Assign Exit flag only for ports 80 and 443

Make the "Exit" flag assignment only depend on whether the exit policy allows connections to ports 80 and 443. Previously relays would get the Exit flag if they allowed connections to one of these ports and also port 6667. Resolves ticket 23637.
2024-11-10 21:23:58 +01:00 · 2017-09-24 19:27:07 -04:00 · 2017-09-24 19:27:07 -04:00 · 8dff23eb34
commit 8dff23eb34
parent a1f31c0671
2 changed files with 9 additions and 9 deletions
--- a/changes/ticket23637
+++ b/changes/ticket23637
@ -0,0 +1,5 @@
+  o Minor features:
+    - Make the "Exit" flag assignment only depend on whether the exit
+      policy allows connections to ports 80 and 443. Previously relays
+      would get the Exit flag if they allowed connections to one of
+      these ports and also port 6667. Resolves ticket 23637.
--- a/src/or/policies.c
+++ b/src/or/policies.c
@ -2186,21 +2186,16 @@ exit_policy_is_general_exit_helper(smartlist_t *policy, int port)
 }

 /** Return true iff <b>ri</b> is "useful as an exit node", meaning
- * it allows exit to at least one /8 address space for at least
- * two of ports 80, 443, and 6667. */
+ * it allows exit to at least one /8 address space for each of ports 80
+ * and 443. */
 int
 exit_policy_is_general_exit(smartlist_t *policy)
 {
-  static const int ports[] = { 80, 443, 6667 };
-  int n_allowed = 0;
-  int i;
  if (!policy) /*XXXX disallow NULL policies? */
    return 0;

-  for (i = 0; i < 3; ++i) {
-    n_allowed += exit_policy_is_general_exit_helper(policy, ports[i]);
-  }
-  return n_allowed >= 2;
+  return (exit_policy_is_general_exit_helper(policy, 80) &&
+          exit_policy_is_general_exit_helper(policy, 443));
 }

 /** Return false if <b>policy</b> might permit access to some addr:port;