commit f5183c21db683ac09da892bbb1c99797535de506 Author: Yawning Angel yawning@schwanenlied.me Date: Sat Dec 10 05:51:42 2016 +0000

Bug #20780: Shuffle and persist the ordering of internal bridges.

A new config entry `internalBridgeSeed` is added that holds a persistent seed used to permute the internal bridges at the point where the torrc is generated. --- ChangeLog | 1 + src/cmd/sandboxed-tor-browser/internal/tor/tor.go | 31 ++++++++++++++-------- .../internal/ui/config/config.go | 13 +++++++++ 3 files changed, 34 insertions(+), 11 deletions(-)

diff --git a/ChangeLog b/ChangeLog index 54d051b..6b30c61 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,5 @@ Changes in version 0.0.2 - UNRELEASED: + * Bug #20780; Shuffle and persist the ordering of internal bridges.

Changes in version 0.0.1 - 2016-12-09: * Initial release. diff --git a/src/cmd/sandboxed-tor-browser/internal/tor/tor.go b/src/cmd/sandboxed-tor-browser/internal/tor/tor.go index ecb53e3..e3dd047 100644 --- a/src/cmd/sandboxed-tor-browser/internal/tor/tor.go +++ b/src/cmd/sandboxed-tor-browser/internal/tor/tor.go @@ -25,7 +25,7 @@ import ( "fmt" "io/ioutil" "log" - // mrand "math/rand" + mrand "math/rand" "os" "os/exec" "path/filepath" @@ -444,17 +444,26 @@ func CfgToSandboxTorrc(cfg *config.Config, bridges map[string][]string) ([]byte, } bridgeArgs := []string{string(torrcBridges)} if !cfg.Tor.UseCustomBridges { - // XXX: Actually shuffle this once there's a mechanism for - // persisting ordering. (#43) - for _, v := range bridges[cfg.Tor.InternalBridgeType] { - bridgeArgs = append(bridgeArgs, v) - } - /* - shuf := mrand.Perm(len(bridges[cfg.Tor.InternalBridgeType])) - for _, i := range shuf { - bridgeArgs = append(bridgeArgs, bridges[cfg.Tor.InternalBridgeType][i]) + // No seed was set. Generate one with math.Rand, since this is + // purely for load balancing and doesn't require high grade + // entropy. + if cfg.Tor.InternalBridgeSeed == 0 { + seed := mrand.Int63() + cfg.Tor.SetInternalBridgeSeed(seed) + if err = cfg.Sync(); err != nil { + return nil, err } - */ + } + + // Initialize the deterministic random bit generator, using + // the persisted seed. + drbgSrc := mrand.NewSource(cfg.Tor.InternalBridgeSeed) + drbg := mrand.New(drbgSrc) + + shuf := drbg.Perm(len(bridges[cfg.Tor.InternalBridgeType])) + for _, i := range shuf { + bridgeArgs = append(bridgeArgs, bridges[cfg.Tor.InternalBridgeType][i]) + } } else { // The caller is responsible for making sure that this is indeed // bridge lines, and not random other bullshit. diff --git a/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go b/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go index f119176..9295967 100644 --- a/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go +++ b/src/cmd/sandboxed-tor-browser/internal/ui/config/config.go @@ -82,6 +82,10 @@ type Tor struct { // bridges. InternalBridgeType string `json:"internalBridgeType"`

+ // InternalBridgeSeed is the seed to use when permuting the internal + // bridges for load balancing purposes. + InternalBridgeSeed int64 `json:"internalBridgeSeed"` + // UseCustomBridges is if the user provided bridges should be used. UseCustomBridges bool `json:"useCustomBridges"`

@@ -161,6 +165,15 @@ func (t *Tor) SetInternalBridgeType(s string) { } }

+// SetInternalBridgeSeed sets the seed to use when permuting the internal +// bridges for load balancing purposes and marks the config dirty. +func (t *Tor) SetInternalBridgeSeed(i int64) { + if t.InternalBridgeSeed != i { + t.InternalBridgeSeed = i + t.cfg.isDirty = true + } +} + // SetCustomBridges sets the user provided custom bridge lines, and maarks the // config dirty. func (t *Tor) SetCustomBridges(s string) {