[tor-commits] [tor/master] Check IPv6 exit policies on microdescriptors in node_exit_policy_rejects_all()

[asn at torproject.org]

commit be4a60945d724ca964d9d53f57cad6190a500077
Author: Neel Chauhan <neel at neelc.org>
Date:   Sun Aug 25 20:22:57 2019 -0400

    Check IPv6 exit policies on microdescriptors in node_exit_policy_rejects_all()
---
 changes/bug27284                       |  5 +++++
 src/feature/dirparse/microdesc_parse.c | 11 +++++++++++
 src/feature/nodelist/microdesc_st.h    |  2 ++
 src/feature/nodelist/nodelist.c        |  3 +--
 4 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/changes/bug27284 b/changes/bug27284
new file mode 100644
index 000000000..14fc2082f
--- /dev/null
+++ b/changes/bug27284
@@ -0,0 +1,5 @@
+  o Minor bugfixes (ipv6):
+    - When parsing microdescriptors, we should check the IPv6 exit policy
+      alongside IPv4. Previously, we checked both exit policies for only
+      router info structures, while microdescriptors were IPv4-only. Fixes
+      bug 27284; bugfix on 0.2.3.1-alpha. Patch by Neel Chauhan.
diff --git a/src/feature/dirparse/microdesc_parse.c b/src/feature/dirparse/microdesc_parse.c
index 22cc1e272..e02dfcf11 100644
--- a/src/feature/dirparse/microdesc_parse.c
+++ b/src/feature/dirparse/microdesc_parse.c
@@ -92,6 +92,12 @@ find_start_of_next_microdesc(const char *s, const char *eos)
 #undef NEXT_LINE
 }
 
+static inline int
+policy_is_reject_star_or_null(struct short_policy_t *policy)
+{
+  return !policy || short_policy_is_reject_star(policy);
+}
+
 /** Parse as many microdescriptors as are found from the string starting at
  * <b>s</b> and ending at <b>eos</b>.  If allow_annotations is set, read any
  * annotations we recognize and ignore ones we don't.
@@ -250,6 +256,11 @@ microdescs_parse_from_string(const char *s, const char *eos,
       md->ipv6_exit_policy = parse_short_policy(tok->args[0]);
     }
 
+    if (policy_is_reject_star_or_null(md->exit_policy) &&
+        policy_is_reject_star_or_null(md->ipv6_exit_policy)) {
+      md->policy_is_reject_star = 1;
+    }
+
     smartlist_add(result, md);
     okay = 1;
 
diff --git a/src/feature/nodelist/microdesc_st.h b/src/feature/nodelist/microdesc_st.h
index c8265cb77..e017c46c7 100644
--- a/src/feature/nodelist/microdesc_st.h
+++ b/src/feature/nodelist/microdesc_st.h
@@ -33,6 +33,8 @@ struct microdesc_t {
   unsigned int no_save : 1;
   /** If true, this microdesc has an entry in the microdesc_map */
   unsigned int held_in_map : 1;
+  /** True iff the exit policy for this router rejects everything. */
+  unsigned int policy_is_reject_star : 1;
   /** Reference count: how many node_ts have a reference to this microdesc? */
   unsigned int held_by_nodes;
 
diff --git a/src/feature/nodelist/nodelist.c b/src/feature/nodelist/nodelist.c
index 21914c6c6..6ae8d2bcb 100644
--- a/src/feature/nodelist/nodelist.c
+++ b/src/feature/nodelist/nodelist.c
@@ -1424,8 +1424,7 @@ node_exit_policy_rejects_all(const node_t *node)
   if (node->ri)
     return node->ri->policy_is_reject_star;
   else if (node->md)
-    return node->md->exit_policy == NULL ||
-      short_policy_is_reject_star(node->md->exit_policy);
+    return node->md->policy_is_reject_star;
   else
     return 1;
 }