[tor-commits] [snowflake/master] Modified broker /debug page to display counts only

[cohosh at torproject.org]

commit 00eb4aadf57b66bc4d53801d4113e8402f31cd6f
Author: Cecylia Bocovich <cohosh at torproject.org>
Date:   Fri Aug 23 10:58:20 2019 -0400

    Modified broker /debug page to display counts only
    
    The broker /debug page was displaying proxy IDs and roundtrip times. As
    serna pointed out in bug #31460, the proxy IDs can be used to launch a
    denial of service attack. As the metrics team pointed out on #21315, the
    round trip time average can be potentially sensitive.
    
    This change displays only proxy counts and uses ID lengths to
    distinguish between standalone proxy-go instances and browser-based
    snowflake proxies.
---
 broker/broker.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/broker/broker.go b/broker/broker.go
index 259b75a..4a88b94 100644
--- a/broker/broker.go
+++ b/broker/broker.go
@@ -255,10 +255,17 @@ func proxyAnswers(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
 
 func debugHandler(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
 	s := fmt.Sprintf("current snowflakes available: %d\n", ctx.snowflakes.Len())
+
+	var browsers, standalones int
 	for _, snowflake := range ctx.idToSnowflake {
-		s += fmt.Sprintf("\nsnowflake %d: %s", snowflake.index, snowflake.id)
+		if len(snowflake.id) < 16 {
+			browsers++
+		} else {
+			standalones++
+		}
 	}
-	s += fmt.Sprintf("\n\nroundtrip avg: %d", ctx.metrics.clientRoundtripEstimate)
+	s += fmt.Sprintf("\tstandalone proxies: %d", standalones)
+	s += fmt.Sprintf("\n\tbrowser proxies: %d", browsers)
 	w.Write([]byte(s))
 }