From 8dff23eb34cf63278f8c78eb965c77fe215b860c Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Sun, 24 Sep 2017 19:27:07 -0400 Subject: [PATCH] Assign Exit flag only for ports 80 and 443 Make the "Exit" flag assignment only depend on whether the exit policy allows connections to ports 80 and 443. Previously relays would get the Exit flag if they allowed connections to one of these ports and also port 6667. Resolves ticket 23637. --- changes/ticket23637 | 5 +++++ src/or/policies.c | 13 ++++--------- 2 files changed, 9 insertions(+), 9 deletions(-) create mode 100644 changes/ticket23637 diff --git a/changes/ticket23637 b/changes/ticket23637 new file mode 100644 index 0000000000..8687ab1a01 --- /dev/null +++ b/changes/ticket23637 @@ -0,0 +1,5 @@ + o Minor features: + - Make the "Exit" flag assignment only depend on whether the exit + policy allows connections to ports 80 and 443. Previously relays + would get the Exit flag if they allowed connections to one of + these ports and also port 6667. Resolves ticket 23637. diff --git a/src/or/policies.c b/src/or/policies.c index 4c24bfbc32..78451db8fc 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -2186,21 +2186,16 @@ exit_policy_is_general_exit_helper(smartlist_t *policy, int port) } /** Return true iff ri is "useful as an exit node", meaning - * it allows exit to at least one /8 address space for at least - * two of ports 80, 443, and 6667. */ + * it allows exit to at least one /8 address space for each of ports 80 + * and 443. */ int exit_policy_is_general_exit(smartlist_t *policy) { - static const int ports[] = { 80, 443, 6667 }; - int n_allowed = 0; - int i; if (!policy) /*XXXX disallow NULL policies? */ return 0; - for (i = 0; i < 3; ++i) { - n_allowed += exit_policy_is_general_exit_helper(policy, ports[i]); - } - return n_allowed >= 2; + return (exit_policy_is_general_exit_helper(policy, 80) && + exit_policy_is_general_exit_helper(policy, 443)); } /** Return false if policy might permit access to some addr:port;