[tor-commits] [stem/master] Extrainfo descriptor transport lines fail validation

atagar at torproject.org atagar at torproject.org
Thu Mar 5 01:57:53 UTC 2020 

commit 7a0a8dd8d4218d5dabec3c2e47bebc4d1771236e
Author: Damian Johnson <atagar at torproject.org>
Date:   Wed Mar 4 17:49:09 2020 -0800

    Extrainfo descriptor transport lines fail validation
    
    Oops! Transport lines effectviely never appear aside from raw bridge
    descriptors (which we never see), so I didn't have a live example to
    test with.
    
    Now we have one. DocTor's descriptor validation check is failing with...
    
      03/05/2020 00:35:33 [WARNING] Unable to retrieve the extrainfo descriptors: Transport line has a malformed address: transport obfs4 [2001:985:e77:5:fd34:f56b:c2d1:e98c]:10394 cert=dJ/a+vnP+eFv7FDaVUqWCVlyrqf8FlOva2YAEkDUwiGQuorZf4Oc6FXSdyn8b4pUmZj/WA,iat-mode=0
    
    Caught thanks to GeKo.
---
 docs/change_log.rst                          |  4 ++++
 stem/descriptor/extrainfo_descriptor.py      |  2 +-
 test/unit/descriptor/extrainfo_descriptor.py | 17 +++++++++++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/docs/change_log.rst b/docs/change_log.rst
index 792baaca..8f306b44 100644
--- a/docs/change_log.rst
+++ b/docs/change_log.rst
@@ -50,6 +50,10 @@ The following are only available within Stem's `git repository
 
   * Socket based control connections often raised BrokenPipeError when closed
 
+ * **Descriptors**
+
+  * *transport* lines within extrainfo descriptors failed to validate
+
 .. _version_1.8:
 
 Version 1.8 (December 29th, 2019)
diff --git a/stem/descriptor/extrainfo_descriptor.py b/stem/descriptor/extrainfo_descriptor.py
index dcca9d14..d92bb770 100644
--- a/stem/descriptor/extrainfo_descriptor.py
+++ b/stem/descriptor/extrainfo_descriptor.py
@@ -286,7 +286,7 @@ def _parse_transport_line(descriptor, entries):
       name = value_comp[0]
       address, port_str = value_comp[1].rsplit(':', 1)
 
-      if not stem.util.connection.is_valid_ipv4_address(address) or \
+      if not stem.util.connection.is_valid_ipv4_address(address) and not \
              stem.util.connection.is_valid_ipv6_address(address, allow_brackets = True):
         raise ValueError('Transport line has a malformed address: transport %s' % value)
       elif not stem.util.connection.is_valid_port(port_str):
diff --git a/test/unit/descriptor/extrainfo_descriptor.py b/test/unit/descriptor/extrainfo_descriptor.py
index 25cbf489..2dae4de7 100644
--- a/test/unit/descriptor/extrainfo_descriptor.py
+++ b/test/unit/descriptor/extrainfo_descriptor.py
@@ -643,6 +643,23 @@ k0d2aofcVbHr4fPQOSST0LXDrhFl5Fqo5um296zpJGvRUeO6S44U/EfJAGShtqWw
         expect_invalid_attr(self, {keyword: entry}, stat_attr)
         expect_invalid_attr(self, {keyword: entry}, extra_attr, {})
 
+  def test_transport(self):
+    """
+    These lines are only applicable in raw bridge descriptors, which are
+    unavailable to the public. That said, misconfigured relays can occasionally
+    emit these.
+    """
+
+    desc = RelayExtraInfoDescriptor.create({'transport': 'obfs4 [2001:985:e77:5:fd34:f56b:c2d1:e98c]:10394 cert=dJ/a+vnP/WA,iat-mode=0'})
+
+    self.assertEqual({'obfs4': (
+      '[2001:985:e77:5:fd34:f56b:c2d1:e98c]',
+      10394,
+      ['cert=dJ/a+vnP/WA,iat-mode=0'],
+    )}, desc.transport)
+
+    expect_invalid_attr(self, {'transport': 'obfs4 invalid_address:123'}, 'transport', {})
+
   def test_padding_counts(self):
     """
     Check the 'hidserv-dir-onions-seen' lines.

More information about the tor-commits mailing list