diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-05-22 13:27:02 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-05-22 13:27:02 +0000 |
commit | 37d9ce1d4544050396b44a1a1ba94429cb86267a (patch) | |
tree | 0bd7899469182f78d6d7255722484958597b446a /src/tun/regex.c | |
parent | bad29fd9a1cc3b1c7df7b992212568918c961b52 (diff) | |
download | gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.tar.gz gnunet-37d9ce1d4544050396b44a1a1ba94429cb86267a.zip |
do not generate wildcard '.' transitions in policy regex, be precise
Diffstat (limited to 'src/tun/regex.c')
-rw-r--r-- | src/tun/regex.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/tun/regex.c b/src/tun/regex.c index 25bd9fbf8..5c8897491 100644 --- a/src/tun/regex.c +++ b/src/tun/regex.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
3 | Copyright (C) 2012, 2013 Christian Grothoff (and other contributing authors) | 3 | Copyright (C) 2012, 2013, 2015 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
@@ -27,6 +27,11 @@ | |||
27 | #include "gnunet_util_lib.h" | 27 | #include "gnunet_util_lib.h" |
28 | #include "gnunet_tun_lib.h" | 28 | #include "gnunet_tun_lib.h" |
29 | 29 | ||
30 | /** | ||
31 | * 'wildcard', matches all possible values (for HEX encoding). | ||
32 | */ | ||
33 | #define DOT "(0|1|2|3|4|5|6|7|8|9|A|B|C|D|E|F)" | ||
34 | |||
30 | 35 | ||
31 | /** | 36 | /** |
32 | * Create a regex in @a rxstr from the given @a ip and @a netmask. | 37 | * Create a regex in @a rxstr from the given @a ip and @a netmask. |
@@ -92,7 +97,7 @@ nibble_to_regex (uint8_t value, | |||
92 | switch (mask) | 97 | switch (mask) |
93 | { | 98 | { |
94 | case 0: | 99 | case 0: |
95 | return GNUNET_strdup ("."); /* wildcard */ | 100 | return GNUNET_strdup (DOT); |
96 | case 8: | 101 | case 8: |
97 | GNUNET_asprintf (&ret, | 102 | GNUNET_asprintf (&ret, |
98 | "(%X|%X|%X|%X|%X|%X|%X|%X)", | 103 | "(%X|%X|%X|%X|%X|%X|%X|%X)", |
@@ -236,7 +241,7 @@ compute_policy (unsigned int start, | |||
236 | char middlehp[33+2]; /* 16 * 2 + 0-terminator + () */ | 241 | char middlehp[33+2]; /* 16 * 2 + 0-terminator + () */ |
237 | char middlelp[33+2]; /* 16 * 2 + 0-terminator + () */ | 242 | char middlelp[33+2]; /* 16 * 2 + 0-terminator + () */ |
238 | char afterp[36+2]; /* 16 * 2 + 3 dots + 0-terminator + () */ | 243 | char afterp[36+2]; /* 16 * 2 + 3 dots + 0-terminator + () */ |
239 | char dots[4]; | 244 | char dots[5 * strlen (DOT)]; |
240 | char buf[3]; | 245 | char buf[3]; |
241 | char *middle; | 246 | char *middle; |
242 | char *ret; | 247 | char *ret; |
@@ -311,7 +316,7 @@ compute_policy (unsigned int start, | |||
311 | strcpy (afterp, after); | 316 | strcpy (afterp, after); |
312 | dots[0] = '\0'; | 317 | dots[0] = '\0'; |
313 | for (xstep=step/16;xstep>0;xstep/=16) | 318 | for (xstep=step/16;xstep>0;xstep/=16) |
314 | strcat (dots, "."); | 319 | strcat (dots, DOT); |
315 | if (step >= 16) | 320 | if (step >= 16) |
316 | { | 321 | { |
317 | if (strlen (middlel) > 0) | 322 | if (strlen (middlel) > 0) |
@@ -516,7 +521,7 @@ port_to_regex (const struct GNUNET_STRINGS_PortPolicy *pp) | |||
516 | ( (1 == pp->start_port) && | 521 | ( (1 == pp->start_port) && |
517 | (0xFFFF == pp->end_port) && | 522 | (0xFFFF == pp->end_port) && |
518 | (GNUNET_NO == pp->negate_portrange)) ) | 523 | (GNUNET_NO == pp->negate_portrange)) ) |
519 | return GNUNET_strdup ("...."); | 524 | return GNUNET_strdup (DOT DOT DOT DOT); |
520 | if ( (pp->start_port == pp->end_port) && | 525 | if ( (pp->start_port == pp->end_port) && |
521 | (GNUNET_NO == pp->negate_portrange)) | 526 | (GNUNET_NO == pp->negate_portrange)) |
522 | { | 527 | { |
@@ -685,7 +690,7 @@ ipv6_to_regex (const struct GNUNET_STRINGS_IPv6NetworkPolicy *v6) | |||
685 | * Convert an exit policy to a regular expression. The exit policy | 690 | * Convert an exit policy to a regular expression. The exit policy |
686 | * specifies a set of subnets this peer is willing to serve as an | 691 | * specifies a set of subnets this peer is willing to serve as an |
687 | * exit for; the resulting regular expression will match the | 692 | * exit for; the resulting regular expression will match the |
688 | * IPv4 address strings as returned by 'GNUNET_TUN_ipv4toregexsearch'. | 693 | * IPv4 address strings as returned by #GNUNET_TUN_ipv4toregexsearch(). |
689 | * | 694 | * |
690 | * @param policy exit policy specification | 695 | * @param policy exit policy specification |
691 | * @return regular expression, NULL on error | 696 | * @return regular expression, NULL on error |