do not generate wildcard '.' transitions in policy regex, be precise

author: Christian Grothoff <christian@grothoff.org> 2015-05-22 13:27:02 +0000
committer: Christian Grothoff <christian@grothoff.org> 2015-05-22 13:27:02 +0000
commit: 37d9ce1d4544050396b44a1a1ba94429cb86267a (patch)
tree: 0bd7899469182f78d6d7255722484958597b446a
parent: bad29fd9a1cc3b1c7df7b992212568918c961b52 (diff)
download: gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.tar.gz
gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.zip
2 files changed, 25 insertions, 15 deletions
diff --git a/src/tun/regex.c b/src/tun/regex.c
index 25bd9fbf8..5c8897491 100644
--- a/src/tun/regex.c
+++ b/src/tun/regex.c
@@ -1,6 +1,6 @@
 /*
     This file is part of GNUnet
-     Copyright (C) 2012, 2013 Christian Grothoff (and other contributing authors)
+     Copyright (C) 2012, 2013, 2015 Christian Grothoff (and other contributing authors)
     GNUnet is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published
@@ -27,6 +27,11 @@
 #include "gnunet_util_lib.h"
 #include "gnunet_tun_lib.h"
+/**
+ * 'wildcard', matches all possible values (for HEX encoding).
+ */
+#define DOT "(0|1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)"
 /**
 * Create a regex in @a rxstr from the given @a ip and @a netmask.
@@ -92,7 +97,7 @@ nibble_to_regex (uint8_t value,
  switch (mask)
  {
  case 0:
-    return GNUNET_strdup ("."); /* wildcard */
+    return GNUNET_strdup (DOT);
  case 8:
    GNUNET_asprintf (&ret,
                     "(%X|%X|%X|%X|%X|%X|%X|%X)",
@@ -236,7 +241,7 @@ compute_policy (unsigned int start,
  char middlehp[33+2]; /* 16 * 2 + 0-terminator + () */
  char middlelp[33+2]; /* 16 * 2 + 0-terminator + () */
  char afterp[36+2]; /* 16 * 2 + 3 dots + 0-terminator + () */
-  char dots[4];
+  char dots[5 * strlen (DOT)];
  char buf[3];
  char *middle;
  char *ret;
@@ -311,7 +316,7 @@ compute_policy (unsigned int start,
    strcpy (afterp, after);
  dots[0] = '\0';
  for (xstep=step/16;xstep>0;xstep/=16)
-    strcat (dots, ".");
+    strcat (dots, DOT);
  if (step >= 16)
  {
    if (strlen (middlel) > 0)
@@ -516,7 +521,7 @@ port_to_regex (const struct GNUNET_STRINGS_PortPolicy *pp)
       ( (1 == pp->start_port) &&
         (0xFFFF == pp->end_port) &&
         (GNUNET_NO == pp->negate_portrange)) )
-    return GNUNET_strdup ("....");
+    return GNUNET_strdup (DOT DOT DOT DOT);
  if ( (pp->start_port == pp->end_port) &&
       (GNUNET_NO == pp->negate_portrange))
  {
@@ -685,7 +690,7 @@ ipv6_to_regex (const struct GNUNET_STRINGS_IPv6NetworkPolicy *v6)
 * Convert an exit policy to a regular expression.  The exit policy
 * specifies a set of subnets this peer is willing to serve as an
 * exit for; the resulting regular expression will match the
- * IPv4 address strings as returned by 'GNUNET_TUN_ipv4toregexsearch'.
+ * IPv4 address strings as returned by #GNUNET_TUN_ipv4toregexsearch().
 *
 * @param policy exit policy specification
 * @return regular expression, NULL on error
diff --git a/src/tun/test_regex.c b/src/tun/test_regex.c
index 162a73b4b..f3cf7f7e1 100644
--- a/src/tun/test_regex.c
+++ b/src/tun/test_regex.c
@@ -25,6 +25,11 @@
 #include "platform.h"
 #include "gnunet_tun_lib.h"
+/**
+ * 'wildcard', matches all possible values (for HEX encoding).
+ */
+#define DOT "(0|1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)"
 static int
 test_iptoregex (const char *ipv4,
@@ -144,31 +149,31 @@ main (int argc, char *argv[])
                    "6-0031-E1E173F951BE00000000000000000000");
  error +=
    test_policy4toregex ("192.1.2.0/24:80;",
-                         "4-0050-C00102..");
+                         "4-0050-C00102" DOT DOT);
  error +=
    test_policy4toregex ("192.1.0.0/16;",
-                         "4-....-C001....");
+                         "4-" DOT DOT DOT DOT "-C001" DOT DOT DOT DOT);
  error +=
    test_policy4toregex ("192.1.0.0/16:80-81;",
-                         "4-(0050|0051)-C001....");
+                         "4-(0050|0051)-C001" DOT DOT DOT DOT);
  error +=
    test_policy4toregex ("192.1.0.0/8:!3-65535;",
-                         "4-000(0|1|2)-C0......");
+                         "4-000(0|1|2)-C0" DOT DOT DOT DOT DOT DOT);
  error +=
    test_policy4toregex ("192.1.0.0/8:!25-56;",
-                         "4-(0(0(0.|1(0|1|2|3|4|5|6|7|8)|3(9|A|B|C|D|E|F)|(4|5|6|7|8|9|A|B|C|D|E|F).)|(1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)..)|(1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)...)-C0......");
+                         "4-(0(0(0"DOT"|1(0|1|2|3|4|5|6|7|8)|3(9|A|B|C|D|E|F)|(4|5|6|7|8|9|A|B|C|D|E|F)"DOT")|(1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)"DOT DOT")|(1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)"DOT DOT DOT")-C0"DOT DOT DOT DOT DOT DOT);
  error +=
    test_policy6toregex ("E1E1::1;",
-                         "6-....-E1E10000000000000000000000000001");
+                         "6-"DOT DOT DOT DOT"-E1E10000000000000000000000000001");
  error +=
    test_policy6toregex ("E1E1:ABCD::1/120;",
-                         "6-....-E1E1ABCD0000000000000000000000..");
+                         "6-"DOT DOT DOT DOT"-E1E1ABCD0000000000000000000000" DOT DOT);
  error +=
    test_policy6toregex ("E1E1:ABCD::ABCD/126;",
-                         "6-....-E1E1ABCD00000000000000000000ABC(C|D|E|F)");
+                         "6-"DOT DOT DOT DOT"-E1E1ABCD00000000000000000000ABC(C|D|E|F)");
  error +=
    test_policy6toregex ("E1E1:ABCD::ABCD/127;",
-                         "6-....-E1E1ABCD00000000000000000000ABC(C|D)");
+                         "6-"DOT DOT DOT DOT"-E1E1ABCD00000000000000000000ABC(C|D)");
  error +=
    test_policy6toregex ("E1E1:ABCD::ABCD/128:80;",
                         "6-0050-E1E1ABCD00000000000000000000ABCD");
author	Christian Grothoff <christian@grothoff.org>	2015-05-22 13:27:02 +0000
committer	Christian Grothoff <christian@grothoff.org>	2015-05-22 13:27:02 +0000
commit	37d9ce1d4544050396b44a1a1ba94429cb86267a (patch)
tree	0bd7899469182f78d6d7255722484958597b446a
parent	bad29fd9a1cc3b1c7df7b992212568918c961b52 (diff)
download	gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.tar.gz gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.zip