[tor-bugs] #14314 [Stem]: ExitPolicy.can_exit_to() returns incorrect results when address is omitted
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jan 21 03:43:00 UTC 2015
#14314: ExitPolicy.can_exit_to() returns incorrect results when address is omitted
----------------------+------------------------
Reporter: nskinkel | Owner: atagar
Type: defect | Status: new
Priority: normal | Milestone:
Component: Stem | Version:
Keywords: | Actual Points:
Parent ID: | Points:
----------------------+------------------------
Note: this is with Stem version 1.3.0
When using ExitPolicy.can_exit_to(port=443, strict=False), an incorrect
result is returned. Ex:
{{{
>>> policy = ExitPolicy('reject 1.0.0.0/8:*', 'accept *:*')
>>> policy.can_exit_to(port=443, strict=False)
>>> False
}}}
If an address is included, however, the results are as expected:
{{{
>>> policy = ExitPolicy('reject 1.0.0.0/8:*', 'accept *:*')
>>> policy.can_exit_to(address='8.8.8.8', port=443, strict=False)
>>> True
}}}
According to Stem's documentation for can_exit_to() for the 'strict'
parameter:
{{{
strict (bool) -- if the address or port is excluded then check if we can
exit to all instances of the defined address or port
}}}
I interpret this to mean:
If 'strict' is True, then can_exit_to() should return True iff exits to
*all* possible IPs are allowed on the specified port when 'address' is
omitted. If 'strict' is False, then can_exit_to() should return True if
*any* exits to the specified port are allowed when 'address' is omitted.
Is this just a misunderstanding of the documentation on my part? Or is
this actually a bug?
Attached: a script to reproduce the issue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14314>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list