commit 7fa64bca8f132e599fc0355dfb1673cabaaf6ba2 Author: Isis Lovecruft isis@torproject.org Date: Mon Mar 30 01:15:35 2015 +0000

Serve Tor clients a more restricted set of bridges per period.

See https://trac.torproject.org/projects/tor/ticket/4771#comment:14 for more information.

Essentially, by using the `area` (which is the client's IP address, truncated to the /24, i.e. if the client's IP is 1.2.3.4, then the `area` would be 1.2.3) in the HMAC for placing the client into the hashring, the resulting HMAC would be different for each Tor Exit (but not for Exits in the same /24). This would enable clients who changed their Exit relay to get new bridges.

Instead, we now group Tor/proxy users into four groups, based on their Exit relay's or proxy's IP address. Regardless of how many times a client changes their Exit or proxy, they will only get up to four sets of bridge lines (per period). --- lib/bridgedb/Dist.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/bridgedb/Dist.py b/lib/bridgedb/Dist.py index 961d2ca..9a2b051 100644 --- a/lib/bridgedb/Dist.py +++ b/lib/bridgedb/Dist.py @@ -12,6 +12,7 @@

"""This module has functions to decide which bridges to hand out to whom."""

+import ipaddr import logging import re import time @@ -302,7 +303,14 @@ class IPBasedDistributor(Distributor): len(self.categories), n) bridgeFilterRules.append(g) - pos = self.areaOrderHmac("category<%s>%s" % (epoch, area)) + # Cluster Tor/proxy users into four groups. This means that + # no matter how many different Tor Exits or proxies a client + # uses, the most they can ever get is four different sets of + # bridge lines (per period). + group = (int(ipaddr.IPAddress(ip)) % 4) + 1 + logging.debug(("Assigning client hashring position based on: " + "known-proxy<%s>%s") % (epoch, group)) + pos = self.areaOrderHmac("known-proxy<%s>%s" % (epoch, group)) key1 = getHMAC(self.splitter.key, "Order-Bridges-In-Ring-%d" % n) break