[tor-commits] [flashproxy/master] Scrub IP addresses in connector.
dcf at torproject.org
dcf at torproject.org
Wed Jul 4 14:33:23 UTC 2012
commit ec5fadb60d4c6a702dcc25d4e0cb40c79ea97f25
Author: David Fifield <david at bamsoftware.com>
Date: Wed Jul 4 07:26:10 2012 -0700
Scrub IP addresses in connector.
---
connector.py | 43 +++++++++++++++++++++++++++++++++++--------
1 files changed, 35 insertions(+), 8 deletions(-)
diff --git a/connector.py b/connector.py
index 7a180df..8afd0c0 100755
--- a/connector.py
+++ b/connector.py
@@ -46,6 +46,7 @@ class options(object):
daemonize = False
register = False
pid_filename = None
+ safe_logging = True
# We accept up to this many bytes from a socket not yet matched with a partner
# before disconnecting it.
@@ -72,13 +73,21 @@ facilitator is used; if omitted, it uses a public default.
-h, --help show this help.
-l, --log FILENAME write log to FILENAME (default stdout).
--pidfile FILENAME write PID to FILENAME after daemonizing.
- -r, --register register with the facilitator.\
+ -r, --register register with the facilitator.
+ --unsafe-logging don't scrub IP addresses from logs.\
""" % {
"progname": sys.argv[0],
"local": format_addr((DEFAULT_LOCAL_ADDRESS, DEFAULT_LOCAL_PORT)),
"remote": format_addr((DEFAULT_REMOTE_ADDRESS, DEFAULT_REMOTE_PORT)),
}
+def safe_str(s):
+ """Return s if options.safe_logging is true, and "[scrubbed]" otherwise."""
+ if options.safe_logging:
+ return "[scrubbed]"
+ else:
+ return s
+
def log(msg):
print >> options.log_file, (u"%s %s" % (time.strftime(LOG_DATE_FORMAT), msg)).encode("UTF-8")
options.log_file.flush()
@@ -133,6 +142,22 @@ def format_addr(addr):
else:
return u"%s:%d" % (host, port)
+def safe_format_addr(addr):
+ return safe_str(format_addr(addr))
+ host, port = addr
+ if not host:
+ return u":%d" % port
+ # Numeric IPv6 address?
+ try:
+ addrs = socket.getaddrinfo(host, port, 0, socket.SOCK_STREAM, socket.IPPROTO_TCP, socket.AI_NUMERICHOST)
+ af = addrs[0][0]
+ except socket.gaierror, e:
+ af = 0
+ if af == socket.AF_INET6:
+ return u"[%s]:%d" % (host, port)
+ else:
+ return u"%s:%d" % (host, port)
+
def apply_mask_numpy(payload, mask_key):
@@ -419,7 +444,7 @@ def listen_socket(addr):
def format_peername(s):
try:
- return format_addr(s.getpeername())
+ return safe_format_addr(s.getpeername())
except socket.error, e:
return "<unconnected>"
@@ -591,7 +616,7 @@ def handle_socks_request(fd):
# Error reply.
fd.sendall(struct.pack(">BBHBBBB", 0, 91, 0, 0, 0, 0, 0))
return False
- log(u"Got SOCKS request for %s." % format_addr(dest_addr))
+ log(u"Got SOCKS request for %s." % safe_format_addr(dest_addr))
fd.sendall(struct.pack(">BBHBBBB", 0, 90, dest_addr[1], 127, 0, 0, 1))
# Note we throw away the requested address and port.
return True
@@ -770,15 +795,15 @@ def main():
for fd in rset:
if fd == remote_s:
remote_c, addr = fd.accept()
- log(u"Remote connection from %s." % format_addr(addr))
+ log(u"Remote connection from %s." % safe_format_addr(addr))
websocket_pending.append(TimeoutSocket(remote_c))
elif fd == local_s:
local_c, addr = fd.accept()
- log(u"Local connection from %s." % format_addr(addr))
+ log(u"Local connection from %s." % safe_format_addr(addr))
socks_pending.append(local_c)
register()
elif fd in websocket_pending:
- log(u"Data from WebSocket-pending %s." % format_addr(addr))
+ log(u"Data from WebSocket-pending %s." % safe_format_addr(addr))
protocols = handle_websocket_request(fd)
if protocols is not None:
wrapped = RemoteSocket(fd, protocols)
@@ -789,7 +814,7 @@ def main():
websocket_pending.remove(fd)
report_pending()
elif fd in socks_pending:
- log(u"SOCKS request from %s." % format_addr(addr))
+ log(u"SOCKS request from %s." % safe_format_addr(addr))
if handle_socks_request(fd):
wrapped = LocalSocket(fd)
locals.append(wrapped)
@@ -833,7 +858,7 @@ def main():
report_pending()
if __name__ == "__main__":
- opts, args = getopt.gnu_getopt(sys.argv[1:], "f:hl:r", ["daemon", "facilitator=", "help", "log=", "pidfile=", "register"])
+ opts, args = getopt.gnu_getopt(sys.argv[1:], "f:hl:r", ["daemon", "facilitator=", "help", "log=", "pidfile=", "register", "unsafe-logging"])
for o, a in opts:
if o == "--daemon":
options.daemonize = True
@@ -848,6 +873,8 @@ if __name__ == "__main__":
options.pid_filename = a
elif o == "-r" or o == "--register":
options.register = True
+ elif o == "--unsafe-logging":
+ options.safe_logging = False
if len(args) == 0:
options.local_addr = (DEFAULT_LOCAL_ADDRESS, DEFAULT_LOCAL_PORT)
More information about the tor-commits
mailing list