mirror of
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git
synced 2025-10-14 05:11:19 -04:00
Modified broker /debug page to display counts only
The broker /debug page was displaying proxy IDs and roundtrip times. As serna pointed out in bug #31460, the proxy IDs can be used to launch a denial of service attack. As the metrics team pointed out on #21315, the round trip time average can be potentially sensitive. This change displays only proxy counts and uses ID lengths to distinguish between standalone proxy-go instances and browser-based snowflake proxies.
This commit is contained in:
parent
ea442141db
commit
00eb4aadf5
1 changed files with 9 additions and 2 deletions
|
@ -255,10 +255,17 @@ func proxyAnswers(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
func debugHandler(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
|
func debugHandler(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
|
||||||
s := fmt.Sprintf("current snowflakes available: %d\n", ctx.snowflakes.Len())
|
s := fmt.Sprintf("current snowflakes available: %d\n", ctx.snowflakes.Len())
|
||||||
|
|
||||||
|
var browsers, standalones int
|
||||||
for _, snowflake := range ctx.idToSnowflake {
|
for _, snowflake := range ctx.idToSnowflake {
|
||||||
s += fmt.Sprintf("\nsnowflake %d: %s", snowflake.index, snowflake.id)
|
if len(snowflake.id) < 16 {
|
||||||
|
browsers++
|
||||||
|
} else {
|
||||||
|
standalones++
|
||||||
}
|
}
|
||||||
s += fmt.Sprintf("\n\nroundtrip avg: %d", ctx.metrics.clientRoundtripEstimate)
|
}
|
||||||
|
s += fmt.Sprintf("\tstandalone proxies: %d", standalones)
|
||||||
|
s += fmt.Sprintf("\n\tbrowser proxies: %d", browsers)
|
||||||
w.Write([]byte(s))
|
w.Write([]byte(s))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue