[tor-commits] [nyx/master] Move is_private() to be an entity method
atagar at torproject.org
atagar at torproject.org
Tue Sep 22 17:08:40 UTC 2015
commit d20add70f5a5775c1ddc87bf15c46b6f8222e05e
Author: Damian Johnson <atagar at torproject.org>
Date: Sat Aug 1 17:39:55 2015 -0700
Move is_private() to be an entity method
Another thing that doesn't really belong on individual lines. Also addressing a
'todo' comment in the process about checking if dns queries are using udp (we
now have this information handy).
---
nyx/connections/conn_entry.py | 40 ++--------------------------------------
nyx/connections/conn_panel.py | 2 +-
nyx/connections/entries.py | 39 +++++++++++++++++++++++++++++++++++++--
3 files changed, 40 insertions(+), 41 deletions(-)
diff --git a/nyx/connections/conn_entry.py b/nyx/connections/conn_entry.py
index 021accb..13aaadf 100644
--- a/nyx/connections/conn_entry.py
+++ b/nyx/connections/conn_entry.py
@@ -175,42 +175,6 @@ class ConnectionLine(entries.ConnectionPanelLine):
detail_format = (curses.A_BOLD, CATEGORY_COLOR[self.get_type()])
return [(line, detail_format) for line in self._get_detail_content(width)]
- def is_private(self):
- """
- Returns true if the endpoint is private, possibly belonging to a client
- connection or exit traffic.
- """
-
- if not CONFIG['features.connection.showIps']:
- return True
-
- # This is used to scrub private information from the interface. Relaying
- # etiquette (and wiretapping laws) say these are bad things to look at so
- # DON'T CHANGE THIS UNLESS YOU HAVE A DAMN GOOD REASON!
-
- my_type = self.get_type()
-
- if my_type == Category.INBOUND:
- controller = tor_controller()
-
- if controller.is_user_traffic_allowed().inbound:
- all_matches = nyx.util.tracker.get_consensus_tracker().get_all_relay_fingerprints(self.connection.remote_address)
- return all_matches == []
- elif my_type == Category.EXIT:
- # DNS connections exiting us aren't private (since they're hitting our
- # resolvers). Everything else, however, is.
-
- # TODO: Ideally this would also double check that it's a UDP connection
- # (since DNS is the only UDP connections Tor will relay), however this
- # will take a bit more work to propagate the information up from the
- # connection resolver.
-
- return self.connection.remote_port != 53
-
- # for everything else this isn't a concern
-
- return False
-
def get_type(self):
return self._entry.get_type()
@@ -435,7 +399,7 @@ class ConnectionLine(entries.ConnectionPanelLine):
lines = [''] * 7
lines[0] = 'address: %s' % self.get_destination_label(width - 11)
- lines[1] = 'locale: %s' % ('??' if self.is_private() else self.get_locale('??'))
+ lines[1] = 'locale: %s' % ('??' if self._entry.is_private() else self.get_locale('??'))
# Remaining data concerns the consensus results, with three possible cases:
# - if there's a single match then display its details
@@ -581,7 +545,7 @@ class ConnectionLine(entries.ConnectionPanelLine):
# destination of the connection
- address_label = '<scrubbed>' if self.is_private() else self.connection.remote_address
+ address_label = '<scrubbed>' if self._entry.is_private() else self.connection.remote_address
port_label = ':%s' % self.connection.remote_port if include_port else ''
destination_address = address_label + port_label
diff --git a/nyx/connections/conn_panel.py b/nyx/connections/conn_panel.py
index 7d06abe..76f6f16 100644
--- a/nyx/connections/conn_panel.py
+++ b/nyx/connections/conn_panel.py
@@ -481,7 +481,7 @@ class ConnectionPanel(panel.Panel, threading.Thread):
for entry in new_entries:
entry_line = entry.get_lines()[0]
- if entry_line.is_private() and entry.get_type() == conn_entry.Category.INBOUND:
+ if entry.is_private() and entry.get_type() == conn_entry.Category.INBOUND:
client_locale = entry_line.get_locale(None)
if client_locale:
diff --git a/nyx/connections/entries.py b/nyx/connections/entries.py
index 6963123..1242887 100644
--- a/nyx/connections/entries.py
+++ b/nyx/connections/entries.py
@@ -9,7 +9,7 @@ import datetime
from nyx.util import tor_controller
from stem.control import Listener
-from stem.util import enum
+from stem.util import conf, enum
# attributes we can list entries by
@@ -37,6 +37,10 @@ PORT_COUNT = 65536
SCRUBBED_IP_VAL = 255 ** 4
ADDRESS_CACHE = {}
+CONFIG = conf.config_dict('nyx', {
+ 'features.connection.showIps': True,
+})
+
def to_unix_time(dt):
return (dt - datetime.datetime(1970, 1, 1)).total_seconds()
@@ -110,6 +114,37 @@ class ConnectionPanelEntry:
return self._connection_type
+ def is_private(self):
+ """
+ Returns true if the endpoint is private, possibly belonging to a client
+ connection or exit traffic.
+
+ This is used to scrub private information from the interface. Relaying
+ etiquette (and wiretapping laws) say these are bad things to look at so
+ DON'T CHANGE THIS UNLESS YOU HAVE A DAMN GOOD REASON!
+ """
+
+ import nyx.connections.conn_entry
+ import nyx.util.tracker
+
+ if not CONFIG['features.connection.showIps']:
+ return True
+
+ if self.get_type() == nyx.connections.conn_entry.Category.INBOUND:
+ controller = tor_controller()
+
+ if controller.is_user_traffic_allowed().inbound:
+ return len(nyx.util.tracker.get_consensus_tracker().get_all_relay_fingerprints(self.connection.remote_address)) == 0
+ elif self.get_type() == nyx.connections.conn_entry.Category.EXIT:
+ # DNS connections exiting us aren't private (since they're hitting our
+ # resolvers). Everything else, however, is.
+
+ return self.connection.remote_port != 53 or self.connection.protocol != 'udp'
+
+ # for everything else this isn't a concern
+
+ return False
+
def get_lines(self):
"""
Provides the individual lines in the connection listing.
@@ -138,7 +173,7 @@ class ConnectionPanelEntry:
connection_line = self.lines[0]
if attr == SortAttr.IP_ADDRESS:
- if connection_line.is_private():
+ if self.is_private():
return SCRUBBED_IP_VAL # orders at the end
return address_to_int(connection_line.connection.remote_address)
More information about the tor-commits
mailing list