[tor-bugs] #13267 [Onionoo]: escaped forward slashes in contact info
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Sep 29 11:59:18 UTC 2014
#13267: escaped forward slashes in contact info
---------------------------+----------------------------
Reporter: Sebastian | Owner:
Type: defect | Status: needs_revision
Priority: normal | Milestone:
Component: Onionoo | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
---------------------------+----------------------------
Changes (by karsten):
* status: new => needs_revision
Comment:
Good catch, Sebastian, and thanks for the patch, iwakeh. But we have to
be careful when fixing this problem. Let me explain:
Here's a server descriptor published by another currently running relay,
particularly the only relay that I found that has both characters `/` and
`'` in its contact line:
{{{
router DigitalBrains 83.161.152.50 21 0 0
or-address [2001:980:a370::8]:80
platform Tor 0.2.4.23 on Linux
protocols Link 1 2 Circuit 1
published 2014-09-28 06:57:28
fingerprint B41E 3847 4992 3487 4688 B2F3 54C6 764B 8589 EAF8
uptime 718153
bandwidth 1572864 10485760 2790125
extra-info-digest 7201355DF31896829B95CB970A63CD4D6BCFE93B
onion-key
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAKcLROc5/W6X7bsL5XX3+miireX/kU8HW2mC+Yp3OVD2bqccP++kZCUj
XWWEjWv4nUJ8OnbbFAFey4+/Oe7cIoySqfOgQK04iIiU8JTs1/16vtjYLPSGg2JW
kZrvWIsHlX1+/4y1PRnjr0VdHgxQKfuDS/Rc4+HtUNcqbFo5QqpbAgMBAAE=
-----END RSA PUBLIC KEY-----
signing-key
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAMT/Ev+LaTTtvmn+4zO3/w4XYcJTDdG7r+5G4Jsgkz3AwmMm6fUKZON5
QKDA3osPoC+R6sRR0PoWnXkWgab4nCOtVdzA9zyrcNHuMo4jFyhfO0QYK3jok+wv
oFhWygCleT0XIWtVrWCoA2kmM5iQpcfSry830cA2iwasRx9qNSVzAgMBAAE=
-----END RSA PUBLIC KEY-----
hidden-service-dir
contact 2048R/DE500B3E Peter Lebbing <tormail at (this router's nickname)
dot com>
ntor-onion-key 39Iw4BEaOdFRfvLo2Ko1Eg3iLS54jKSr1SwcBpcBP3Y=
reject *:*
router-signature
-----BEGIN SIGNATURE-----
BJqOVb7/EACgyNf1LpuyDcWT5hHoFrsPOY0+GoyQwPyh5ejruCwju856aZ7yVoJk
Iv2adms2ONiXFtAlTawTybptcpgXGmNaTXAeWnyFMdrYpWVkej0Ha2zHVl7hXJoH
5cKnN3SNYvqdxXdtBM9bnyPLfyvlqTnmPlKRTrV3W/g=
-----END SIGNATURE-----
}}}
The hourly cronjob has a first phase during which it writes descriptor
contents to a details status file. Here's what it writes for this
particular relay:
{{{
"desc_published": "2014-09-29 06:51:59",
"last_restarted": "2014-09-19 23:28:14",
"bandwidth_rate": 1572864,
"bandwidth_burst": 10485760,
"observed_bandwidth": 3127441,
"advertised_bandwidth": 1572864,
"exit_policy": [
"reject *:*"
],
"contact": "2048R\\/DE500B3E Peter Lebbing <tormail at (this router's
nickname) dot com>",
"platform": "Tor 0.2.4.23 on Linux"
}}}
During the second phase the hourly cronjob reads details status files and
writes them to details documents which will later be copied verbatim to
servlet responses. Here's the relay's details document:
{{{
{
"nickname": "DigitalBrains",
"fingerprint": "B41E3847499234874688B2F354C6764B8589EAF8",
"or_addresses": [
"83.161.152.50:21",
"[2001:980:a370::8]:80"
],
"last_seen": "2014-09-29 08:00:00",
"last_changed_address_or_port": "2014-09-26 09:00:00",
"first_seen": "2014-09-26 09:00:00",
"running": true,
"flags": [
"Fast",
"Guard",
"Running",
"Stable",
"Valid"
],
"country": "nl",
"country_name": "Netherlands",
"latitude": 52.5,
"longitude": 5.75,
"as_number": "AS3265",
"as_name": "XS4ALL Internet BV",
"consensus_weight": 3400,
"last_restarted": "2014-09-19 23:28:14",
"bandwidth_rate": 1572864,
"bandwidth_burst": 10485760,
"observed_bandwidth": 3127441,
"advertised_bandwidth": 1572864,
"exit_policy": [
"reject *:*"
],
"exit_policy_summary": {
"reject": [
"1-65535"
]
},
"contact": "2048R\\/DE500B3E Peter Lebbing <tormail at (this router's
nickname) dot com>",
"platform": "Tor 0.2.4.23 on Linux",
"advertised_bandwidth_fraction": 0.00012835582,
"consensus_weight_fraction": 0.0001344956,
"guard_probability": 0.0002506447,
"middle_probability": 0.00015283491,
"exit_probability": 0,
"recommended_version": true
}
}}}
The easy fix would be to update the `escapeJSON` and `unescapeJSON`
methods in `DetailsDocument` similar to iwakeh's patch. Newly written
details documents would then not contain escaped forward slashes anymore.
(There's no easy way to force rewriting details documents, but we could
write a simple script or Java tool that goes over all files in
`out/details/`, removes backslashes, and rewrites files.)
The harder fix would be to also apply iwakeh's patch. The reason is that
the hourly cronjob would read old and new details status files, and it
wouldn't handle old status files correctly. (I didn't go through all
steps there, but I '''think''' this would break.) So, we'd have to first
go through all old status files and update them and then apply the patch.
This needs testing before we should apply it to the production system.
Plus, we'll also have to do the easy fix to `DetailsDocument`, or our
changes won't be effective at all.
iwakeh, would you want to prepare a revised patch and test it on a local
Onionoo instance?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13267#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list