#30125: Port server's log sanitization to client, broker, and proxy-go -----------------------------------+------------------------------ Reporter: dcf | Owner: cohosh Type: enhancement | Status: needs_review Priority: Medium | Milestone: Component: Obfuscation/Snowflake | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: Sponsor19 -----------------------------------+------------------------------
Comment (by dcf): The refactoring looks good. I have a few ideas about deployment to save us some trouble later. My main goal is that there should be a clean break between the old unsanitized logs and the new sanitized logs, so that we don't later have to trawl through a log file and figure out where the change happened. This is because I'd like us to extract what we need from the old logs and then delete them. For the bridge, those logs are being rotated and not saved long-term, so we don't need to do anything special. For the broker, it will be something like this: {{{ sv stop snowflake-broker cd /var/log/snowflake-broker tar cf unsanitized.tar *.s current.20190322.xz current shred -n 1 -v -u *.s current.20190322.xz current # install the new /usr/local/bin/broker sv start snowflake-broker }}} For proxy-go, it will be similar, except that there are several /home /snowflake-proxy/*.log.d log directories. Also /home/snowflake-proxy /snowflake-proxy-*.log{,.xz} are unsanitized logs from before we started using runit log directories (happened in #28390). For the client, we'll need a Tor Browser ticket to pick up the upgrade. A sample ticket and patch that can serve as a template is #26795. I know you are interested in the reproducible build and this would be a good introduction to [[doc/TorBrowser/Hacking#BuildingOfficialTorBrowserReleaseBinaries|rbm]] if you haven't used it yet. Basically, you just need to edit projects/snowflake/config and update `git_hash`, then run `make testbuild` to make sure it still builds, then open a ticket in the Applications/Tor Browser component. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30125#comment:4> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs