[or-cvs] r11977: Once more, Ahem. (weather/trunk)
pde at seul.org
pde at seul.org
Tue Oct 16 08:10:12 UTC 2007
Author: pde
Date: 2007-10-16 04:10:12 -0400 (Tue, 16 Oct 2007)
New Revision: 11977
Added:
weather/trunk/README
weather/trunk/TODO
Log:
Once more, Ahem.
Added: weather/trunk/README
===================================================================
--- weather/trunk/README (rev 0)
+++ weather/trunk/README 2007-10-16 08:10:12 UTC (rev 11977)
@@ -0,0 +1,25 @@
+This is the Tor Weather server. It offers a service that allows users to sign
+up for email alerts in case a particular tor node becomes unreachable.
+
+The process runs a web server which allows users to sign up for these alerts.
+Subscription confirmations, and the email alerts themselves, are sent via SMTP
+on localhost:25.
+
+On debian systems, the following packages are required to run it:
+
+python2.5
+python-gdbm
+python-dns
+python-webpy
+tor
+
+/etc/tor/torrc should be configured to enable the control port and insist upon
+authentication. Plaintext control port authentication information
+should be placed in config.py, along with a publicly addressable url prefix
+("http://server.domain.com:port").
+
+Weather stores its records in a set of gdbm databases: requests.gdbm,
+subscriptions.gdbm, unsubscriptions.gdbm, and failures.gdbm. For real usage,
+it absolutely essential to backup subscriptions.gdbm properly, and
+unsubscriptions.gdbm is pretty important too (though the code could be modified
+to recover from its loss).
Added: weather/trunk/TODO
===================================================================
--- weather/trunk/TODO (rev 0)
+++ weather/trunk/TODO 2007-10-16 08:10:12 UTC (rev 11977)
@@ -0,0 +1,15 @@
+* Security audit
+
+* Fix TorCtl.Connection.close()
+
+* What happens if the openssl command gets a go-slow DOS attack in response?
+
+* Might someone attack weather with a huge number of spurious subscription requests? Should we have
+ exponential backoff or similar?
+
+* figure out how to disable HTTP logging through web.py, and should decide what
+ diagnostic logging makes sense (currently, there is a debug variable in each
+ of weather.py and poll.py; turning these on currently produces a lot of
+ semi-informative chatter on stdout and turns the web server into an oracle
+ for whether address x has already subscribed to alerts about node y, which is
+ of course unsatisfactory)
More information about the tor-commits
mailing list