wiki:org/roadmaps/BridgeDB

Overview

BridgeDB is the core of the Tor bridge backend. It provides for various pools in doling out bridge relays on user request via SMTP, HTTPS, instant messaging, and a few reserved pools given out by hand to real-world physical networks. The code repository is at https://gitweb.torproject.org/bridgedb.git.

TODO List

(Sponsor D, deliverable 21 for Sep 30)

  • Write a BridgeDB specification (#1606).
  • Add code that will make it possible to request bridges for a certain country like so: By mail: bridges+zh@… By HTTP: https://bridges.torproject.org/zh (#1607).
  • If we know a certain bridge is blocked in a certain country, don’t give out that bridge to that country (#1608 and #1837).
  • Add code that will give out bridges in a localized way (gettext). For that, put all messages in need for translation in one file (#1609).
  • Design algorithm to rotate available bridges over time (#1839).
  • Turn mail requests into ’subscriptions’: People mail ’subscribe bridges’ to us, we put them in a database and send them bridges periodically. To not send mails to users that long have forgotten about their subscription, make them re-subscribe periodically by putting a ”Reply to this mail or you won’t get any more bridges” text somewhere in a mail we send them with fresh bridges (#1610).
  • Increase the "reserved" share of bridges (#1611).
  • Group reserved bridges into buckets for people, write those buckets to files on request (so that those files can be used by Roger or $foo to give to trusted people) (#1612).
  • i18n bridgedb (#1613).
  • Drop email-to-bridge mappings after N days.
  • Bump up epoch length a lot.
  • Test DB migration code.
  • Drop email persistence.
  • Rate-limit email replies (#1860).
  • Stop looking for "get bridges" in emails.
  • Clean email backend periodically
  • List only one bridge per /16 per reply.
  • It keeps corrupting its database, causing Roger to delete the old database and undermine this whole give-the-same-answer-each-time design (#1098).
  • Send back an email even if there aren't any bridges
  • Check dkim headers for sanity.
  • Make the 'magic word' for the email configurable, case-tolerant, HTML-tolerant, and punctuation-tolerant
    • for bonus points, make it Base64-tolerant
  • Make all the rest of the email options configurable.
  • Bug: the email handler gets really upset when the email doesn't have a message-id header in it.
  • When we hit the end of a period, forget the email address history.
  • When sending bridges to an email address in the history, check for liveness.
  • Make bounces go to the right address.
  • Make address sent in "mail from" command configurable. Actually configure it.
  • Make the bridge list you get back include at least one non-443 bridge. It turns out sometimes 443 isn't all it's cracked up to be.

Not now:

  • Check that the incoming IP address of an email is sane.
  • Check more email headers for sanity.

Later:

  • Document stuff better
  • Better area division logic
  • Make all proxies get stuck in their own area.
  • Implement slightly nicer logging
  • Add CAPTCHAs (ugh, this doesn't stop anything, do we have to?) (#1836)
  • Decent template for web interface
  • Decent template for mail interface
  • Implement a 'help' command

* Reload configuration on sighup; not just bridges.

  • Reply with locale support.
  • Check host option in HTTP.

Tickets for BridgeDB Upgrades Phase 1 No results

Last modified 15 months ago Last modified on Apr 20, 2016, 7:34:31 AM