GitLab

From IRC, apparently approximately one in seven ScrambleSuit bridges do not have a password on the bridge line.

I am 99% certain this is due to people running ScrambleSuit on tor-0.2.4.x, as passing pluggable transport arguments via the extrainfo document is not supported in that version, and transports.c:parse_smethod_line() does not sufficiently validate the SMETHOD line, so the arguments are silently dropped.

This leads to Bridges that publish extrainfo documents containing Bridge lines that are totally useless (No ScrambleSuit password etc), and will never get used.

This may be something that has to be worked around on the BridgeDB side (teach it about transports that require arguments, ignore bridges with malformed bridge lines), but that seems suboptimal (people thinking they are contributing bridges, when they realistically are not).