Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 316
    • Issues 316
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 34
    • Merge requests 34
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #26882
Closed
Open
Created Jul 19, 2018 by dmr@dmr

IP address is not scrubbed in info logs, channel_tls_process_netinfo_cell() AND manpage for SafeLogging overgeneralizes

Here's a log snippet from an info log I was manually reviewing to scrub before sharing.

[info] channel_tls_process_netinfo_cell(): Got good NETINFO cell from [scrubbed]:443; OR connection is now open, using protocol version 5. Its ID digest is <redacted>. Our address is apparently <redacted>.

In the above, <redacted> is my notation; [scrubbed] is from SafeLogging. (I'm not sure I had to redact the digest, but was just being conservative.)

SafeLogging 1 was set (default). Tor 0.3.3.7

asn mentioned on #tor-dev that he thinks this is a bug. Some brief notes from asn:

"" : fmt_and_decorate_addr(&my_apparent_addr)); hm yeah that's I think a bug it should be safe_str_client() so weird that no one has mentioned htis before

It's worth noting the manpage for SafeLogging says:

... If this option is set to 0, Tor will not perform any scrubbing, if it is set to 1, all potentially sensitive strings are replaced. ...

arma advocated for a different resolution:

if i were filing this ticket i would file a "scale back safelogging claims in the man page" ticket :)

(My preference is to scrub the IP address, but I also acknowledge the rabbit hole of trying to scrub anything "sensitive", especially in info/debug logs)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking