Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#10183 closed enhancement (fixed)

Get bridgedb back to using bulkexitlist

Reported by: arma Owned by:
Priority: Medium Milestone:
Component: Circumvention/BridgeDB Version:
Severity: Keywords:
Cc: arlolra, isis Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

bridgedb uses bulkexitlist to recognize when a user is coming from a Tor exit, so it's harder to enumerate the address-based pool just by coming through Tor.

But we have varied over the past year which list we use, since the main bulkexitlist was flaky.

When I was last the maintainer for bridgedb, I had a cron running on moria1 to generate an exitlist, and I had bridgedb fetch it via wget periodically. Are we still doing that, or did we move to something else? Now that the new check seems more stable, we should consider moving back to the main source.

Child Tickets

Change History (9)

comment:1 Changed 6 years ago by arma

Summary: Get bridgedb back to use bulkexitlistGet bridgedb back to using bulkexitlist

comment:2 Changed 6 years ago by arma

sysrqb tells me that bridgedb is in fact still using the hacked-together exitlist that moria makes.

That exitlist does no active testing so it misses all multihomed exits.

comment:3 Changed 6 years ago by sysrqb

Sounds great! How do we use it? :) I skimmed Check's About.md but it mentions that it uses TorDNSEL. Does it publish a new list that we can download periodically?

comment:4 Changed 6 years ago by arma

comment:5 Changed 6 years ago by sysrqb

Nifty. Done. Thanks! I think we want to add #4771 so we have an easier time checking that this is working correctly, but I think a new ticket is more appropriate if something is broken.

comment:6 Changed 6 years ago by sysrqb

Resolution: fixed
Status: newclosed

comment:7 Changed 6 years ago by sysrqb

Cc: isis added

comment:8 Changed 6 years ago by isis

See #4405 and this branch for a twisted.internet.protocol.Protocol class for handling downloading the exitlist from within bridgedb and parsing/loading it asynchronously into the ProxyCategory/ProxyList. There is a URL in there somewhere that should be changed to the above one. :)

comment:9 Changed 6 years ago by arlolra

You can get the data in JSON by appending &format=json to the above or trying out the newer, implementation agnostic url https://check.torproject.org/api/bulk?ip=38.229.72.19&port=443

Note: See TracTickets for help on using tickets.