-
Notifications
You must be signed in to change notification settings - Fork 107
Exitmap only scans relays that allow exiting AND thus have an exitflag, but #13
Comments
Are you getting a particular error message? If so, paste it in. |
They're pointing out this: Exitmap should check if a relay allows any exiting, not just that it has the exit flag. I think the tor client will use any relay that satisfies its exiting requirements under certain conditions. |
That sounds like a good solution to me. In addition, we should log a warning if a relay allows exiting but does not have the "Exit" flag. If anyone wants to write a patch, please do so. I might be able to fix that in a week or so. |
Previously, we would only select relays which have the exit flag. However, there is a number of relays which allow some form of exiting while not having earned the exit flag. We want to scan those, too. This fixes <#13>.
This is now fixed in commit 1dd2eab. Interestingly, right now there are 251 relays with some sort of exit policy which don't have the exit flag. Thanks for reporting this, justaguyprojects! |
@NullHypothesis I'd be careful here. This (stem's |
The previous commit did not fully fix the issue pointed out in <#13>. To fix this, we now only work with cached descriptors except when we need to look up flags in the network consensus. Thanks to Arlo for pointing this out.
@NullHypothesis looks good. one comment inline |
I merged the last changes in ff5696a. Thanks, everyone! |
If a relay only allows exiting to port 80, and thus doesn't get an exit flag, exitmap won't scan it, and it won't get checked for .exe patching when i'm scanning with https://github.com/leviathansecurity/exitmap/blob/master/src/modules/patchingCheck.py
The text was updated successfully, but these errors were encountered: