Rename is_localhost to allow_local_addrs, and apply it to IPs too.
This commit is contained in:
parent
2e4f5e2d10
commit
36febf7c14
|
@ -108,5 +108,5 @@ request_loyalty = "50 msec"
|
|||
# Rules for client configuration
|
||||
[client_config]
|
||||
|
||||
# Are we running as localhost (e.g. on chutney)?
|
||||
is_localhost = false
|
||||
# Should we allow attempts to make Tor connections to local addresses?
|
||||
allow_local_addrs = false
|
||||
|
|
|
@ -216,7 +216,7 @@ impl<R: Runtime> TorClient<R> {
|
|||
return Err(anyhow!("Rejecting hostname as invalid."));
|
||||
}
|
||||
if let Ok(ip) = IpAddr::from_str(addr) {
|
||||
if Self::is_internal_ip(&ip) {
|
||||
if Self::is_internal_ip(&ip) && !self.clientcfg.allow_local_addrs {
|
||||
return Err(anyhow!("Rejecting IP as internal."));
|
||||
}
|
||||
}
|
||||
|
@ -361,7 +361,7 @@ pub(crate) fn is_valid_hostname(client_cfg: &ClientConfig, hostname: &str) -> bo
|
|||
|| hostname.ends_with('.')
|
||||
|| hostname.starts_with('.')
|
||||
|| hostname.is_empty()
|
||||
|| (hostname.to_lowercase().eq("localhost") && !client_cfg.is_localhost))
|
||||
|| (hostname.to_lowercase().eq("localhost") && !client_cfg.allow_local_addrs))
|
||||
|| is_ipv6_str(hostname)
|
||||
}
|
||||
|
||||
|
@ -476,9 +476,11 @@ mod test {
|
|||
#[test]
|
||||
fn validate_hostname() {
|
||||
let client_cfg = ClientConfig {
|
||||
is_localhost: false,
|
||||
allow_local_addrs: false,
|
||||
};
|
||||
let client_cfg_localhost = ClientConfig {
|
||||
allow_local_addrs: true,
|
||||
};
|
||||
let client_cfg_localhost = ClientConfig { is_localhost: true };
|
||||
|
||||
// Valid hostname tests
|
||||
assert!(is_valid_hostname(&client_cfg, "torproject.org"));
|
||||
|
|
|
@ -10,9 +10,12 @@ use serde::Deserialize;
|
|||
#[derive(Debug, Clone, Builder, Deserialize)]
|
||||
#[builder]
|
||||
pub struct ClientConfig {
|
||||
/// Are we running as localhost?
|
||||
/// Should we allow attempts to make Tor connections to local addresses?
|
||||
///
|
||||
/// This option is off by default, since (by default) Tor exits will
|
||||
/// always reject connections to such addresses.
|
||||
#[builder(default)]
|
||||
pub(crate) is_localhost: bool,
|
||||
pub(crate) allow_local_addrs: bool,
|
||||
}
|
||||
|
||||
// NOTE: it seems that `unwrap` may be safe because of builder defaults
|
||||
|
|
Loading…
Reference in New Issue