[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [bridgedb/master] Make bridge fingerprints configurable



Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Sun, 27 Sep 2009 12:29:33 -0400
Subject: Make bridge fingerprints configurable
Commit: e4b5104dbe21af926737c09111836f1ff69c6e7c

---
 bridgedb.conf           |    8 ++++++++
 lib/bridgedb/Bridges.py |   11 +++++++----
 lib/bridgedb/Main.py    |   13 +++++++++++++
 lib/bridgedb/Server.py  |   16 +++++++++++-----
 4 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/bridgedb.conf b/bridgedb.conf
index 47fd857..d28775a 100644
--- a/bridgedb.conf
+++ b/bridgedb.conf
@@ -78,6 +78,10 @@ HTTP_USE_IP_FROM_FORWARDED_HEADER = False
 # How many bridges do we give back in an answer?
 HTTPS_N_BRIDGES_PER_ANSWER=3
 
+# Should we tell http users about the bridge fingerprints?  Turn this on
+# once we have the vidalia/tor interaction fixed for everbody.
+HTTPS_INCLUDE_FINGERPRINTS=False
+
 #==========
 # Options related to Email
 
@@ -121,6 +125,10 @@ EMAIL_PORT=6725
 # How many bridges do we give back in an answer?
 EMAIL_N_BRIDGES_PER_ANSWER=3
 
+# Should we tell http users about the bridge fingerprints?  Turn this on
+# once we have the vidalia/tor interaction fixed for everbody.
+EMAIL_INCLUDE_FINGERPRINTS=False
+
 #==========
 # Options related to unallocated bridges.
 
diff --git a/lib/bridgedb/Bridges.py b/lib/bridgedb/Bridges.py
index 6af0b5d..8fc5cb7 100644
--- a/lib/bridgedb/Bridges.py
+++ b/lib/bridgedb/Bridges.py
@@ -130,9 +130,12 @@ class Bridge:
         return "Bridge(%r,%r,%d,%r)"%(
             self.nickname, self.ip, self.orport, self.fingerprint)
 
-    def getConfigLine(self):
+    def getConfigLine(self,includeFingerprint=False):
         """Return a line describing this bridge for inclusion in a torrc."""
-        return "bridge %s:%d %s" % (self.ip, self.orport, self.fingerprint)
+        if includeFingerprint:
+            return "bridge %s:%d %s" % (self.ip, self.orport, self.fingerprint)
+        else:
+            return "bridge %s:%d" % (self.ip, self.orport)
 
     def assertOK(self):
         assert is_valid_ip(self.ip)
@@ -294,7 +297,7 @@ class BridgeRing(BridgeHolder):
             self.isSorted = False
         self.bridges[pos] = bridge
         self.bridgesByID[ident] = bridge
-        logging.debug("Adding %s to %s", bridge.getConfigLine(), self.name)
+        logging.debug("Adding %s to %s", bridge.getConfigLine(True), self.name)
 
     def _sort(self):
         """Helper: put the keys in sorted order."""
@@ -435,7 +438,7 @@ class UnallocatedHolder(BridgeHolder):
        unassigned.
     """
     def insert(self, bridge):
-        logging.debug("Leaving %s unallocated", bridge.getConfigLine())
+        logging.debug("Leaving %s unallocated", bridge.getConfigLine(True))
 
     def assignmentsArePersistent(self):
         return False
diff --git a/lib/bridgedb/Main.py b/lib/bridgedb/Main.py
index 967782a..f7339cf 100644
--- a/lib/bridgedb/Main.py
+++ b/lib/bridgedb/Main.py
@@ -24,6 +24,17 @@ class Conf:
     """
     def __init__(self, **attrs):
         self.__dict__.update(attrs)
+        self.setMissing()
+
+    def setMissing(self):
+        for k,v in CONFIG_DEFAULTS.items():
+            if not hasattr(self, k):
+                setattr(self,k,v)
+
+CONFIG_DEFAULTS = {
+    'HTTPS_INCLUDE_FINGERPRINTS' : False,
+    'EMAIL_INCLUDE_FINGERPRINTS' : False,
+}
 
 # An example configuration.  Used for testing.  See sample
 # bridgedb.conf for documentation.
@@ -58,6 +69,7 @@ CONFIG = Conf(
     HTTP_UNENCRYPTED_PORT=6788,
     HTTP_USE_IP_FROM_FORWARDED_HEADER=1,
     HTTPS_N_BRIDGES_PER_ANSWER=2,
+    HTTPS_INCLUDE_FINGERPRINTS = False,
 
     EMAIL_DIST = True,
     EMAIL_SHARE=10,
@@ -73,6 +85,7 @@ CONFIG = Conf(
     EMAIL_BIND_IP="127.0.0.1",
     EMAIL_PORT=6725,
     EMAIL_N_BRIDGES_PER_ANSWER=2,
+    EMAIL_INCLUDE_FINGERPRINTS = False,
 
     RESERVED_SHARE=2,
   )
diff --git a/lib/bridgedb/Server.py b/lib/bridgedb/Server.py
index c3f8444..4af849b 100644
--- a/lib/bridgedb/Server.py
+++ b/lib/bridgedb/Server.py
@@ -76,7 +76,8 @@ class WebResource(twisted.web.resource.Resource):
        bridges in response to a request."""
     isLeaf = True
 
-    def __init__(self, distributor, schedule, N=1, useForwardedHeader=False):
+    def __init__(self, distributor, schedule, N=1, useForwardedHeader=False,
+                 includeFingerprints=True):
         """Create a new WebResource.
              distributor -- an IPBasedDistributor object
              schedule -- an IntervalSchedule object
@@ -87,6 +88,7 @@ class WebResource(twisted.web.resource.Resource):
         self.schedule = schedule
         self.nBridgesToGive = N
         self.useForwardedHeader = useForwardedHeader
+        self.includeFingerprints = includeFingerprints
 
     def render_GET(self, request):
         interval = self.schedule.getInterval(time.time())
@@ -109,7 +111,8 @@ class WebResource(twisted.web.resource.Resource):
             bridges = self.distributor.getBridgesForIP(ip, interval,
                                                        self.nBridgesToGive)
         if bridges:
-            answer = "".join("%s\n" % b.getConfigLine() for b in bridges)
+            answer = "".join("%s\n" % b.getConfigLine(self.includeFingerprints)
+                             for b in bridges)
         else:
             answer = "No bridges available."
 
@@ -139,7 +142,8 @@ def addWebServer(cfg, dist, sched):
     if cfg.HTTP_UNENCRYPTED_PORT:
         ip = cfg.HTTP_UNENCRYPTED_BIND_IP or ""
         resource = WebResource(dist, sched, cfg.HTTPS_N_BRIDGES_PER_ANSWER,
-                               cfg.HTTP_USE_IP_FROM_FORWARDED_HEADER)
+                       cfg.HTTP_USE_IP_FROM_FORWARDED_HEADER,
+                       includeFingerprints=cfg.HTTPS_INCLUDE_FINGERPRINTS)
         site = Site(resource)
         reactor.listenTCP(cfg.HTTP_UNENCRYPTED_PORT, site, interface=ip)
     if cfg.HTTPS_PORT:
@@ -149,7 +153,8 @@ def addWebServer(cfg, dist, sched):
         factory = DefaultOpenSSLContextFactory(cfg.HTTPS_KEY_FILE,
                                                cfg.HTTPS_CERT_FILE)
         resource = WebResource(dist, sched, cfg.HTTPS_N_BRIDGES_PER_ANSWER,
-                               cfg.HTTPS_USE_IP_FROM_FORWARDED_HEADER)
+                       cfg.HTTPS_USE_IP_FROM_FORWARDED_HEADER,
+                       includeFingerprints=cfg.HTTPS_INCLUDE_FINGERPRINTS)
         site = Site(resource)
         reactor.listenSSL(cfg.HTTPS_PORT, site, factory, interface=ip)
     return site
@@ -247,7 +252,8 @@ def getMailResponse(lines, ctx):
     body = w.startbody("text/plain")
 
     if bridges:
-        answer = "".join("  %s\n" % b.getConfigLine() for b in bridges)
+        with_fp = ctx.cfg.EMAIL_INCLUDE_FINGEPRINTS
+        answer = "".join("  %s\n" % b.getConfigLine(with_fp) for b in bridges)
     else:
         answer = "(no bridges currently available)"
     body.write(EMAIL_MESSAGE_TEMPLATE % answer)
-- 
1.5.6.5