Commit bad22915 authored by juga's avatar juga
Browse files

globals: remove unused resolve and can_exit_to functions

They were used to resolve the IP of the destination and check
whether an exit policy allows to exit to that IP, but when the
destination is a CDN, the IP locally resolved would be different
to the IP resolved in the exit, and when the IP resolved to
IPv6, it was possible that the scanner didn't have IPv6.
The correct method to check whether an exit policy allows to exit
to an IP, would be to resolve the domain via Tor itself using
RESOLVE and ADDRMAP events with that exit.
parent 7b594132
import os
import logging
import socket
log = logging.getLogger(__name__)
......@@ -70,25 +69,3 @@ def touch_file(fname, times=None):
log.debug('Touching %s', fname)
with open(fname, 'a') as fd:
os.utime(fd.fileno(), times=times)
def resolve(hostname, ipv4_only=False, ipv6_only=False):
assert not (ipv4_only and ipv6_only)
results = []
try:
results = socket.getaddrinfo(hostname, 0)
except socket.gaierror:
log.warn(
'Unable to resolve %s hostname. Returning empty list of addresses',
hostname)
return []
ret = set()
for result in results:
fam, _, _, _, addr = result
if fam == socket.AddressFamily.AF_INET6 and not ipv4_only:
ret.add(addr[0])
elif fam == socket.AddressFamily.AF_INET and not ipv6_only:
ret.add(addr[0])
else:
assert None, 'Unknown address family {}'.format(fam)
return list(ret)
from stem.descriptor.router_status_entry import RouterStatusEntryV3
from stem.descriptor.server_descriptor import ServerDescriptor
from stem import Flag, DescriptorUnavailable, ControllerError
from stem.util.connection import is_valid_ipv4_address
from stem.util.connection import is_valid_ipv6_address
import random
import time
import logging
from sbws.globals import resolve
from threading import Lock
log = logging.getLogger(__name__)
......@@ -101,32 +98,6 @@ class Relay:
return None
return key.rstrip('=')
def can_exit_to(self, host, port):
'''
Returns if this relay can MOST LIKELY exit to the given host:port.
**host** can be a hostname, but be warned that we will resolve it
locally and use the first (arbitrary/unknown order) result when
checking exit policies, which is different than what other parts of the
code may do (leaving it up to the exit to resolve the name).
'''
if not self.exit_policy:
return False
assert isinstance(host, str)
assert isinstance(port, int)
if not is_valid_ipv4_address(host) and not is_valid_ipv6_address(host):
# It certainly isn't perfect trying to guess if an exit can connect
# to an ipv4/6 address based on the DNS result we got locally. But
# it's the best we can do.
#
# Also, only use the first ipv4/6 we get even if there is more than
# one.
results = resolve(host)
if not len(results):
return False
host = results[0]
assert is_valid_ipv4_address(host) or is_valid_ipv6_address(host)
return self.exit_policy.can_exit_to(host, port)
def can_exit_to_port(self, port):
"""
Returns True if the relay has an exit policy and the policy accepts
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment