[tor-commits] [stem/master] Fix passing IPv6 addresses to get_config_policy()

[atagar at torproject.org]

commit ebfd8bb67b681527089249c747844cf07fba8adf
Author: Damian Johnson <atagar at torproject.org>
Date:   Thu Oct 27 09:50:36 2016 -0700

    Fix passing IPv6 addresses to get_config_policy()
    
    get_config_policy() accepts an optional address for expanding the 'private'
    alias. Trouble was that with IPv6 addresses it wouldn't accept an address with
    brackets, but providing an address without brackets in turn was rejected by
    ExitPolicy class validation.
    
    Accepting both.
---
 stem/exit_policy.py             | 5 ++++-
 test/unit/exit_policy/policy.py | 5 +++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/stem/exit_policy.py b/stem/exit_policy.py
index df6809f..1aa2537 100644
--- a/stem/exit_policy.py
+++ b/stem/exit_policy.py
@@ -118,8 +118,10 @@ def get_config_policy(rules, ip_address = None):
   :raises: **ValueError** if input isn't a valid tor exit policy
   """
 
-  if ip_address and not (stem.util.connection.is_valid_ipv4_address(ip_address) or stem.util.connection.is_valid_ipv6_address(ip_address)):
+  if ip_address and not (stem.util.connection.is_valid_ipv4_address(ip_address) or stem.util.connection.is_valid_ipv6_address(ip_address, allow_brackets = True)):
     raise ValueError("%s isn't a valid IP address" % ip_address)
+  elif ip_address and stem.util.connection.is_valid_ipv6_address(ip_address, allow_brackets = True) and not (ip_address[0] == '[' and ip_address[-1] == ']'):
+    ip_address = '[%s]' % ip_address  # ExitPolicy validation expects IPv6 addresses to be bracketed
 
   if isinstance(rules, (bytes, str_type)):
     rules = rules.split(',')
@@ -200,6 +202,7 @@ def _flag_private_rules(rules):
 
     if last_rule.is_address_wildcard() or last_rule.min_port != min_port or last_rule.max_port != max_port or last_rule.is_accept != is_accept:
       is_match = False
+
     if is_match:
       for rule in rule_set:
         rule._is_private = True
diff --git a/test/unit/exit_policy/policy.py b/test/unit/exit_policy/policy.py
index 79f99e1..5c20d0d 100644
--- a/test/unit/exit_policy/policy.py
+++ b/test/unit/exit_policy/policy.py
@@ -161,6 +161,11 @@ class TestExitPolicy(unittest.TestCase):
 
     self.assertEqual(get_config_policy('accept *:80, accept 127.0.0.1:1-65533'), policy.strip_default())
 
+  def test_get_config_policy_with_ipv6(self):
+    # ensure our constructor accepts addresses both with and without brackets
+    self.assertTrue(get_config_policy('reject private:80', 'fe80:0000:0000:0000:0202:b3ff:fe1e:8329').is_exiting_allowed())
+    self.assertTrue(get_config_policy('reject private:80', '[fe80:0000:0000:0000:0202:b3ff:fe1e:8329]').is_exiting_allowed())
+
   def test_str(self):
     # sanity test for our __str__ method