Add port ranges to exit policies

svn:r899

src/or/or.h

@@ -329,7 +329,8 @@ struct exit_policy_t {
   char *string;
   uint32_t addr;
   uint32_t msk;
-  uint16_t prt;
+  uint16_t prt_min;
+  uint16_t prt_max;
 
   struct exit_policy_t *next;
 };

src/or/router.c

@@ -453,16 +453,22 @@ int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
         return -1;
       written += result;
     }
-    if (tmpe->prt) {
-      result = snprintf(s+written, maxlen-written, ":%d\n", tmpe->prt);
+    if (tmpe->prt_min == 1 && tmpe->prt_max == 65535) {
+      if (written > maxlen-4)
+        return -1;
+      strcat(s+written, ":*\n");
+      written += 3;
+    } else if (tmpe->prt_min == tmpe->prt_max) {
+      result = snprintf(s+written, maxlen-written, ":%d\n", tmpe->prt_min);
       if (result<0 || result+written > maxlen)
         return -1;
       written += result;
     } else {
-      if (written > maxlen-4)
+      result = snprintf(s+written, maxlen-written, ":%d-%d\n", tmpe->prt_min,
+                        tmpe->prt_max);
+      if (result<0 || result+written > maxlen)
         return -1;
-      strcat(s+written, ":*\n");
-      written += 3;
+      written += result;
     }
   } /* end for */
   if (written > maxlen-256) /* Not enough room for signature. */

src/or/routerlist.c

@@ -424,10 +424,10 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port,
     log_fn(LOG_DEBUG,"Considering exit policy %s", tmpe->string);
     if (!addr) {
       /* Address is unknown. */
-      if (tmpe->msk == 0 && (!tmpe || port == tmpe->prt)) {
+      if (tmpe->msk == 0 && (port >= tmpe->prt_min && port <= tmpe->prt_max)) {
         /* The exit policy is accept/reject *:port */
         match = 1;
-      } else if ((!tmpe->prt || port == tmpe->prt) && 
+      } else if (port >= tmpe->prt_min && port <= tmpe->prt_max && 
                  tmpe->policy_type == EXIT_POLICY_REJECT) {
         /* The exit policy is reject ???:port */
         maybe_reject = 1;
@@ -435,7 +435,7 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port,
     } else {
       /* Address is known */
       if ( (addr & tmpe->msk) == (tmpe->addr & tmpe->msk) &&
-           (!tmpe->prt || port == tmpe->prt) ) {
+           (port >= tmpe->prt_min && port <= tmpe->prt_max) ) {
         /* Exact match for the policy */
         match = 1;
       }
@@ -947,23 +947,34 @@ static int router_add_exit_policy(routerinfo_t *router,
     }
   }
   if (strcmp(port, "*") == 0) {
-    newe->prt = 0;
+    newe->prt_min = 1;
+    newe->prt_max = 65535;
   } else {
     endptr = NULL;
-    newe->prt = strtol(port, &endptr, 10);
-    if (*endptr) {
+    newe->prt_min = strtol(port, &endptr, 10);
+    if (*endptr == '-') {
+      port = endptr+1;
+      endptr = NULL;
+      newe->prt_max = strtol(port, &endptr, 10);
+      if (*endptr) {
+      log_fn(LOG_WARN, "Malformed port %s on exit policy; rejecting.",
+             port);
+      }
+    } else if (*endptr) {
       log_fn(LOG_WARN, "Malformed port %s on exit policy; rejecting.",
              port);
       goto policy_read_failed;
+    } else {
+      newe->prt_max = newe->prt_min;
     }
   }
 
   in.s_addr = htonl(newe->addr);
   address = tor_strdup(inet_ntoa(in));
   in.s_addr = htonl(newe->msk);
-  log_fn(LOG_DEBUG,"%s %s/%s:%d",
+  log_fn(LOG_DEBUG,"%s %s/%s:%d-%d",
          newe->policy_type == EXIT_POLICY_REJECT ? "reject" : "accept",
-         address, inet_ntoa(in), newe->prt);
+         address, inet_ntoa(in), newe->prt_min, newe->prt_max);
   tor_free(address);
 
   /* now link newe onto the end of exit_policy */

src/or/test.c

@@ -560,12 +560,12 @@ test_dir_format()
   ex1.string = NULL;
   ex1.addr = 0;
   ex1.msk = 0;
-  ex1.prt = 80;
+  ex1.prt_min = ex1.prt_max = 80;
   ex1.next = &ex2;
   ex2.policy_type = EXIT_POLICY_REJECT;
   ex2.addr = 18 << 24;
   ex2.msk = 0xFF000000u;
-  ex2.prt = 24;
+  ex2.prt_min = ex1.prt_max = 24;
   ex2.next = NULL;
   r2.address = "tor.tor.tor";
   r2.addr = 0x0a030201u; /* 10.3.2.1 */