Opened 2 years ago
Last modified 5 days ago
#21304 new defect
Sanitize snowflake.log
Reported by: | arlolra | Owned by: | |
---|---|---|---|
Priority: | Medium | Milestone: | |
Component: | Obfuscation/Snowflake | Version: | |
Severity: | Normal | Keywords: | starter |
Cc: | arma, Samdney | Actual Points: | |
Parent ID: | Points: | 1 | |
Reviewer: | Sponsor: |
Description (last modified by )
For starters, the timestamps are in the local timezone. We can make that UTC
See also #19026
Known problems:
- When the websocket server panics (as in #29125), it writes the client IP address to the log:
2019/01/18 18:56:29 http2: panic serving X.X.X.X:YYYY: interface conversion: *http2.responseWriter is not http.Hijacker: missing method Hijack
Child Tickets
Change History (8)
comment:1 Changed 2 years ago by
comment:3 Changed 10 months ago by
Keywords: | starter added |
---|
comment:4 Changed 10 months ago by
Cc: | Samdney added |
---|
comment:5 Changed 10 months ago by
Cc: | Samdney removed |
---|---|
Keywords: | starter removed |
I think the highest priority for this ticket is to make sure that IP addresses don't end up in the logs. This can be a little tricky because IP addresses can show up as part of error messages. See scrubError in meek-server for a way of sanitizing certain kinds of errors. However for others, it may be necessary to do regex replacement or similar.
Also there are multiple "snowflake.log"s made by different programs: client, server, broker, proxy-go.
comment:6 Changed 10 months ago by
Cc: | Samdney added |
---|---|
Keywords: | starter added |
comment:7 Changed 4 weeks ago by
Description: | modified (diff) |
---|
comment:8 Changed 5 days ago by
Points: | → 1 |
---|
Note: See
TracTickets for help on using
tickets.
Shouldn't Tor Browser be starting the snowflake stuff in UTC, so snowflake doesn't even get to *know* the local timezone?