The addressmap module manages the processes by which we rewrite addresses in client requess. It handles the MapAddress controller and torrc commands, and the TrackHostExits feature, and the client-side DNS cache (deprecated). More...
#include "or.h"#include "addressmap.h"#include "circuituse.h"#include "config.h"#include "connection_edge.h"#include "control.h"#include "crypto_rand.h"#include "dns.h"#include "nodelist.h"#include "routerset.h"
Data Structures | |
| struct | addressmap_entry_t |
| struct | virtaddress_entry_t |
Macros | |
| #define | ADDRESSMAP_PRIVATE |
| #define | addressmap_ent_free(ent) FREE_AND_NULL(addressmap_entry_t, addressmap_ent_free_, (ent)) |
| #define | addressmap_virtaddress_ent_free(ent) FREE_AND_NULL(virtaddress_entry_t, addressmap_virtaddress_ent_free_, (ent)) |
Functions | |
| void | addressmap_init (void) |
| void | clear_trackexithost_mappings (const char *exitname) |
| void | addressmap_clear_excluded_trackexithosts (const or_options_t *options) |
| int | addressmap_address_should_automap (const char *address, const or_options_t *options) |
| void | addressmap_clear_invalid_automaps (const or_options_t *options) |
| void | addressmap_clear_configured (void) |
| void | addressmap_clear_transient (void) |
| void | addressmap_clean (time_t now) |
| void | addressmap_free_all (void) |
| int | addressmap_rewrite (char *address, size_t maxlen, unsigned flags, time_t *expires_out, addressmap_entry_source_t *exit_source_out) |
| int | addressmap_rewrite_reverse (char *address, size_t maxlen, unsigned flags, time_t *expires_out) |
| int | addressmap_have_mapping (const char *address, int update_expiry) |
| void | addressmap_register (const char *address, char *new_address, time_t expires, addressmap_entry_source_t source, const int wildcard_addr, const int wildcard_new_addr) |
| int | client_dns_incr_failures (const char *address) |
| void | client_dns_clear_failures (const char *address) |
| void | client_dns_set_addressmap (entry_connection_t *for_conn, const char *address, const tor_addr_t *val, const char *exitname, int ttl) |
| void | client_dns_set_reverse_addressmap (entry_connection_t *for_conn, const char *address, const char *v, const char *exitname, int ttl) |
| int | parse_virtual_addr_network (const char *val, sa_family_t family, int validate_only, char **msg) |
| int | address_is_in_virtual_range (const char *address) |
| STATIC void | get_random_virtual_addr (const virtual_addr_conf_t *conf, tor_addr_t *addr_out) |
| const char * | addressmap_register_virtual_address (int type, char *new_address) |
| int | address_is_invalid_destination (const char *address, int client) |
| void | addressmap_get_mappings (smartlist_t *sl, time_t min_expires, time_t max_expires, int want_expiry) |
Detailed Description
The addressmap module manages the processes by which we rewrite addresses in client requess. It handles the MapAddress controller and torrc commands, and the TrackHostExits feature, and the client-side DNS cache (deprecated).
Function Documentation
◆ address_is_in_virtual_range()
| int address_is_in_virtual_range | ( | const char * | address | ) |
Return true iff addr is likely to have been returned by client_dns_get_unused_address.
◆ address_is_invalid_destination()
| int address_is_invalid_destination | ( | const char * | address, |
| int | client | ||
| ) |
Return 1 if address has funny characters in it like colons. Return 0 if it's fine, or if we're configured to allow it anyway. client should be true if we're using this address as a client; false if we're using it as a server.
◆ addressmap_address_should_automap()
| int addressmap_address_should_automap | ( | const char * | address, |
| const or_options_t * | options | ||
| ) |
Return true iff address is one that we are configured to automap on resolve according to options.
◆ addressmap_clean()
| void addressmap_clean | ( | time_t | now | ) |
Clean out entries from the addressmap cache that were added long enough ago that they are no longer valid.
◆ addressmap_clear_configured()
| void addressmap_clear_configured | ( | void | ) |
Remove all entries from the addressmap that were set via the configuration file or the command line.
◆ addressmap_clear_excluded_trackexithosts()
| void addressmap_clear_excluded_trackexithosts | ( | const or_options_t * | options | ) |
Remove all TRACKEXIT mappings from the addressmap for which the target host is unknown or no longer allowed, or for which the source address is no longer in trackexithosts.
◆ addressmap_clear_invalid_automaps()
| void addressmap_clear_invalid_automaps | ( | const or_options_t * | options | ) |
Remove all AUTOMAP mappings from the addressmap for which the source address no longer matches AutomapHostsSuffixes, which is no longer allowed by AutomapHostsOnResolve, or for which the target address is no longer in the virtual network.
◆ addressmap_clear_transient()
| void addressmap_clear_transient | ( | void | ) |
Remove all entries from the addressmap that are set to expire, ever.
◆ addressmap_free_all()
| void addressmap_free_all | ( | void | ) |
Free all the elements in the addressmap, and free the addressmap itself.
◆ addressmap_get_mappings()
| void addressmap_get_mappings | ( | smartlist_t * | sl, |
| time_t | min_expires, | ||
| time_t | max_expires, | ||
| int | want_expiry | ||
| ) |
Iterate over all address mappings which have expiry times between min_expires and max_expires, inclusive. If sl is provided, add an "old-addr new-addr expiry" string to sl for each mapping, omitting the expiry time if want_expiry is false. If sl is NULL, remove the mappings.
◆ addressmap_have_mapping()
| int addressmap_have_mapping | ( | const char * | address, |
| int | update_expiry | ||
| ) |
Return 1 if address is already registered, else return 0. If address is already registered, and update_expires is non-zero, then update the expiry time on the mapping with update_expires if it is a mapping created by TrackHostExits.
◆ addressmap_init()
| void addressmap_init | ( | void | ) |
Initialize addressmap.
◆ addressmap_register()
| void addressmap_register | ( | const char * | address, |
| char * | new_address, | ||
| time_t | expires, | ||
| addressmap_entry_source_t | source, | ||
| const int | wildcard_addr, | ||
| const int | wildcard_new_addr | ||
| ) |
Register a request to map address to new_address, which will expire on expires (or 0 if never expires from config file, 1 if never expires from controller, 2 if never expires (virtual address mapping) from the controller.)
new_address should be a newly dup'ed string, which we'll use or free as appropriate. We will leave address alone.
If wildcard_addr is true, then the mapping will match any address equal to address, or any address ending with a period followed by address. If wildcard_addr and wildcard_new_addr are both true, the mapping will rewrite addresses that end with ".<b>address</b>" into ones that end with ".<b>new_address</b>".
If new_address is NULL, or new_address is equal to address and wildcard_addr is equal to wildcard_new_addr, remove any mappings that exist from address.
It is an error to set wildcard_new_addr if wildcard_addr is not set.
◆ addressmap_register_virtual_address()
| const char* addressmap_register_virtual_address | ( | int | type, |
| char * | new_address | ||
| ) |
A controller has requested that we map some address of type type to the address new_address. Choose an address that is unlikely to be used, and map it, and return it in a newly allocated string. If another address of the same type is already mapped to new_address, try to return a copy of that address.
The string in new_address may be freed or inserted into a map as appropriate. May return NULL if are out of virtual addresses.
◆ addressmap_rewrite()
| int addressmap_rewrite | ( | char * | address, |
| size_t | maxlen, | ||
| unsigned | flags, | ||
| time_t * | expires_out, | ||
| addressmap_entry_source_t * | exit_source_out | ||
| ) |
Look at address, and rewrite it until it doesn't want any more rewrites; but don't get into an infinite loop. Don't write more than maxlen chars into address. Return true if the address changed; false otherwise. Set *expires_out to the expiry time of the result, or to time_max if the result does not expire.
If exit_source_out is non-null, we set it as follows. If we the address starts out as a non-exit address, and we remap it to an .exit address at any point, then set *exit_source_out to the address_entry_source_t of the first such rule. Set *exit_source_out to ADDRMAPSRC_NONE if there is no such rewrite, or if the original address was a .exit.
◆ addressmap_rewrite_reverse()
| int addressmap_rewrite_reverse | ( | char * | address, |
| size_t | maxlen, | ||
| unsigned | flags, | ||
| time_t * | expires_out | ||
| ) |
If we have a cached reverse DNS entry for the address stored in the maxlen-byte buffer address (typically, a dotted quad) then rewrite to the cached value and return 1. Otherwise return 0. Set *expires_out to the expiry time of the result, or to time_max if the result does not expire.
◆ clear_trackexithost_mappings()
| void clear_trackexithost_mappings | ( | const char * | exitname | ) |
Unregister all TrackHostExits mappings from any address to *.exitname.exit.
◆ client_dns_clear_failures()
| void client_dns_clear_failures | ( | const char * | address | ) |
If address is in the client DNS addressmap, reset the number of resolve failures we have on record for it. This is used when we fail a stream because it won't resolve: otherwise future attempts on that address will only try once.
◆ client_dns_incr_failures()
| int client_dns_incr_failures | ( | const char * | address | ) |
An attempt to resolve address failed at some OR. Increment the number of resolve failures we have on record for it, and then return that number.
◆ client_dns_set_addressmap()
| void client_dns_set_addressmap | ( | entry_connection_t * | for_conn, |
| const char * | address, | ||
| const tor_addr_t * | val, | ||
| const char * | exitname, | ||
| int | ttl | ||
| ) |
Record the fact that address resolved to val. We can now use this in subsequent streams via addressmap_rewrite() so we can more correctly choose an exit that will allow address.
If exitname is defined, then append the addresses with ".exitname.exit" before registering the mapping.
If ttl is nonnegative, the mapping will be valid for ttlseconds; otherwise, we use the default.
◆ client_dns_set_reverse_addressmap()
| void client_dns_set_reverse_addressmap | ( | entry_connection_t * | for_conn, |
| const char * | address, | ||
| const char * | v, | ||
| const char * | exitname, | ||
| int | ttl | ||
| ) |
Add a cache entry noting that address (ordinarily a dotted quad) resolved via a RESOLVE_PTR request to the hostname v.
If exitname is defined, then append the addresses with ".exitname.exit" before registering the mapping.
If ttl is nonnegative, the mapping will be valid for ttlseconds; otherwise, we use the default.
◆ get_random_virtual_addr()
| STATIC void get_random_virtual_addr | ( | const virtual_addr_conf_t * | conf, |
| tor_addr_t * | addr_out | ||
| ) |
Return a random address conforming to the virtual address configuration in conf.
◆ parse_virtual_addr_network()
| int parse_virtual_addr_network | ( | const char * | val, |
| sa_family_t | family, | ||
| int | validate_only, | ||
| char ** | msg | ||
| ) |
Read a netmask of the form 127.192.0.0/10 from "val", and check whether it's a valid set of virtual addresses to hand out in response to MAPADDRESS requests. Return 0 on success; set *msg (if provided) to a newly allocated string and return -1 on failure. If validate_only is false, sets the actual virtual address range to the parsed value.
