[tor-commits] [nyx/master] Don't exitable connections to relays as exits

[atagar at torproject.org]

commit 82a19385c73c14da932cbb0cd0a5b74a8a7077ef
Author: Damian Johnson <atagar at torproject.org>
Date:   Fri Nov 3 18:55:12 2017 -0700

    Don't exitable connections to relays as exits
    
    If you have an exit policy that allows exiting then relay connections we could
    conceivably exit to are labeled as 'EXIT'. That's wrong, and would
    understandably spook folks.
---
 nyx/panel/connection.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/nyx/panel/connection.py b/nyx/panel/connection.py
index 35fe511..13983b1 100644
--- a/nyx/panel/connection.py
+++ b/nyx/panel/connection.py
@@ -17,6 +17,8 @@ import nyx.panel
 import nyx.popups
 import nyx.tracker
 
+import stem.util.log
+
 from nyx import nyx_interface, tor_controller
 from nyx.curses import WHITE, NORMAL, BOLD, HIGHLIGHT
 from nyx.menu import MenuItem, Submenu, RadioMenuItem, RadioGroup
@@ -222,7 +224,7 @@ class ConnectionEntry(Entry):
       for circ in LAST_RETRIEVED_CIRCUITS:
         if circ.path and len(circ.path) == 1 and circ.path[0][0] == fingerprint and circ.status == 'BUILT':
           return Category.DIRECTORY  # one-hop circuit to retrieve directory information
-    elif exit_policy and exit_policy.can_exit_to(self._connection.remote_address, self._connection.remote_port):
+    elif not fingerprint and exit_policy and exit_policy.can_exit_to(self._connection.remote_address, self._connection.remote_port):
       return Category.EXIT
 
     return Category.OUTBOUND