[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [sbws/master] fix: relaylist: filter out private networks
commit ca20d8287c956e5f8224133e225fb1c8b6c9754d
Author: juga0 <juga@xxxxxxxxxx>
Date: Sat Aug 1 13:37:20 2020 +0000
fix: relaylist: filter out private networks
when checking exit policies to know whether an exit can exit to a port.
Closes: #40010
---
sbws/lib/relaylist.py | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/sbws/lib/relaylist.py b/sbws/lib/relaylist.py
index ab7455e..dfd8b76 100644
--- a/sbws/lib/relaylist.py
+++ b/sbws/lib/relaylist.py
@@ -181,6 +181,10 @@ class Relay:
"""
Returns True if the relay has an exit policy and the policy accepts
exiting to the given portself or False otherwise.
+
+ The exits that are IPv6 only or IPv4 but rejecting some public networks
+ will return false.
+ On July 2020, there were 67 out of 1095 exits like this.
"""
assert isinstance(port, int)
# if dind't get the descriptor, there isn't exit policy
@@ -199,7 +203,12 @@ class Relay:
if self.exit_policy:
# Using `strict` to ensure it can exit to ALL domains
# and ips and that port. See #40006.
- return self.exit_policy.can_exit_to(port=port, strict=True)
+ # Using `strip_private` to ignore reject rules to private
+ # networks.
+ return (
+ self.exit_policy.strip_private()
+ .can_exit_to(port=port, strict=True)
+ )
except TypeError:
return False
return False
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits