[PATCH] Add port support to TorBulkExitList.py

Marcus Griep tormaster at xpdm.us
Tue Jun 9 05:03:41 UTC 2009 

Currently, the Tor Bulk Exit List python CGI script only supports
creation of exit lists for port 80. For some services, such as IRC,
port 80 may not be sufficient. Thus, I've done the light lifting and
extended the prior handiwork of ioerror to support creating Bulk
Exit Lists for ports other than port 80. The patch submitted doesn't
expose this functionality outright, but adding a "port" query string
parameter will give access to this feature.

In doing so, I noticed two possible bugs whose fixes are included in
this patch and described below:

@@ -52,7 +53,7 @@
In this section of code, we've determined that the cashed file for
the (IP,port) tuple has not expired, so we intend to return the
cached file. Instead, the `parsedExitList` is being read, which
includes every node that has any exit port open. This means that the
first result would be correct, but, until the cache expires,
subsequent requests will return the full list of exit nodes.

@@ -170,10 +171,10 @@
In this section, we are figuring out what the DNSEL result means. If
an exit is allowed for the given (exit,port,IP) tuple, then
127.0.0.2 is returned as an address result. For the question of "is
this an allowed exit?" the deleted logic returns "no" if any DNS
answer entry does not match 127.0.0.2. However, the predicate here
should be "exists" rather than "all". The substitute logic returns
yes if any DNS answer entry matches 127.0.0.2.

Patch attached, comments welcome.

-- 
Marcus Griep
GPG Key ID: 0x070E3F2D
——
https://torproj.xpdm.us
Ακακια את.ψο´, 3°
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: TorBulkExitList.py.patch
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20090609/95e633af/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20090609/95e633af/attachment.pgp>

More information about the tor-dev mailing list