GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Commit ca20d828 authored by juga  's avatar juga 💬

fix: relaylist: filter out private networks

when checking exit policies to know whether an exit can exit to a port.

Closes: #40010
parent 3fcc5892
Pipeline #726 failed with stage
in 31 minutes and 48 seconds
......@@ -181,6 +181,10 @@ class Relay:
"""
Returns True if the relay has an exit policy and the policy accepts
exiting to the given portself or False otherwise.
The exits that are IPv6 only or IPv4 but rejecting some public networks
will return false.
On July 2020, there were 67 out of 1095 exits like this.
"""
assert isinstance(port, int)
# if dind't get the descriptor, there isn't exit policy
......@@ -199,7 +203,12 @@ class Relay:
if self.exit_policy:
# Using `strict` to ensure it can exit to ALL domains
# and ips and that port. See #40006.
return self.exit_policy.can_exit_to(port=port, strict=True)
# Using `strip_private` to ignore reject rules to private
# networks.
return (
self.exit_policy.strip_private()
.can_exit_to(port=port, strict=True)
)
except TypeError:
return False
return False
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment