Opened 12 years ago

Last modified 7 years ago

#382 closed defect (Implemented)

IPs are shown in logfile

Reported by: Maschi Owned by: nickm
Priority: Low Milestone:
Component: Core Tor/Tor Version: 0.1.2.5-alpha
Severity: Keywords:
Cc: arma, Maschi Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hi,

first: This bug occurs in 0.1.2.6-alpha.

The bug:
With the log option "notice" the following messages appear in the logfile often:
--snip--
... [warn] Other side (x.x.x.x:443) has a cert without a valid nickname. Closing.
... [warn] Identity key not as expected for router at x.x.x.x:9001: wanted ....
---snap-
where x.x.x.x is a clearly visible IP which was masked by me in this note.

Regards,
Joerg

[Automatically added by flyspray2trac: Operating System: Other Linux]

Child Tickets

Change History (9)

comment:1 Changed 12 years ago by arma

Are you sure you're a server? Servers don't see those log messages when
they set loglevel notice. (The only way it might happen is if you set
ProtocolWarnings 1 in your torrc.)

More generally, this is an IP address of a Tor server, not a Tor user.
We don't try to hide every IP address on the Internet...just the ones
from clients.

comment:2 Changed 12 years ago by nickm

I added a fix for part of this issue in r9391: we now treat the IPs of _incoming_ TLS
connections as client IPs, and don't log them unless SafeLogging is set to 0. I also
tried to make the error messages more clear about which TLS handshakes are incoming
(and possibly from clients) and which are outgoing (and so either to a router or a
very confused TLS server.)

I'll leave this bug open so Joerg has time to answer Roger's question.

comment:3 Changed 12 years ago by Maschi

@ Roger
Yes, it's a server and yes, ProtocolWarnings is set to 1.

Because of the servers location (Germany) and the german "way" of surveillance the patch of Nick sounds good.
So it will be possible for german servers to use messages from Tor for debugging without any fear that the server is a target for government due to logging of connections.

As of now i set ProtocolWarnings to 0.

Thx.

comment:4 Changed 12 years ago by nickm

reopened at user request. What's the issue?

comment:5 Changed 12 years ago by Maschi

In version 0.1.2.7-alpha with ProtocolWarnigs 1 and SafeLogging 0 IPs are still shown:
---snip---
.... [warn] Identity key not as expected for router at x.x.x.x:9001: wanted .....
.... [warn] Identity key not as expected for peer claiming to be 'yy' (y.y.y.y:9001)
---snap---
(IPs and 'yy' are scrubbed by me.)

I'm not sure if these warnings belong to incoming TLS connection.

comment:6 Changed 12 years ago by nickm

This is indeed an outgoing TLS connection. I'll try to find some way to make this more
obvious in the messages.

comment:7 Changed 12 years ago by nickm

Okay, svn revision 9568 should (among other stuff) make these messages even clearer.

comment:8 Changed 12 years ago by nickm

flyspray2trac: bug closed.

comment:9 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.