ホーム エクスプローラ ヘルプ
サインイン
piros
/
tor
3
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ソースを参照

Fix bad warning when checking IP policies.

I had replaced a comment implying that a set of ifs was meant to be
exhaustive with an actual check for exhaustiveness.  It turns out,
they were exhaustive, but not in the way I had assumed. :(

Bug introduced in f3e158edf7d8128, not in any released Tor.
Nick Mathewson 8 年 前
f3e158edf7
コミット
ada75d5567
1 ファイル変更24 行追加18 行削除
分割表示 差分情報を表示
  1. 24 18
      src/or/connection_edge.c

+ 24 - 18
src/or/connection_edge.c
ファイルの表示 

@@ -1571,24 +1571,30 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
 
     tor_addr_t dummy_addr;
 
     int socks_family = tor_addr_parse(&dummy_addr, socks->address);
 
     /* family will be -1 for a non-onion hostname that's not an IP */
 
-    if (socks_family == -1 && !conn->entry_cfg.dns_request) {
 
-      log_warn(LD_APP, "Refusing to connect to hostname %s "
 
-               "because Port has NoDNSRequest set.",
 
-               safe_str_client(socks->address));
 
-      connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
 
-      return -1;
 
-    } else if (socks_family == AF_INET && !conn->entry_cfg.ipv4_traffic) {
 
-      log_warn(LD_APP, "Refusing to connect to IPv4 address %s because "
 
-               "Port has NoIPv4Traffic set.",
 
-               safe_str_client(socks->address));
 
-      connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
 
-      return -1;
 
-    } else if (socks_family == AF_INET6 && !conn->entry_cfg.ipv6_traffic) {
 
-      log_warn(LD_APP, "Refusing to connect to IPv6 address %s because "
 
-               "Port has NoIPv6Traffic set.",
 
-               safe_str_client(socks->address));
 
-      connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
 
-      return -1;
 
+    if (socks_family == -1) {
 
+      if (!conn->entry_cfg.dns_request) {
 
+        log_warn(LD_APP, "Refusing to connect to hostname %s "
 
+                 "because Port has NoDNSRequest set.",
 
+                 safe_str_client(socks->address));
 
+        connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
 
+        return -1;
 
+      }
 
+    } else if (socks_family == AF_INET) {
 
+      if (!conn->entry_cfg.ipv4_traffic) {
 
+        log_warn(LD_APP, "Refusing to connect to IPv4 address %s because "
 
+                 "Port has NoIPv4Traffic set.",
 
+                 safe_str_client(socks->address));
 
+        connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
 
+        return -1;
 
+      }
 
+    } else if (socks_family == AF_INET6) {
 
+      if (!conn->entry_cfg.ipv6_traffic) {
 
+        log_warn(LD_APP, "Refusing to connect to IPv6 address %s because "
 
+                 "Port has NoIPv6Traffic set.",
 
+                 safe_str_client(socks->address));
 
+        connection_mark_unattached_ap(conn, END_STREAM_REASON_ENTRYPOLICY);
 
+        return -1;
 
+      }
 
     } else {
 
       tor_assert_nonfatal_unreached_once();
 
     }