ExitNodes config use fingerprint rather than nickname

Wesley Kenzie wkenzie at shaw.ca
Thu May 8 20:13:28 UTC 2008


> -----Original Message-----
> From: owner-or-dev at freehaven.net 
> [mailto:owner-or-dev at freehaven.net] On Behalf Of Nick Mathewson
> Sent: May 7, 2008 5:21 PM
> To: or-dev at freehaven.net
> Subject: Re: ExitNodes config use fingerprint rather than nickname
> 
> 
> On Wed, May 07, 2008 at 02:54:19PM -0700, Wesley Kenzie wrote:
> > I am considering trying my hand at a patch to allow 
> fingerprints to be 
> > used in place of nicknames for ExitNodes and EntryNodes config 
> > variables.  (There are quite a few duplicate nicknames 
> floating around 
> > which are not immediately obvious. I added a list of them 
> yesterday to 
> > http://www.pickaproxy.com/?speak=tor so they can be easily 
> > identified.)  The problem currently is that duplicate 
> nicknames cannot 
> > be used as specified exit or entry nodes.
> 
> This feature already exists.  Just stick a $ before the 
> fingerprint, as in:
> 
> EntryNodes $70A08C76BCB9ADE55907029B83DB6891957AC92C
> 
> If you want to force a given name binding, you can use the format
>   $70A08C76BCB9ADE55907029B83DB6891957AC92C=peacetime
> to only match a "Named" server with the given nickname and key, or
>   $70A08C76BCB9ADE55907029B83DB6891957AC92C~peacetime
> to match any server with the given nickname and key.
> 
> This feature could be better documented, though, and I'd love 
> to get a documentation patch to explain all of this better. :)
> 

Sounds good, Nick.  Unfortunately I have not been able to get any of the 3
formats to work.  I'm using 0.2.0.25-rc (r14442) and specifying --ExitNodes
on the command line.  The [warn] message "Failed to parse/validate config:
Invalid nickname '529436598DEE2E3AAA07490A563451934591373~Unnamed' in
ExitNodes line" also incorrectly identifies the fingerprint.  The first
character is being chopped off.  In this case there should be a '8' at the
beginning of that fingerprint.

Another example: "[warn] Failed to parse/validate config: Invalid nickname
'6CF4871F49A7A5494543FFF39B167481EBFE7FB~Torzurweitenwelt' in ExitNodes
line".  There should be a '9' in the first position of that nickname.

I'm afraid a patch for this is beyond my current capabilities, but I would
be glad to assist in any way.

Wesley




More information about the tor-dev mailing list