From 1ab66d2fd0b33d18cc8a38298b0124917f33fa73 Mon Sep 17 00:00:00 2001 From: Brian Warner Date: Thu, 3 Dec 2015 21:15:19 -0800 Subject: [PATCH] privacy: only store coarse timestamps in the usage table --- src/wormhole/scripts/runner.py | 6 ++++++ src/wormhole/servers/cmd_server.py | 2 +- src/wormhole/servers/relay_server.py | 15 +++++++++++---- src/wormhole/servers/server.py | 15 ++++++++++++--- src/wormhole/servers/transit_server.py | 5 ++++- src/wormhole/test/test_server.py | 2 +- 6 files changed, 35 insertions(+), 10 deletions(-) diff --git a/src/wormhole/scripts/runner.py b/src/wormhole/scripts/runner.py index e4497b9..6d2c856 100644 --- a/src/wormhole/scripts/runner.py +++ b/src/wormhole/scripts/runner.py @@ -41,6 +41,9 @@ sp_start.add_argument("--transit", default="tcp:3001", metavar="tcp:PORT", help="endpoint specification for the transit-relay port") sp_start.add_argument("--advertise-version", metavar="VERSION", help="version to recommend to clients") +sp_start.add_argument("--blur-usage", default=None, type=int, + metavar="SECONDS", + help="round logged access times to improve privacy") sp_start.add_argument("-n", "--no-daemon", action="store_true") #sp_start.add_argument("twistd_args", nargs="*", default=None, # metavar="[TWISTD-ARGS..]", @@ -61,6 +64,9 @@ sp_restart.add_argument("--transit", default="tcp:3001", metavar="tcp:PORT", help="endpoint specification for the transit-relay port") sp_restart.add_argument("--advertise-version", metavar="VERSION", help="version to recommend to clients") +sp_restart.add_argument("--blur-usage", default=None, type=int, + metavar="SECONDS", + help="round logged access times to improve privacy") sp_restart.add_argument("-n", "--no-daemon", action="store_true") sp_restart.set_defaults(func=cmd_server.restart_server) diff --git a/src/wormhole/servers/cmd_server.py b/src/wormhole/servers/cmd_server.py index 0110cb1..a42267b 100644 --- a/src/wormhole/servers/cmd_server.py +++ b/src/wormhole/servers/cmd_server.py @@ -11,7 +11,7 @@ class MyPlugin: from .server import RelayServer return RelayServer(self.args.rendezvous, self.args.transit, self.args.advertise_version, - "relay.sqlite") + "relay.sqlite", self.args.blur_usage) def start_server(args): from twisted.python import usage diff --git a/src/wormhole/servers/relay_server.py b/src/wormhole/servers/relay_server.py index c520466..55fbfd6 100644 --- a/src/wormhole/servers/relay_server.py +++ b/src/wormhole/servers/relay_server.py @@ -207,10 +207,11 @@ class Deallocator(RelayResource): class Channel: - def __init__(self, app, db, welcome, appid, channelid): + def __init__(self, app, db, welcome, blur_usage, appid, channelid): self._app = app self._db = db self._welcome = welcome + self._blur_usage = blur_usage self._appid = appid self._channelid = channelid self._listeners = set() # callbacks that take JSONable object @@ -297,6 +298,8 @@ class Channel: def _store_summary(self, summary): (started, result, total_time, waiting_time) = summary + if self._blur_usage: + started = self._blur_usage * (started // self._blur_usage) self._db.execute("INSERT INTO `usage`" " (`type`, `started`, `result`," " `total_time`, `waiting_time`)" @@ -382,9 +385,10 @@ class Channel: class AppNamespace: - def __init__(self, db, welcome, appid): + def __init__(self, db, welcome, blur_usage, appid): self._db = db self._welcome = welcome + self._blur_usage = blur_usage self._appid = appid self._channels = {} @@ -420,6 +424,7 @@ class AppNamespace: if not channelid in self._channels: log.msg("spawning #%d for appid %s" % (channelid, self._appid)) self._channels[channelid] = Channel(self, self._db, self._welcome, + self._blur_usage, self._appid, channelid) return self._channels[channelid] @@ -448,11 +453,12 @@ class AppNamespace: return bool(self._channels) class Relay(resource.Resource, service.MultiService): - def __init__(self, db, welcome): + def __init__(self, db, welcome, blur_usage): resource.Resource.__init__(self) service.MultiService.__init__(self) self._db = db self._welcome = welcome + self._blur_usage = blur_usage self._apps = {} t = internet.TimerService(EXPIRATION_CHECK_PERIOD, self.prune) t.setServiceParent(self) @@ -476,7 +482,8 @@ class Relay(resource.Resource, service.MultiService): assert isinstance(appid, type(u"")) if not appid in self._apps: log.msg("spawning appid %s" % (appid,)) - self._apps[appid] = AppNamespace(self._db, self._welcome, appid) + self._apps[appid] = AppNamespace(self._db, self._welcome, + self._blur_usage, appid) return self._apps[appid] def prune(self): diff --git a/src/wormhole/servers/server.py b/src/wormhole/servers/server.py index 8e4118a..cf5ffbd 100644 --- a/src/wormhole/servers/server.py +++ b/src/wormhole/servers/server.py @@ -1,4 +1,5 @@ from __future__ import print_function +from twisted.python import log from twisted.internet import reactor, endpoints from twisted.application import service from twisted.web import server, static, resource @@ -16,8 +17,9 @@ class Root(resource.Resource): class RelayServer(service.MultiService): def __init__(self, relayport, transitport, advertise_version, - db_url=":memory:"): + db_url=":memory:", blur_usage=None): service.MultiService.__init__(self) + self._blur_usage = blur_usage self.db = get_db(db_url) welcome = { "current_version": __version__, @@ -35,11 +37,18 @@ class RelayServer(service.MultiService): r = endpoints.serverFromString(reactor, relayport) self.relayport_service = ServerEndpointService(r, site) self.relayport_service.setServiceParent(self) - self.relay = Relay(self.db, welcome) # accessible from tests + self.relay = Relay(self.db, welcome, blur_usage) # accessible from tests self.root.putChild(b"wormhole-relay", self.relay) if transitport: - self.transit = Transit(self.db) + self.transit = Transit(self.db, blur_usage) self.transit.setServiceParent(self) # for the timer t = endpoints.serverFromString(reactor, transitport) self.transport_service = ServerEndpointService(t, self.transit) self.transport_service.setServiceParent(self) + def startService(self): + service.MultiService.startService(self) + log.msg("Wormhole relay server (Rendezvous and Transit) running") + if self._blur_usage: + log.msg("blurring access times to %d seconds" % self._blur_usage) + else: + log.msg("not blurring access times") diff --git a/src/wormhole/servers/transit_server.py b/src/wormhole/servers/transit_server.py index be89da7..da54e69 100644 --- a/src/wormhole/servers/transit_server.py +++ b/src/wormhole/servers/transit_server.py @@ -148,9 +148,10 @@ class Transit(protocol.ServerFactory, service.MultiService): MAXTIME = 60*SECONDS protocol = TransitConnection - def __init__(self, db): + def __init__(self, db, blur_usage): service.MultiService.__init__(self) self._db = db + self._blur_usage = blur_usage self._pending_requests = {} # token -> TransitConnection self._active_connections = set() # TransitConnection @@ -170,6 +171,8 @@ class Transit(protocol.ServerFactory, service.MultiService): def recordUsage(self, started, result, total_bytes, total_time, waiting_time): log.msg("Transit.recordUsage (%dB)" % total_bytes) + if self._blur_usage: + started = self._blur_usage * (started // self._blur_usage) self._db.execute("INSERT INTO `usage`" " (`type`, `started`, `result`, `total_bytes`," " `total_time`, `waiting_time`)" diff --git a/src/wormhole/test/test_server.py b/src/wormhole/test/test_server.py index 989de29..bfa54ff 100644 --- a/src/wormhole/test/test_server.py +++ b/src/wormhole/test/test_server.py @@ -363,7 +363,7 @@ class OneEventAtATime: class Summary(unittest.TestCase): def test_summarize(self): - c = relay_server.Channel(None, None, None, None, None) + c = relay_server.Channel(None, None, None, None, None, None) A = relay_server.ALLOCATE D = relay_server.DEALLOCATE