16#define ADDRESSMAP_PRIVATE
60 addressmap_entry_source_bitfield_t source:3;
61 unsigned src_wildcard:1;
62 unsigned dst_wildcard:1;
63 short num_resolve_failures;
70 char *hostname_address;
96#define addressmap_ent_free(ent) \
97 FREE_AND_NULL(addressmap_entry_t, addressmap_ent_free_, (ent))
111addressmap_ent_free_void(
void *ent)
116#define addressmap_virtaddress_ent_free(ent) \
117 FREE_AND_NULL(virtaddress_entry_t, addressmap_virtaddress_ent_free_, (ent))
132addressmap_virtaddress_ent_free_void(
void *ent)
142 if (ent && ent->new_address &&
148 if (!strcmp(address, ve->ipv4_address))
150 if (!strcmp(address, ve->ipv6_address))
152 if (!strcmp(address, ve->hostname_address))
154 if (!ve->ipv4_address && !ve->ipv6_address && !ve->hostname_address) {
168 addressmap_ent_free(ent);
188 } STRMAP_FOREACH_END;
199 const routerset_t *allow_nodes = options->
ExitNodes;
211 const char *target = ent->new_address, *dot;
225 len = strlen(target);
228 dot = target + len - 6;
229 while (dot > target && *dot !=
'.')
231 if (*dot ==
'.') dot++;
232 nodename = tor_strndup(dot, len-5-(dot-target));
243 } STRMAP_FOREACH_END;
258 if (!strcmp(suffix,
"."))
262 } SMARTLIST_FOREACH_END(suffix);
283 int remove_this = clear_all;
298 } STRMAP_FOREACH_END;
330 strmap_free(
addressmap, addressmap_ent_free_void);
355 while ((cp = strchr(cp,
'.'))) {
358 if (val && val->src_wildcard) {
359 if (val->dst_wildcard)
390 time_t expires = TIME_MAX;
392 char *addr_orig = tor_strdup(address);
393 char *log_addr_orig = NULL;
397 for (rewrites = 0; rewrites < 16; rewrites++) {
404 if (!ent || !ent->new_address) {
410 if (ent->src_wildcard && !ent->dst_wildcard &&
411 !strcasecmp(address, ent->new_address)) {
420 if (!ent || !ent->new_address) {
427 switch (ent->source) {
433 if (f == AF_INET && !(flags & AMR_FLAG_USE_IPV4_DNS))
435 else if (f == AF_INET6 && !(flags & AMR_FLAG_USE_IPV6_DNS))
441 if (!(flags & AMR_FLAG_USE_MAPADDRESS))
445 if (!(flags & AMR_FLAG_USE_AUTOMAP))
449 if (!(flags & AMR_FLAG_USE_TRACKEXIT))
454 log_warn(
LD_BUG,
"Unknown addrmap source value %d. Ignoring it.",
461 if (ent->dst_wildcard && !exact_match) {
462 strlcat(address,
".", maxlen);
463 strlcat(address, ent->new_address, maxlen);
465 strlcpy(address, ent->new_address, maxlen);
472 exit_source = ent->source;
475 log_info(
LD_APP,
"Addressmap: rewriting %s to %s",
477 if (ent->expires > 1 && ent->expires < expires)
478 expires = ent->expires;
483 "Loop detected: we've rewritten %s 16 times! Using it as-is.",
491 *exit_source_out = exit_source;
493 *expires_out = expires;
494 return (rewrites > 0);
513 if (f == AF_INET && !(flags & AMR_FLAG_USE_IPV4_DNS))
515 else if (f == AF_INET6 && !(flags & AMR_FLAG_USE_IPV6_DNS))
525 log_info(
LD_APP,
"Rewrote reverse lookup %s -> %s",
528 strlcpy(address, ent->new_address, maxlen);
533 *expires_out = (ent && ent->expires > 1) ? ent->expires : TIME_MAX;
550 ent->expires=time(NULL) + update_expiry;
578 const int wildcard_addr,
579 const int wildcard_new_addr, uint64_t stream_id)
583 if (wildcard_new_addr)
587 if (!new_address || (!strcasecmp(address,new_address) &&
588 wildcard_addr == wildcard_new_addr)) {
600 }
else if (ent->new_address) {
602 log_info(
LD_APP,
"Temporary addressmap ('%s' to '%s') not performed, "
603 "since it's already mapped to '%s'",
604 safe_str_client(address),
605 safe_str_client(new_address),
606 safe_str_client(ent->new_address));
619 ent->new_address = new_address;
620 ent->expires = expires==2 ? 1 : expires;
621 ent->num_resolve_failures = 0;
622 ent->source = source;
623 ent->src_wildcard = wildcard_addr ? 1 : 0;
624 ent->dst_wildcard = wildcard_new_addr ? 1 : 0;
626 log_info(
LD_CONFIG,
"Addressmap: (re)mapped '%s' to '%s'",
627 safe_str_client(address),
628 safe_str_client(ent->new_address));
630 expires, NULL, 1, stream_id);
646 if (ent->num_resolve_failures < SHRT_MAX)
647 ++ent->num_resolve_failures;
648 log_info(
LD_APP,
"Address %s now has %d resolve failures.",
649 safe_str_client(address),
650 ent->num_resolve_failures);
651 return ent->num_resolve_failures;
664 ent->num_resolve_failures = 0;
679 const char *address,
const char *
name,
680 const char *exitname,
683 char *extendedaddress=NULL, *extendedval=NULL;
684 uint64_t stream_id = 0;
703 "%s.%s.exit", address, exitname);
705 "%s.%s.exit",
name, exitname);
731 const char *exitname,
747 if (! for_conn->entry_cfg.cache_ipv6_answers)
768 const char *address,
const char *v,
769 const char *exitname,
777 (f == AF_INET6 && ! for_conn->entry_cfg.cache_ipv6_answers))
793static virtual_addr_conf_t virtaddr_conf_ipv4;
794static virtual_addr_conf_t virtaddr_conf_ipv6;
806 const int ipv6 = (family == AF_INET6);
809 const int max_prefix_bits = ipv6 ? 104 : 16;
810 virtual_addr_conf_t *conf = ipv6 ? &virtaddr_conf_ipv6 : &virtaddr_conf_ipv4;
812 if (!val || val[0] ==
'\0') {
814 tor_asprintf(msg,
"Value not present (%s) after VirtualAddressNetwork%s",
815 val?
"Empty":
"NULL", ipv6?
"IPv6":
"");
820 tor_asprintf(msg,
"Error parsing VirtualAddressNetwork%s %s",
821 ipv6?
"IPv6":
"", val);
826 tor_asprintf(msg,
"Incorrect address type for VirtualAddressNetwork%s",
831 if (port_min != 1 || port_max != 65535) {
833 tor_asprintf(msg,
"Can't specify ports on VirtualAddressNetwork%s",
839 if (bits > max_prefix_bits) {
841 tor_asprintf(msg,
"VirtualAddressNetwork%s expects a /%d "
842 "network or larger",ipv6?
"IPv6":
"", max_prefix_bits);
867 const virtual_addr_conf_t *conf = (
tor_addr_family(&addr) == AF_INET6) ?
868 &virtaddr_conf_ipv6 : &virtaddr_conf_ipv4;
882 const uint8_t *addr_bytes;
885 const int total_bytes = ipv6 ? 16 : 4;
902 memcpy(bytes, addr_bytes, conf->bits / 8);
903 if (conf->bits & 7) {
904 uint8_t mask = 0xff >> (conf->bits & 7);
905 bytes[conf->bits/8] &= mask;
906 bytes[conf->bits/8] |= addr_bytes[conf->bits/8] & ~mask;
915 conf->bits, CMP_EXACT)==0);
930 if (type == RESOLVED_TYPE_HOSTNAME) {
934 base32_encode(buf,
sizeof(buf),rand_bytes,
sizeof(rand_bytes));
935 strlcat(buf,
".virtual",
sizeof(buf));
937 return tor_strdup(buf);
938 }
else if (type == RESOLVED_TYPE_IPV4 || type == RESOLVED_TYPE_IPV6) {
939 const int ipv6 = (type == RESOLVED_TYPE_IPV6);
940 const virtual_addr_conf_t *conf = ipv6 ?
941 &virtaddr_conf_ipv6 : &virtaddr_conf_ipv4;
949 uint32_t attempts = 1000;
959 if ((a & 0xff) == 0 || (a & 0xff) == 0xff)
971 log_warn(
LD_BUG,
"%s wasn't in the addressmap, but %s was.",
977 return tor_strdup(buf);
980 log_warn(
LD_CONFIG,
"Ran out of virtual addresses!");
984 log_warn(
LD_BUG,
"Called with unsupported address type (%d)", type);
1004 int vent_needs_to_be_added = 0;
1013 vent_needs_to_be_added = 1;
1016 if (type == RESOLVED_TYPE_IPV4)
1017 addrp = &vent->ipv4_address;
1018 else if (type == RESOLVED_TYPE_IPV6)
1019 addrp = &vent->ipv6_address;
1021 addrp = &vent->hostname_address;
1025 if (ent && ent->new_address &&
1026 !strcasecmp(new_address, ent->new_address)) {
1032 "Internal confusion: I thought that '%s' was mapped to by "
1033 "'%s', but '%s' really maps to '%s'. This is a harmless bug.",
1034 safe_str_client(new_address),
1035 safe_str_client(*addrp),
1036 safe_str_client(*addrp),
1037 ent?safe_str_client(ent->new_address):
"(nothing)");
1048 log_info(
LD_APP,
"Registering map from %s to %s", *addrp, new_address);
1049 if (vent_needs_to_be_added)
1061 tor_assert(!strcasecmp(ent->new_address,new_address));
1065 (type == RESOLVED_TYPE_IPV4) ?
1066 vent->ipv4_address : vent->hostname_address));
1067 log_info(
LD_APP,
"Map from %s to %s okay.",
1068 safe_str_client(*addrp),
1069 safe_str_client(new_address));
1088 if (
get_options()->ServerDNSAllowNonRFC953Hostnames)
1100 if (TOR_ISALNUM(*address) ||
1120 time_t max_expires,
int want_expiry)
1122 strmap_iter_t *iter;
1130 for (iter = strmap_iter_init(
addressmap); !strmap_iter_done(iter); ) {
1131 strmap_iter_get(iter, &key, &val_);
1133 if (val->expires >= min_expires && val->expires <= max_expires) {
1135 iter = strmap_iter_next_rmv(
addressmap,iter);
1138 }
else if (val->new_address) {
1139 const char *src_wc = val->src_wildcard ?
"*." :
"";
1140 const char *dst_wc = val->dst_wildcard ?
"*." :
"";
1142 if (val->expires < 3 || val->expires == TIME_MAX)
1144 src_wc, key, dst_wc, val->new_address);
1146 char isotime[ISO_TIME_LEN+1];
1149 src_wc, key, dst_wc, val->new_address,
1154 src_wc, key, dst_wc, val->new_address);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
int tor_addr_parse(tor_addr_t *addr, const char *src)
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
int tor_addr_parse_mask_ports(const char *s, unsigned flags, tor_addr_t *addr_out, maskbits_t *maskbits_out, uint16_t *port_min_out, uint16_t *port_max_out)
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const uint8_t *ipv6_bytes)
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
static sa_family_t tor_addr_family(const tor_addr_t *a)
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
#define tor_addr_to_in6_addr8(x)
void addressmap_init(void)
static addressmap_entry_t * addressmap_match_superdomains(char *address)
static void addressmap_virtaddress_remove(const char *address, addressmap_entry_t *ent)
static char * addressmap_get_virtual_address(int type)
void client_dns_set_reverse_addressmap(entry_connection_t *for_conn, const char *address, const char *v, const char *exitname, int ttl)
void clear_trackexithost_mappings(const char *exitname)
static strmap_t * addressmap
int address_is_in_virtual_range(const char *address)
STATIC void get_random_virtual_addr(const virtual_addr_conf_t *conf, tor_addr_t *addr_out)
int addressmap_have_mapping(const char *address, int update_expiry)
int address_is_invalid_destination(const char *address, int client)
static void addressmap_virtaddress_ent_free_(virtaddress_entry_t *ent)
void addressmap_get_mappings(smartlist_t *sl, time_t min_expires, time_t max_expires, int want_expiry)
void addressmap_clear_invalid_automaps(const or_options_t *options)
void addressmap_clean(time_t now)
int client_dns_incr_failures(const char *address)
void addressmap_register(const char *address, char *new_address, time_t expires, addressmap_entry_source_t source, const int wildcard_addr, const int wildcard_new_addr, uint64_t stream_id)
void client_dns_set_addressmap(entry_connection_t *for_conn, const char *address, const tor_addr_t *val, const char *exitname, int ttl)
int addressmap_rewrite(char *address, size_t maxlen, unsigned flags, time_t *expires_out, addressmap_entry_source_t *exit_source_out)
static void client_dns_set_addressmap_impl(entry_connection_t *for_conn, const char *address, const char *name, const char *exitname, int ttl)
void addressmap_free_all(void)
int addressmap_address_should_automap(const char *address, const or_options_t *options)
void client_dns_clear_failures(const char *address)
static void addressmap_ent_remove(const char *address, addressmap_entry_t *ent)
void addressmap_clear_configured(void)
void addressmap_clear_transient(void)
static strmap_t * virtaddress_reversemap
static void addressmap_ent_free_(addressmap_entry_t *ent)
void addressmap_clear_excluded_trackexithosts(const or_options_t *options)
const char * addressmap_register_virtual_address(int type, char *new_address)
int parse_virtual_addr_network(const char *val, sa_family_t family, int validate_only, char **msg)
int addressmap_rewrite_reverse(char *address, size_t maxlen, unsigned flags, time_t *expires_out)
void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
static void set_uint32(void *cp, uint32_t v)
static uint32_t get_uint32(const void *cp)
int hostname_in_track_host_exits(const or_options_t *options, const char *address)
Header file for circuituse.c.
const char * escaped_safe_str_client(const char *address)
const or_options_t * get_options(void)
Header file for config.c.
uint32_t clip_dns_ttl(uint32_t ttl)
Header file for connection_edge.c.
#define MAX_DNS_ENTRY_AGE
int control_event_address_mapped(const char *from, const char *to, time_t expires, const char *error, const int cached, uint64_t stream_id)
Header file for control_events.c.
void crypto_rand(char *to, size_t n)
Common functions for using (pseudo-)random number generators.
Entry connection structure.
void * strmap_get_lc(const strmap_t *map, const char *key)
#define MAP_DEL_CURRENT(keyvar)
const node_t * node_get_by_nickname(const char *nickname, unsigned flags)
Header file for nodelist.c.
Master header file for Tor-specific functionality.
addressmap_entry_source_t
int tor_asprintf(char **strp, const char *fmt,...)
int routerset_is_empty(const routerset_t *set)
int routerset_contains_node(const routerset_t *set, const node_t *node)
Header file for routerset.c.
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
unsigned int cache_ipv4_answers
struct routerset_t * ExcludeExitNodesUnion_
struct routerset_t * ExitNodes
struct smartlist_t * AutomapHostsSuffixes
int AutomapHostsOnResolve
void format_iso_time(char *buf, time_t t)
void tor_strlower(char *s)
int strcmpend(const char *s1, const char *s2)
int strcasecmpend(const char *s1, const char *s2)