Opened 2 years ago
Last modified 5 days ago
#21304 new defect
Sanitize snowflake.log
| Reported by: | arlolra | Owned by: | |
|---|---|---|---|
| Priority: | Medium | Milestone: | |
| Component: | Obfuscation/Snowflake | Version: | |
| Severity: | Normal | Keywords: | starter |
| Cc: | arma, Samdney | Actual Points: | |
| Parent ID: | Points: | 1 | |
| Reviewer: | Sponsor: |
Description (last modified by )
For starters, the timestamps are in the local timezone. We can make that UTC
See also #19026
Known problems:
- When the websocket server panics (as in #29125), it writes the client IP address to the log:
2019/01/18 18:56:29 http2: panic serving X.X.X.X:YYYY: interface conversion: *http2.responseWriter is not http.Hijacker: missing method Hijack
Child Tickets
Change History (8)
comment:1 Changed 2 years ago by
comment:3 Changed 10 months ago by
| Keywords: | starter added |
|---|
comment:4 Changed 10 months ago by
| Cc: | Samdney added |
|---|
comment:5 Changed 10 months ago by
| Cc: | Samdney removed |
|---|---|
| Keywords: | starter removed |
I think the highest priority for this ticket is to make sure that IP addresses don't end up in the logs. This can be a little tricky because IP addresses can show up as part of error messages. See scrubError in meek-server for a way of sanitizing certain kinds of errors. However for others, it may be necessary to do regex replacement or similar.
Also there are multiple "snowflake.log"s made by different programs: client, server, broker, proxy-go.
comment:6 Changed 10 months ago by
| Cc: | Samdney added |
|---|---|
| Keywords: | starter added |
comment:7 Changed 4 weeks ago by
| Description: | modified (diff) |
|---|
comment:8 Changed 5 days ago by
| Points: | → 1 |
|---|
Note: See
TracTickets for help on using
tickets.
Shouldn't Tor Browser be starting the snowflake stuff in UTC, so snowflake doesn't even get to *know* the local timezone?