Opened 4 years ago

Last modified 4 months ago

#17159 new defect

Deploy the PT reachability tests on some centralised system which reports to BridgeDB/BridgeAuth

Reported by: isis Owned by:
Priority: High Milestone:
Component: Circumvention/Pluggable transport Version:
Severity: Normal Keywords: tor-bridge, bridgedb, bridgeauth, bridge-reachability, pt
Cc: yawning, isis, gk Actual Points:
Parent ID: #7349 Points:
Reviewer: Sponsor:

Description

We need PT reachability tests for all bridges once #7349 is complete, or much preferably before.

I propose we deploy the solution from #6396 on some new, separate machine which reports to BridgeDB or the BridgeAuth.

For reporting purposes, I also propose we define a better (e.g. more future-proof) system for specifying which PT instance we are talking about for which bridge. In general, it should be capable of handling:

  • Both RSA and Ed25519 relay identity fingerprints/keys,
  • Multiple instances of the same PT (#11211),
  • Specifying which transport is/was/should be running

Basically, I expect this to (nearly?) be the full PT bridge line. Should it include PT args? E.g. the cert= field for obfs4? (Perhaps it would be simplest to just define it as the full bridge line that BridgeDB would give out, to reduce code duplication and parsing.)

I also propose that the set of PTs which are used to test are the same PTs which are, by default, bundled in Tor Browser. (Should we use the set from alpha or stable?) E.g. if your bridge is only running the snarggleblarf PT and has no ORPort, and TB doesn't know what the snarggleblarf PT is, then for the purposes of the test, we've no idea if your bridge is Running or not.

Lastly, what does it mean if a bridge without an ORPort, and running obfs3, fte, and obfs4, is found to only be reachable via obfs4? Does this bridge still get the Running flag from the BridgeAuth? Should there be some per-bridge-line Running flag? If this data is reported to the BridgeAuth, how will the BridgeAuth communicate it to BridgeDB (so that BridgeDB knows what to hand out)?

Related: #5211, #13589

Child Tickets

Change History (7)

comment:1 Changed 4 years ago by isis

I have no idea what component this is. It's somewhere between Tor, PTs, BridgeDB, and possibly OONI. Feel free to recategorise.

comment:2 Changed 4 years ago by isis

Parent ID: #7349

comment:3 Changed 20 months ago by gk

Cc: gk added
Severity: Blocker

comment:4 Changed 20 months ago by gk

Severity: BlockerNormal

comment:5 Changed 11 months ago by isis

Owner: isis deleted
Status: newassigned

comment:6 Changed 10 months ago by teor

Status: assignednew

Make everything that is assigned to no-one new again.

comment:7 Changed 4 months ago by cohosh

tickets were assigned to asn, setting them as unassigned (new) again.

Note: See TracTickets for help on using tickets.