From 46f8ef8116de5effdb8a5a62f4821662bbc31db7 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 29 Dec 2008 01:47:33 +0000
Subject: [PATCH] Switch address comparisons in policies to be exact rather
 than semantic.  Until we do ipv6 exit policies and until we know whether we
 even allow ::ffff:0:0/96 addresses, there is no point in doing "semantic"
 comparisons.  This was also showing up on oprofile.

svn:r17803
---
 src/or/policies.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/or/policies.c b/src/or/policies.c
index b44af88d6e..5ffff279cb 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -579,7 +579,7 @@ compare_known_tor_addr_to_addr_policy(const tor_addr_t *addr, uint16_t port,
   SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, tmpe) {
     /* Address is known */
     if (!tor_addr_compare_masked(addr, &tmpe->addr, tmpe->maskbits,
-                                 CMP_SEMANTIC)) {
+                                 CMP_EXACT)) {
       if (port >= tmpe->prt_min && port <= tmpe->prt_max) {
         /* Exact match for the policy */
         return tmpe->policy_type == ADDR_POLICY_ACCEPT ?
@@ -605,7 +605,7 @@ compare_known_tor_addr_to_addr_policy_noport(const tor_addr_t *addr,
 
   SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, tmpe) {
     if (!tor_addr_compare_masked(addr, &tmpe->addr, tmpe->maskbits,
-                                 CMP_SEMANTIC)) {
+                                 CMP_EXACT)) {
       if (tmpe->prt_min <= 1 && tmpe->prt_max >= 65535) {
         /* Definitely matches, since it covers all ports. */
         if (tmpe->policy_type == ADDR_POLICY_ACCEPT) {
@@ -708,7 +708,7 @@ addr_policy_covers(addr_policy_t *a, addr_policy_t *b)
     /* a has more fixed bits than b; it can't possibly cover b. */
     return 0;
   }
-  if (tor_addr_compare_masked(&a->addr, &b->addr, a->maskbits, CMP_SEMANTIC)) {
+  if (tor_addr_compare_masked(&a->addr, &b->addr, a->maskbits, CMP_EXACT)) {
     /* There's a fixed bit in a that's set differently in b. */
     return 0;
   }
@@ -731,7 +731,7 @@ addr_policy_intersects(addr_policy_t *a, addr_policy_t *b)
     minbits = a->maskbits;
   else
     minbits = b->maskbits;
-  if (tor_addr_compare_masked(&a->addr, &b->addr, minbits, CMP_SEMANTIC))
+  if (tor_addr_compare_masked(&a->addr, &b->addr, minbits, CMP_EXACT))
     return 0;
   if (a->prt_max < b->prt_min || b->prt_max < a->prt_min)
     return 0;
-- 
2.11.4.GIT