Add support for publishing test-helpers and collectors to bouncer
This issue was automatically migrated from github issue https://github.com/TheTorProject/ooni-probe/issues/183.
The ooni-probe bouncer should also expose an API for allowing test-helpers and collectors to advertise their presence to the bouncer.
The most simple way of doing this is simply exposing a public API on the bouncer side that allows you to POST a message with a payload like so:
{
'collector': 'httpo://thirteenchars1234.onion/',
'http-return-json-headers': 'http://172.168.1.1',
'dns': '172.168.1.1:53'
}
The bouncer will then just add this to the list of collectors and bouncer it is aware of.
The drawback with this approach is that it allows anybody, even not authenticated, to pollute the database with random bouncer addresses.
I think this is mainly a threat to availability since it could lead to a malicious actor to polluting the bouncer with non-working bouncers.
A better approach would be to have the JSON document be signed.
There are quite a few approaches to singing JSON documents, but the one I personally like most is this: https://camlistore.googlesource.com/camlistore/+/master/doc/json-signing/json-signing.txt.
Though I would like feedback from @nathan-at-least on this matter.
At this point we can have the bouncer have a list of approved public keys that can publish to the bouncer and we will only accept publication of reports that have been signed.
I would suggest we implement the publication of bouncer addresses to the bouncer via a iterative process. We first implement the unauthenticated method and then we implement it via signing.