Opened 11 years ago

Last modified 7 years ago

#674 closed defect (Fixed)

Functions not scrubbing IP addresses from log entries.

Reported by: jasemandude Owned by:
Priority: Very Low Milestone:
Component: Core Tor/Tor Version: 0.2.0.25-rc
Severity: Keywords:
Cc: jasemandude, arma, nickm Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

A couple of functions aren't scrubbing IP addresses from log entries:

Apr 26 18:58:49.052 [Debug] circuit_handle_first_hop(): Looking for firsthop '194.109.206.212:443'
Apr 26 18:58:49.132 [Debug] connection_connect(): Connecting to [scrubbed]:443.

[...]

Apr 26 18:58:54.345 [Debug] connection_or_finished_connecting(): OR connect() to router at 194.109.206.212:443 finished.

[Automatically added by flyspray2trac: Operating System: OSX 10.5 Leopard]

Child Tickets

Change History (8)

comment:1 Changed 11 years ago by jasemandude

Also:

Apr 26 18:59:00.320 [Debug] connection_tls_finish_handshake(): tls handshake with 194.109.206.212 done. verifying.
Apr 26 18:59:00.409 [Debug] connection_or_check_valid_tls_handshake(): The certificate seems to be valid on outgoing connection with 194.109.206.212:443

comment:2 Changed 11 years ago by arma

We only tried to make sure we scrubbed notice, warn, and err messages. There
remain plenty of debug and info messages that aren't scrubbed.

Tor relays should be logging at notice in normal operation.

But that said, if you want to provide a patch to clean up some of the other
log entries, that would be great.

comment:3 Changed 11 years ago by nickm

Apr 26 18:59:00.320 [Debug] connection_tls_finish_handshake(): tls handshake with 194.109.206.212 done. verifying.

This was the only one that can happen with an incoming connection and potentially leak a user's address. The others
only leak the addresses of routers. I've checked in a fix for this one.

comment:4 Changed 11 years ago by aodzicqgjoav

this is a real problem with hidden services:
try www.yourfavouritehiddenservice.onion
tor will log an unscrubbed message, when your preference is set to notice.

okay, onions do not know subdomains. But firefox tries to prepend www. if a url is not loading. So everytime a .onion address is down or not reachable, you will have its name written into the logfile.

comment:5 Changed 11 years ago by nickm

Could you paste the actual log message in question? That makes it a lot easier to search through the code for it.

comment:6 Changed 11 years ago by nickm

Okay; that's the ones in the original bug report and the followup messages fixed, I believe. I guess we get a new
bug report the next time somebody spots one of these.

comment:7 Changed 11 years ago by nickm

flyspray2trac: bug closed.

comment:8 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.