Bug#785414: tor-arm: arm fails to start on IPv6-enabled relay with "ExitPolicy reject6" torrc configuration

Fri, 15 May 2015 16:30:42 -0700 

Package: tor-arm
Version: 1.4.5.0-1
Severity: normal
Tags: patch

Suppose /etc/tor/torrc has the following line:

  ExitPolicy reject6 [2601::/20]:*

Then tor-arm will fail to start:

  $ sudo -u debian-tor arm
  Traceback (most recent call last):
    File "/usr/share/arm/starter.py", line 534, in <module>
      controller.init(conn)
    File "/usr/share/arm/util/torTools.py", line 670, in init
      self._exitPolicyChecker = self.getExitPolicy()
    File "/usr/share/arm/util/torTools.py", line 1345, in getExitPolicy
      result = ExitPolicy(entry, result)
    File "/usr/share/arm/util/torTools.py", line 2611, in __init__
      self.ipAddressBin += "".join([str((int(octet) >> y) & 1) for y in 
range(7, -1, -1)])
    ValueError: invalid literal for int() with base 10: '[2601'

Attached is a dumb patch which simply ignores reject6 so that tor-arm
can continue to start.

tor-arm seems to work fine with other bits of configuration in torrc
containing IPv6 addresses, particularly ORPort, so it's just ExitPolicy
parsing that is the problem.

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages tor-arm depends on:
ii  python         2.7.9-1
ii  python-torctl  20130920git-2

tor-arm recommends no packages.

Versions of packages tor-arm suggests:
ii  tor  0.2.5.12-1

-- no debconf information

-- 
Gerald Turner <gtur...@unzane.com>        Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D

Description: Work-around startup failure for IPv6-enabled relays having "ExitPolicy reject6" torrc configuration
Author: Gerald Turner <gtur...@unzane.com>

--- tor-arm-1.4.5.0.orig/src/util/torTools.py
+++ tor-arm-1.4.5.0/src/util/torTools.py
@@ -1342,6 +1342,8 @@ class Controller(TorCtl.PostEventListene
         policyEntries.reverse()
         
         for entry in policyEntries:
+          if entry.startswith("reject6"):
+            continue
           result = ExitPolicy(entry, result)
         
         # Checks if we are rejecting private connections. If set, this appends

Attachment: signature.asc
Description: PGP signature

Reply via email to