archives/snowflake
2
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git synced 2025-10-13 20:11:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Scrub space separated ip addresses

Browse source 
The issue with ReplaceAllFunc is that it's capturing the leading and
trailing spaces in the regexp, so successive ips don't match.  From the
docstring,

> If 'All' is present, the routine matches successive non-overlapping
> matches of the entire expression.

For #40306
This commit is contained in:
Arlo Breault 2024-01-03 20:20:01 -05:00 committed by Cecylia Bocovich
parent 98db63ad01
commit e4c818be76
No known key found for this signature in database
GPG key ID: 009DE379FD9B7B90
2 changed files with 18 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

17
common/safelog/log.go
View file

@ -21,7 +21,7 @@ const ipv6Full = `(` + ipv6Address + `(` + ipv4Address + `))` +
`|(` + ipv6Address + `)` + `|(` + ipv6Compressed + `)`
const optionalPort = `(:\d{1,5})?`
const addressPattern = `((` + ipv4Address + `)|(\[(` + ipv6Full + `)\])|(` + ipv6Full + `))` + optionalPort
const fullAddrPattern = `(^|\s|[^\w:])` + addressPattern + `(\s|(:\s)|[^\w:]|$)`
const fullAddrPattern = `(?:^|\s|[^\w:])(` + addressPattern + `)(?:\s|(:\s)|[^\w:]|$)`
var scrubberPatterns = []*regexp.Regexp{
regexp.MustCompile(fullAddrPattern),
@ -46,9 +46,18 @@ func Scrub(b []byte) []byte {
for _, pattern := range scrubberPatterns {
// this is a workaround since go does not yet support look ahead or look
// behind for regular expressions.
scrubbedBytes = pattern.ReplaceAllFunc(scrubbedBytes, func(b []byte) []byte {
return addressRegexp.ReplaceAll(b, []byte("[scrubbed]"))
})
var newBytes []byte
index := 0
for {
loc := pattern.FindSubmatchIndex(scrubbedBytes[index:])
if loc == nil {
break
}
newBytes = append(newBytes, scrubbedBytes[index:index+loc[2]]...)
newBytes = append(newBytes, []byte("[scrubbed]")...)
index = index + loc[3]
}
scrubbedBytes = append(newBytes, scrubbedBytes[index:]...)
}
return scrubbedBytes
}

5
common/safelog/log_test.go
View file

@ -107,6 +107,11 @@ func TestLogScrubberMessages(t *testing.T) {
"error dialing relay: wss://snowflake.torproject.net/?client_ip=1%3A2%3A3%3A%3Ad%3Ae%3Af = dial tcp xxx",
"error dialing relay: wss://snowflake.torproject.net/?client_ip=[scrubbed] = dial tcp xxx\n",
},
{
// multiple space-separated IP addresses
"Allowed stations: [10.0.1.1 10.0.1.2 10.0.1.3 10.0.1.4]\n",
"Allowed stations: [[scrubbed] [scrubbed] [scrubbed] [scrubbed]]\n",
},
} {
var buff bytes.Buffer
log.SetFlags(0) //remove all extra log output for test comparisons