Opened 6 years ago

Closed 6 years ago

#10884 closed enhancement (fixed)

Tor should print out the SHA-1 bridge fingerprint once that's more common as search string in Globe

Reported by: karsten Owned by: karsten
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Once the whole fingerprint hash business is more common, because people are actually getting used to using their fingerprint hash in Globe, we should discuss writing a hashed-fingerprint file and printing the hashed fingerprint to the logs on bridges.

Putting this into Tor: unspecified for now and making a local note to reconsider this in a month or two. Nothing actionable right now.

Child Tickets

Change History (7)

comment:1 Changed 6 years ago by nickm

This seems simple and obviously right. Why not do it now?

comment:2 Changed 6 years ago by karsten

Status: newneeds_review

Sure, we can do it now. Please review my branch bug10884 which writes log messages like these:

Feb 26 13:50:36.501 [notice] Your Tor server's identity key fingerprint is 'Unnamed 530FA95A79B9145D315F15F01215BE2F3BE921EB'
Feb 26 13:50:36.501 [notice] Your Tor bridge's hashed identity key fingerprint is 'Unnamed 83D1AC9EC2F15D7024278461DC91A8B2E9BBF43A'

comment:3 Changed 6 years ago by nickm

Status: needs_reviewneeds_revision
  • As usual, I'd be more comfortable with tor_asprintf() than tor_snprintf().
  • I think the filename should be more like "hashed-fingerprint"? Or if not, the state file documentation should explain why bridges do this.
  • We can tighten the code there a little, and why not.
  • Test test test.

I've tried banging on this as branch "bug10884". If you like it, I'll merge it.

comment:4 in reply to:  3 Changed 6 years ago by karsten

Replying to nickm:

  • As usual, I'd be more comfortable with tor_asprintf() than tor_snprintf().

Ah, I only moved code around. But I'll try to remember to use tor_asprintf in the future when I write new code. It does look cleaner.

  • I think the filename should be more like "hashed-fingerprint"? Or if not, the state file documentation should explain why bridges do this.

Actually, the new filename is "hashed-fingerprint". Should we add another sentence to the state file documentation saying why bridges write this file? How about "Bridge operators should use the hashed fingerprint to look up their bridge on Tor status websites, because the (non-hashed) fingerprint could be used to find out the bridge's IP address." Or something shorter? Or something in better English?

  • We can tighten the code there a little, and why not.

Looks good!

  • Test test test.

Did you forget to git add src/test/test_routerkeys.c? Your branch doesn't compile for me.

I've tried banging on this as branch "bug10884". If you like it, I'll merge it.

From reading the code, I like it. I can run some simple tests with tor --list-fingerprint once your branch compiles for me, either before or after you merge.

As usual, thanks!

comment:5 Changed 6 years ago by nickm

ok, added that file. looks ok now?

comment:6 Changed 6 years ago by karsten

Looks good now!

comment:7 Changed 6 years ago by nickm

Resolution: fixed
Status: needs_revisionclosed

squashed and merged. thanks!

Note: See TracTickets for help on using tickets.