BridgeDB is the core of the Tor bridge backend. It provides for various pools in doling out bridge relays on user request via SMTP, HTTPS, instant messaging, and a few reserved pools given out by hand to real-world physical networks. The code repository is at https://gitweb.torproject.org/bridgedb.git.
== TODO List ==
(Sponsor D, deliverable 21 for Sep 30)
* Write a BridgeDB specification (#1606).
* Add code that will make it possible to request bridges for a certain country like so by email: bridges+zh@torproject.org or by HTTP: https://bridges.torproject.org/zh (#1607).
* If we know a certain bridge is blocked in a certain country, don’t give out that bridge to that country (#1608 and #1837).
* Add code that will give out bridges in a localized way (gettext). For that, put all messages in need for translation in one file (#1609).
* Design algorithm to rotate available bridges over time (#1839).
* Turn mail requests into ’subscriptions’: People mail ’subscribe bridges’ to us, we put them in a database and send them bridges periodically. To not send emails to users that long have forgotten about their subscription, make them re-subscribe periodically by putting a ”Reply to this mail or you won’t get any more bridges” text somewhere in a mail we send them with fresh bridges (#1610).
* Increase the "reserved" share of bridges (#1611).
* Group reserved bridges into buckets for people, write those buckets to files on request (so that those files can be used by Roger or $foo to give to trusted people) (#1612).
* i18n bridgedb (#1613).
* Drop email-to-bridge mappings after N days.
* Bump up epoch length a lot.
* Test DB migration code.
* Drop email persistence.
* Rate-limit email replies (#1860).
* Stop looking for "get bridges" in emails.
* Clean email backend periodically
* List only one bridge per /16 per reply.
* It keeps corrupting its database, causing Roger to delete the old database and undermine this whole give-the-same-answer-each-time design (#1098).
* Send back an email even if there aren't any bridges
* Check dkim headers for sanity.
* Make the 'magic word' for the email configurable, case-tolerant, HTML-tolerant, and punctuation-tolerant
* for bonus points, make it Base64-tolerant
* Make all the rest of the email options configurable.
* Bug: the email handler gets really upset when the email doesn't have a message-id header in it.
* When we hit the end of a period, forget the email address history.
* When sending bridges to an email address in the history, check for liveness.
* Make bounces go to the right address.
* Make address sent in "mail from" command configurable. Actually, configure it.
* Make the bridge list you get back include at least one non-443 bridge. It turns out sometimes 443 isn't all it's cracked up to be.
Not now:
* Check that the incoming IP address of an email is sane.
* Check more email headers for sanity.
Later:
* Document stuff better
* Better area division logic
* Make all proxies get stuck in their own area.
* Implement slightly nicer logging
* Add CAPTCHAs (ugh, this doesn't stop anything, do we have to?) (#1836)
* Decent template for the web interface
* Decent template for mail interface
* Implement a 'help' command
~~ * Reload configuration on signup; not just bridges.~~
* Reply with locale support.
* Check host option in HTTP.
Tickets for [milestone:"BridgeDB Upgrades Phase 1"]
