[Forward-port ]Test and document last patch.

svn:r6400

doc/tor.1.in

@@ -442,6 +442,12 @@ a safe socks protocol or an unsafe one (see above entry on SafeSocks).
 This helps to determine whether an application using Tor is possibly
 leaking DNS requests.
 (Default: 0)
+.LP
+.TP
+\fBVirutalAddrNetwork \fR\fIAddress\fB/\fIbits\fP
+When a controller asks for a virtual (unused) address with the
+'MAPADDRESS' command, Tor picks an unassigned address from this range.
+(Default: 127.192.0.0/10)
 
 .SH SERVER OPTIONS
 .PP

src/or/config.c

@@ -678,7 +678,7 @@ options_act(or_options_t *old_options)
   size_t len;
   or_options_t *options = get_options();
   int running_tor = options->command == CMD_RUN_TOR;
-  const char *msg;
+  char *msg;
 
   clear_trusted_dir_servers();
   if (options->DirServers) {
@@ -2407,7 +2407,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
   if (rend_config_services(options, 1) < 0)
     REJECT("Failed to configure rendezvous options. See logs for details.");
 
-  if (parse_virtual_addr_network(options->VirtualAddrNetwork, 1, msg)<0)
+  if (parse_virtual_addr_network(options->VirtualAddrNetwork, 1, NULL)<0)
     return -1;
 
   return 0;

src/or/connection_edge.c

@@ -764,38 +764,41 @@ static uint32_t next_virtual_addr    = 0x7fc00000u;
 
 /** Read a netmask of the form 127.192.0.0/10 from "val", and check whether
  * it's a valid set of virtual addresses to hand out in response to MAPADDRESS
- * requests.  Return 0 on success; set *msg and return -1 on failure.  If
- * validate_only is false, sets the actual virtual address range to the parsed
- * value. */
+ * requests.  Return 0 on success; set *msg (if provided) to a newly allocated
+ * string and return -1 on failure.  If validate_only is false, sets the
+ * actual virtual address range to the parsed value. */
 int
 parse_virtual_addr_network(const char *val, int validate_only,
-                           const char **msg)
+                           char **msg)
 {
   uint32_t addr, mask;
   uint16_t port_min, port_max;
   int bits;
 
   if (parse_addr_and_port_range(val, &addr, &mask, &port_min, &port_max)) {
-    *msg = "Error parsing VirtualAddressNetwork";
+    if (msg) *msg = tor_strdup("Error parsing VirtualAddressNetwork");
     return -1;
   }
 
   if (port_min != 1 || port_max != 65535) {
-    *msg = "Can't specify ports on VirtualAddressNetwork";
+    if (msg) *msg = tor_strdup("Can't specify ports on VirtualAddressNetwork");
     return -1;
   }
 
   bits = addr_mask_get_bits(mask);
   if (bits < 0) {
-    *msg = "VirtualAddressNetwork must have a mask that can be expressed "
-      "as a prefix";
+    if (msg) *msg = tor_strdup("VirtualAddressNetwork must have a mask that "
+                               "can be expressed as a prefix");
     return -1;
   }
 
+#if 0
   if (bits > 16) {
-    *msg = "VirtualAddressNetwork expects a class B network or larger";
+    if (msg) *msg = tor_strdup("VirtualAddressNetwork expects a class B "
+                               "network or larger");
     return -1;
   }
+#endif
 
   if (validate_only)
     return 0;
@@ -848,7 +851,9 @@ addressmap_get_virtual_address(int type)
     } while (strmap_get(addressmap, buf));
     return tor_strdup(buf);
   } else if (type == RESOLVED_TYPE_IPV4) {
-    uint32_t available = 1u << virtual_addr_netmask_bits;
+    // This is an imperfect estimate of how many addresses are available, but
+    // that's ok.
+    uint32_t available = 1u << (32-virtual_addr_netmask_bits);
     while (available) {
       /* Don't hand out any .0 or .255 address. */
       while ((next_virtual_addr & 0xff) == 0 ||
@@ -862,6 +867,7 @@ addressmap_get_virtual_address(int type)
 
       ++next_virtual_addr;
       --available;
+      log_notice(LD_CONFIG, "%d addrs available", (int)available);
       if (! --available) {
         log_warn(LD_CONFIG, "Ran out of virtual addresses!");
         return NULL;

src/or/or.h

@@ -1729,7 +1729,7 @@ int addressmap_already_mapped(const char *address);
 void addressmap_register(const char *address, char *new_address,
                          time_t expires);
 int parse_virtual_addr_network(const char *val, int validate_only,
-                               const char **msg);
+                               char **msg);
 int client_dns_incr_failures(const char *address);
 void client_dns_clear_failures(const char *address);
 void client_dns_set_addressmap(const char *address, uint32_t val,