diff options
| author | Christian Grothoff <christian@grothoff.org> | 2015-05-22 13:27:02 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2015-05-22 13:27:02 +0000 |
| commit | 37d9ce1d4544050396b44a1a1ba94429cb86267a (patch) | |
| tree | 0bd7899469182f78d6d7255722484958597b446a /src/tun/regex.c | |
| parent | bad29fd9a1cc3b1c7df7b992212568918c961b52 (diff) | |
| download | gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.tar.gz gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.zip | |
do not generate wildcard '.' transitions in policy regex, be precise
Diffstat (limited to 'src/tun/regex.c')
| -rw-r--r-- | src/tun/regex.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/tun/regex.c b/src/tun/regex.c index 25bd9fbf8..5c8897491 100644 --- a/src/tun/regex.c +++ b/src/tun/regex.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* | 1 | /* |
| 2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
| 3 | Copyright (C) 2012, 2013 Christian Grothoff (and other contributing authors) | 3 | Copyright (C) 2012, 2013, 2015 Christian Grothoff (and other contributing authors) |
| 4 | 4 | ||
| 5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
| 6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
| @@ -27,6 +27,11 @@ | |||
| 27 | #include "gnunet_util_lib.h" | 27 | #include "gnunet_util_lib.h" |
| 28 | #include "gnunet_tun_lib.h" | 28 | #include "gnunet_tun_lib.h" |
| 29 | 29 | ||
| 30 | /** | ||
| 31 | * 'wildcard', matches all possible values (for HEX encoding). | ||
| 32 | */ | ||
| 33 | #define DOT "(0|1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)" | ||
| 34 | |||
| 30 | 35 | ||
| 31 | /** | 36 | /** |
| 32 | * Create a regex in @a rxstr from the given @a ip and @a netmask. | 37 | * Create a regex in @a rxstr from the given @a ip and @a netmask. |
| @@ -92,7 +97,7 @@ nibble_to_regex (uint8_t value, | |||
| 92 | switch (mask) | 97 | switch (mask) |
| 93 | { | 98 | { |
| 94 | case 0: | 99 | case 0: |
| 95 | return GNUNET_strdup ("."); /* wildcard */ | 100 | return GNUNET_strdup (DOT); |
| 96 | case 8: | 101 | case 8: |
| 97 | GNUNET_asprintf (&ret, | 102 | GNUNET_asprintf (&ret, |
| 98 | "(%X|%X|%X|%X|%X|%X|%X|%X)", | 103 | "(%X|%X|%X|%X|%X|%X|%X|%X)", |
| @@ -236,7 +241,7 @@ compute_policy (unsigned int start, | |||
| 236 | char middlehp[33+2]; /* 16 * 2 + 0-terminator + () */ | 241 | char middlehp[33+2]; /* 16 * 2 + 0-terminator + () */ |
| 237 | char middlelp[33+2]; /* 16 * 2 + 0-terminator + () */ | 242 | char middlelp[33+2]; /* 16 * 2 + 0-terminator + () */ |
| 238 | char afterp[36+2]; /* 16 * 2 + 3 dots + 0-terminator + () */ | 243 | char afterp[36+2]; /* 16 * 2 + 3 dots + 0-terminator + () */ |
| 239 | char dots[4]; | 244 | char dots[5 * strlen (DOT)]; |
| 240 | char buf[3]; | 245 | char buf[3]; |
| 241 | char *middle; | 246 | char *middle; |
| 242 | char *ret; | 247 | char *ret; |
| @@ -311,7 +316,7 @@ compute_policy (unsigned int start, | |||
| 311 | strcpy (afterp, after); | 316 | strcpy (afterp, after); |
| 312 | dots[0] = '\0'; | 317 | dots[0] = '\0'; |
| 313 | for (xstep=step/16;xstep>0;xstep/=16) | 318 | for (xstep=step/16;xstep>0;xstep/=16) |
| 314 | strcat (dots, "."); | 319 | strcat (dots, DOT); |
| 315 | if (step >= 16) | 320 | if (step >= 16) |
| 316 | { | 321 | { |
| 317 | if (strlen (middlel) > 0) | 322 | if (strlen (middlel) > 0) |
| @@ -516,7 +521,7 @@ port_to_regex (const struct GNUNET_STRINGS_PortPolicy *pp) | |||
| 516 | ( (1 == pp->start_port) && | 521 | ( (1 == pp->start_port) && |
| 517 | (0xFFFF == pp->end_port) && | 522 | (0xFFFF == pp->end_port) && |
| 518 | (GNUNET_NO == pp->negate_portrange)) ) | 523 | (GNUNET_NO == pp->negate_portrange)) ) |
| 519 | return GNUNET_strdup ("...."); | 524 | return GNUNET_strdup (DOT DOT DOT DOT); |
| 520 | if ( (pp->start_port == pp->end_port) && | 525 | if ( (pp->start_port == pp->end_port) && |
| 521 | (GNUNET_NO == pp->negate_portrange)) | 526 | (GNUNET_NO == pp->negate_portrange)) |
| 522 | { | 527 | { |
| @@ -685,7 +690,7 @@ ipv6_to_regex (const struct GNUNET_STRINGS_IPv6NetworkPolicy *v6) | |||
| 685 | * Convert an exit policy to a regular expression. The exit policy | 690 | * Convert an exit policy to a regular expression. The exit policy |
| 686 | * specifies a set of subnets this peer is willing to serve as an | 691 | * specifies a set of subnets this peer is willing to serve as an |
| 687 | * exit for; the resulting regular expression will match the | 692 | * exit for; the resulting regular expression will match the |
| 688 | * IPv4 address strings as returned by 'GNUNET_TUN_ipv4toregexsearch'. | 693 | * IPv4 address strings as returned by #GNUNET_TUN_ipv4toregexsearch(). |
| 689 | * | 694 | * |
| 690 | * @param policy exit policy specification | 695 | * @param policy exit policy specification |
| 691 | * @return regular expression, NULL on error | 696 | * @return regular expression, NULL on error |