[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [stem/master] Truncating exit policies after a catch-all



commit 67c00e3c89b0cebd00ce5f6f19ce194b200eb8f4
Author: Damian Johnson <atagar@xxxxxxxxxxxxxx>
Date:   Sun Jan 13 16:19:17 2013 -0800

    Truncating exit policies after a catch-all
    
    It's pointless for an exit policy to contain rules after an 'accept *:*' or
    'reject *:*'. Cropping policies if they go on after that.
---
 stem/exit_policy.py             |    9 ++++++---
 test/unit/exit_policy/policy.py |    5 +++++
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/stem/exit_policy.py b/stem/exit_policy.py
index 45e0a98..3bccc27 100644
--- a/stem/exit_policy.py
+++ b/stem/exit_policy.py
@@ -290,9 +290,12 @@ class ExitPolicy(object):
 
       for rule in self._input_rules:
         if isinstance(rule, str):
-          rules.append(ExitPolicyRule(rule.strip()))
-        elif isinstance(rule, ExitPolicyRule):
-          rules.append(rule)
+          rule = ExitPolicyRule(rule.strip())
+
+        rules.append(rule)
+
+        if rule.is_address_wildcard() and rule.is_port_wildcard():
+          break  # this is a catch-all, no reason to include more
 
       self._rules = rules
       self._input_rules = None
diff --git a/test/unit/exit_policy/policy.py b/test/unit/exit_policy/policy.py
index 4da21b0..b8ac286 100644
--- a/test/unit/exit_policy/policy.py
+++ b/test/unit/exit_policy/policy.py
@@ -37,6 +37,11 @@ class TestExitPolicy(unittest.TestCase):
     policy = ExitPolicy(*"accept *:80, accept *:443, reject *:*".split(","))
     self.assertEquals(expected_policy, policy)
 
+    # checks that we truncate after getting a catch-all policy
+
+    policy = ExitPolicy(*"accept *:80, accept *:443, reject *:*, accept *:20-50".split(","))
+    self.assertEquals(expected_policy, policy)
+
   def test_set_default_allowed(self):
     policy = ExitPolicy('reject *:80', 'accept *:443')
 



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits