commit 04f45ab01f39c06d0cd63da6b185d6ddca4acb09 Author: Damian Johnson atagar@torproject.org Date: Sat Jun 3 10:25:36 2017 -0700
Ports weren't optional for ipv6 addresses in the torrc
Oops! In the torrc ports are optional. We recognized this for ipv4 addresses but failed with ipv6 addresses due to their colons. This was originally spotted by teor but I mistakenly thought the addresses were invalid. My bad. :P --- docs/change_log.rst | 1 + stem/exit_policy.py | 3 ++- test/unit/exit_policy/policy.py | 7 +++++++ 3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/docs/change_log.rst b/docs/change_log.rst index a372e0c..926e7ea 100644 --- a/docs/change_log.rst +++ b/docs/change_log.rst @@ -50,6 +50,7 @@ The following are only available within Stem's `git repository * Added the GUARD_WAIT :data:`~stem.CircStatus` (:spec:`6446210`) * Unable to use cookie auth when path includes wide characters (chinese, japanese, etc) * Tor change caused :func:`~stem.control.Controller.list_ephemeral_hidden_services` to provide empty strings if unset (:trac:`21329`) + * Failed to parse torrcs without a port on ipv6 exit policy entries
* **Descriptors**
diff --git a/stem/exit_policy.py b/stem/exit_policy.py index e1469c8..25ed16e 100644 --- a/stem/exit_policy.py +++ b/stem/exit_policy.py @@ -67,6 +67,7 @@ exiting to a destination is permissible or not. For instance...
from __future__ import absolute_import
+import re import socket import zlib
@@ -134,7 +135,7 @@ def get_config_policy(rules, ip_address = None): if not rule: continue
- if ':' not in rule: + if not re.search(':[\d-*]+$', rule): rule = '%s:*' % rule
if 'private' in rule: diff --git a/test/unit/exit_policy/policy.py b/test/unit/exit_policy/policy.py index 29e3837..f6cf995 100644 --- a/test/unit/exit_policy/policy.py +++ b/test/unit/exit_policy/policy.py @@ -114,6 +114,13 @@ class TestExitPolicy(unittest.TestCase): policy = ExitPolicy('reject *:80-65535', 'accept *:1-65533', 'reject *:*') self.assertEqual('accept 1-79', policy.summary())
+ def test_without_port(self): + policy = get_config_policy('accept 216.58.193.78, reject *') + self.assertEqual([ExitPolicyRule('accept 216.58.193.78:*'), ExitPolicyRule('reject *:*')], list(policy)) + + policy = get_config_policy('reject6 [2a00:1450:4001:081e:0000:0000:0000:200e]') + self.assertEqual([ExitPolicyRule('reject [2a00:1450:4001:081e:0000:0000:0000:200e]:*')], list(policy)) + def test_non_private_non_default_policy(self): policy = get_config_policy('reject *:80-65535, accept *:1-65533, reject *:*')