn(LD_BUG,"Descriptor printf of policy ran out of room");
return -1;
}
written += result;
}
tor_free(p6);
}
if (written + DIROBJ_MAX_SIG_LEN > maxlen) {
/* Not enough room for signature. */
log_warn(LD_BUG,"not enough room left in descriptor for signature!");
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment