Sākums Izpētīt Palīdzība
Pierakstīties
sengler
/
tor-parallel-relay-conn
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Pārlūkot izejas kodu

Add "pass" target for RedirectExit, to make it easier to break out of a sequence of rules

svn:r2566
Nick Mathewson 19 gadi atpakaļ
vecāks
97a0a43511
revīzija
c7151d8bed
4 mainītis faili ar 24 papildinājumiem un 12 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 7 3
      doc/tor.1.in
  2. 9 4
      src/or/config.c
  3. 7 5
      src/or/connection_edge.c
  4. 1 0
      src/or/or.h

+ 7 - 3
doc/tor.1.in
Parādīt failu 

@@ -220,13 +220,17 @@ Bind to this port to listen for connections from Tor clients and servers.
 
 \fBorbindaddress \fR\fIIP\fP
 
 Bind to this address to listen for connections from Tor clients and servers. (Default: 0.0.0.0)
 
 .TP
 
-\fBredirectexit \fR\fIpattern address:port\fP
 
+\fBredirectexit \fR\fIpattern target\fP
 
 Whenever an outgoing connection tries to connect to one of a given set
 
-of addresses, connect to \fIaddress:port\fP instead.  The address
 
+of addresses, connect to \fItarget\fP (an \fIaddress:port\fP pair) instead.
 
+The address
 
 pattern is given in the same format as for an exit policy.  The
 
 address translation applies after exit policies are applied.  Multiple
 
 \fBredirectexit\fP options can be used: once any one has matched
 
-successfully, no subsequent rules are considered.
 
+successfully, no subsequent rules are considered.  You can specify that no
 
+redirection is to be performed on a given set of addresses by using the
 
+special target string "pass", which prevents subsequent rules from being
 
+considered.
 
 
 .SH DIRECTORY SERVER OPTIONS
 
 .PP

+ 9 - 4
src/or/config.c
Parādīt failu 

@@ -1106,10 +1106,15 @@ static int parse_redirect_line(or_options_t *options,
 
     log_fn(LOG_WARN, "Error parsing source address in RedirectExit line");
 
     goto err;
 
   }
 
-  if (parse_addr_port(smartlist_get(elements,1),NULL,&r->addr_dest,
 
-                      &r->port_dest)) {
 
-    log_fn(LOG_WARN, "Error parseing dest address in RedirectExit line");
 
-    goto err;
 
+  if (0==strcasecmp(smartlist_get(elements,1), "pass")) {
 
+    r->is_redirect = 0;
 
+  } else {
 
+    if (parse_addr_port(smartlist_get(elements,1),NULL,&r->addr_dest,
 
+                             &r->port_dest)) {
 
+      log_fn(LOG_WARN, "Error parseing dest address in RedirectExit line");
 
+      goto err;
 
+    }
 
+    r->is_redirect = 1;
 
   }
 
 
   goto done;

+ 7 - 5
src/or/connection_edge.c
Parādīt failu 

@@ -901,11 +901,13 @@ void connection_exit_connect(connection_t *conn) {
 
       if ((addr&r->mask)==(r->addr&r->mask) &&
 
           (r->port_min <= port) && (port <= r->port_max)) {
 
         struct in_addr in;
 
-        addr = r->addr_dest;
 
-        port = r->port_dest;
 
-        in.s_addr = htonl(addr);
 
-        log_fn(LOG_DEBUG, "Redirecting connection from %s:%d to %s:%d",
 
-               conn->address, conn->port, inet_ntoa(in), port);
 
+        if (r->is_redirect) {
 
+          addr = r->addr_dest;
 
+          port = r->port_dest;
 
+          in.s_addr = htonl(addr);
 
+          log_fn(LOG_DEBUG, "Redirecting connection from %s:%d to %s:%d",
 
+                 conn->address, conn->port, inet_ntoa(in), port);
 
+        }
 
         break;
 
       }
 
     });

+ 1 - 0
src/or/or.h
Parādīt failu 

@@ -824,6 +824,7 @@ typedef struct exit_redirect_t {
 
   uint16_t port_min;
 
   uint16_t port_max;
 
 
+  int is_redirect;
 
   uint32_t addr_dest;
 
   uint16_t port_dest;
 
 } exit_redirect_t;