Fix the Big Bug in router_compare_addr_to_exit_policy: we used port 0

to mean "unknown port".  But no exit policy supports (nonexistant)
port 0, except accept *:*, and we had no special handling for 'unknown port'.

Now we do.

svn:r1098

diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 3c9281d5f7f6586fe007c84e422c1fda013729ba..cc975204e41dc62ad4fd76cb06c465eb1b7a1b56 100644 (file)
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -404,24 +404,25 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port,
   int maybe_reject = 0;
   int maybe_accept = 0;
   int match = 0;
+  int maybe = 0;
   struct in_addr in;
   struct exit_policy_t *tmpe;
 
   for(tmpe=policy; tmpe; tmpe=tmpe->next) {
     log_fn(LOG_DEBUG,"Considering exit policy %s", tmpe->string);
+    maybe = 0;
     if (!addr) {
       /* Address is unknown. */
-      if (tmpe->msk == 0 && (port >= tmpe->prt_min && port <= tmpe->prt_max)) {
-        /* The exit policy is accept/reject *:port */
-        match = 1;
-      } else if (port >= tmpe->prt_min && port <= tmpe->prt_max) {
-        if (tmpe->policy_type == EXIT_POLICY_REJECT) {
-          /* The exit policy is reject ???:port */
-          maybe_reject = 1;
+      if (port >= tmpe->prt_min && port <= tmpe->prt_max) {
+        /* The port definitely matches. */
+        if (tmpe->msk == 0) {
+          match = 1;
         } else {
-          /* The exit policy is accept ???:port */
-          maybe_accept = 1;
+          maybe = 1;
         }
+      } else if (!port) {
+        /* The port maybe matches. */
+        maybe = 1;
       }
     } else {
       /* Address is known */
@@ -431,6 +432,12 @@ int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port,
         match = 1;
       }
     }
+    if (maybe) {
+      if (tmpe->policy_type == EXIT_POLICY_REJECT)
+        maybe_reject = 1;
+      else
+        maybe_accept = 1;
+    }
     if (match) {
       in.s_addr = htonl(addr);
       log_fn(LOG_INFO,"Address %s:%d matches exit policy '%s'",