Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#4207 closed defect (fixed)

allow directory authorities to badexit by country code

Reported by: arma Owned by:
Priority: High Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: easy small-feature tor-auth
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Now that we have many thousands of users in Syria, some dozen of them click 'share' each day.

There's a broader discussion to be had here around whether these are useful relays for the Tor network at all (generally the relays we have there are short-lived and trivial-capacity, so maybe it doesn't matter so much), but I don't think we want to subject our users in the 'free' countries (whatever those are) to Bluecoat's filters.

I was going to go make a few hundred authdirbadexit lines when I realized that the authorities already have a geoip db built-in and they could just do the lookup themselves.

I marked 'minor' priority since whether we actually want to deploy the feature probably wants more discussion.

Child Tickets

Change History (10)

comment:1 in reply to:  description Changed 8 years ago by arma

Replying to arma:

but I don't think we want to subject our users in the 'free' countries (whatever those are) to Bluecoat's filters.

In favor of "yes we should do it", I'll append "and known surveillance and logging infrastructure" to the sentence.

comment:2 Changed 8 years ago by arma

Keywords: easy added
Priority: minormajor

If this feature were in Tor, I would enable it on moria1 today for several country-codes.

Anybody want to help? :)

comment:3 Changed 8 years ago by nickm

Keywords: small-feature added

comment:4 Changed 8 years ago by nickm

Status: newneeds_review

Please review branch feature4207 in my public repository.

In particular, please make sure i haven't busted any boolean logic in policies.c

comment:5 Changed 8 years ago by arma

+   * Lists of of country codes to mark as BadDir, BadExit, or Invalid, or to
+   * reject entirely.
[...]
+  smartlist_t *AuthDirRejectCC;
+  smartlist_t *AuthDirInvalidCC;

wants to be reordered

insentive

otherwise, patch looks plausible. thanks!

comment:6 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Fixed & merged

comment:7 Changed 8 years ago by arma

Resolution: fixed
Status: closedreopened
Jan 16 21:07:40.715 [notice] Read configuration file "/home/tord/auto-naming/mor
ia1-orrc".
Jan 16 21:07:40.716 [err] options_dup(): Bug: Config_get_assigned_option() gener
ated something we couldn't config_assign(): Unknown option 'AuthDirBadDirCCs'.  
Failing.
Jan 16 21:07:40.716 [err] options_dup(): Bug: config.c:3056: options_dup: Assert
ion 0 failed; aborting.
config.c:3056 options_dup: Assertion 0 failed; aborting.
Aborted (core dumped)
#0  0x00007fb72f43b165 in *__GI_raise (sig=<value optimized out>)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007fb72f43df70 in *__GI_abort () at abort.c:92
#2  0x000000000047ce0d in options_dup (old=0x115c9d0,
    fmt=<value optimized out>) at config.c:3056
#3  0x000000000047f610 in options_init_from_string (cf_defaults=0x11540b0 "",
    cf=0x1154ad0 "DisableDebuggerAttachment 0\n\n#GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays 1\n\npidfile moria1.pid\n\ngeoipfile ../git/src/config/geoip\n\n#V3AuthVotingInterval 30 minutes\n\n#protocolwarnings 1\n\nlog notice"...,
    command=<value optimized out>, command_arg=<value optimized out>,
    msg=0x7fff58509778) at config.c:4600
#4  0x000000000047f887 in options_init_from_torrc (argc=<value optimized out>,
    argv=0x7fff585099f8) at config.c:4540
#5  0x00000000004090fe in tor_init (argc=3, argv=0x7fff585099f8) at main.c:2298
#6  0x000000000040a2c3 in tor_main (argc=<value optimized out>,
    argv=0x7fff585099f8) at main.c:2612
#7  0x00007fb72f427c4d in __libc_start_main (main=<value optimized out>,
    argc=<value optimized out>, ubp_av=<value optimized out>,
    init=<value optimized out>, fini=<value optimized out>,
    rtld_fini=<value optimized out>, stack_end=0x7fff585099e8)
    at libc-start.c:228
#8  0x00000000004087c9 in _start ()

comment:8 Changed 8 years ago by arma

Resolution: fixed
Status: reopenedclosed

solved in commit 1e923dd2fbdc

comment:9 Changed 7 years ago by nickm

Keywords: tor-auth added

comment:10 Changed 7 years ago by nickm

Component: Tor Directory AuthorityTor
Note: See TracTickets for help on using tickets.