macro_rules! restricted_msg {
{
$(#[$meta:meta])*
$(@omit_from $omit_from:literal)?
$v:vis enum $name:ident : RelayMsg {
$($tt:tt)*
}
} => { ... };
{
$(#[$meta:meta])*
$(@omit_from $omit_from:literal)?
$v:vis enum $name:ident : ChanMsg {
$($tt:tt)*
}
} => { ... };
{
[
any_type: $any_msg:ty,
msg_mod: $msg_mod:path,
cmd_type: $cmd_type:ty,
unrecognized: $unrec_type:ty,
body_trait: $body_type:ty,
msg_trait: $msg_trait:ty,
omit_from: $($omit_from:literal)?
]
$(#[$meta:meta])*
$v:vis enum $name:ident {
$(
$(#[$case_meta:meta])*
$([feature=$feat:literal])?
$case:ident
),*
$(, _ =>
$(#[$unrec_meta:meta])*
$unrecognized:ident )?
$(,)?
}
} => { ... };
}
Expand description
Declare a restricted version of
AnyRelayMsg
or
AnyChanMsg
.
Frequently we only want to handle a subset of the possible channel or relay commands that we might see. In those situations, it makes sense to define a a message types that will only try to parse the allowable commands. That way, we can avoid exposing any unnecessary parsers to a possible attacker.
The restricted message type is an enum, and is declared with a syntax as follows:
use tor_cell::{restrict::restricted_msg, relaycell::RelayMsgOuter};
restricted_msg! {
enum OpenStreamMsg : RelayMsg {
Data,
Sendme,
End,
_ => Unrecognized,
}
}
type OpenStreamMsgOuter = RelayMsgOuter<OpenStreamMsg>;
Instead of RelayMsg
, you can say ChanMsg
to get a restricted channel
message.
Only message variants exposed from the tor_cell::{chan,relay}cell::msg
are
supported.
You can omit the _ => Unrecognized
clause at the end. If you do, then any
unexpected command types will be treated as a parse error.