Scrub IP addresses before logging

2026-02-12 18:59:06 +01:00 · 2016-08-23 14:56:48 -03:00
parent ca094620d8
commit 8b56e082b3
5 changed files with 97 additions and 35 deletions
--- a/briar-android/src/org/briarproject/plugins/droidtooth/DroidtoothPlugin.java
+++ b/briar-android/src/org/briarproject/plugins/droidtooth/DroidtoothPlugin.java
@@ -57,6 +57,7 @@ import static android.bluetooth.BluetoothDevice.EXTRA_DEVICE;
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
+import static org.briarproject.util.PrivacyUtils.scrubMacAddress;

 class DroidtoothPlugin implements DuplexPlugin {

@@ -172,7 +173,7 @@ class DroidtoothPlugin implements DuplexPlugin {
 				String address = AndroidUtils.getBluetoothAddress(appContext,
 						adapter);
 				if (LOG.isLoggable(INFO))
-					LOG.info("Local address " + scrub(address));
+					LOG.info("Local address " + scrubMacAddress(address));
 				if (!StringUtils.isNullOrEmpty(address)) {
 					// Advertise the Bluetooth address to contacts
 					TransportProperties p = new TransportProperties();
@@ -237,7 +238,7 @@ class DroidtoothPlugin implements DuplexPlugin {
 			}
 			if (LOG.isLoggable(INFO)) {
 				String address = s.getRemoteDevice().getAddress();
-				LOG.info("Connection from " + scrub(address));
+				LOG.info("Connection from " + scrubMacAddress(address));
 			}
 			backoff.reset();
 			callback.incomingConnectionCreated(wrapSocket(s));
@@ -325,14 +326,14 @@ class DroidtoothPlugin implements DuplexPlugin {
 		try {
 			s = d.createInsecureRfcommSocketToServiceRecord(u);
 			if (LOG.isLoggable(INFO))
-				LOG.info("Connecting to " + scrub(address));
+				LOG.info("Connecting to " + scrubMacAddress(address));
 			s.connect();
 			if (LOG.isLoggable(INFO))
-				LOG.info("Connected to " + scrub(address));
+				LOG.info("Connected to " + scrubMacAddress(address));
 			return s;
 		} catch (IOException e) {
 			if (LOG.isLoggable(INFO))
-				LOG.info("Failed to connect to " + scrub(address));
+				LOG.info("Failed to connect to " + scrubMacAddress(address));
 			tryToClose(s);
 			return null;
 		}
@@ -490,12 +491,6 @@ class DroidtoothPlugin implements DuplexPlugin {
 		return new DroidtoothTransportConnection(this, s);
 	}

-	private static String scrub(String address) {
-		return address.substring(0, 3) +
-				"[scrubbed]" +
-				address.substring(14, 17);
-	}
-
 	private class BluetoothStateReceiver extends BroadcastReceiver {

 		@Override
@@ -576,7 +571,8 @@ class DroidtoothPlugin implements DuplexPlugin {
 			} else if (action.equals(FOUND)) {
 				BluetoothDevice d = intent.getParcelableExtra(EXTRA_DEVICE);
 				if (LOG.isLoggable(INFO))
-					LOG.info("Discovered device: " + scrub(d.getAddress()));
+					LOG.info("Discovered device: " +
+							scrubMacAddress(d.getAddress()));
 				addresses.add(d.getAddress());
 			}
 		}
--- a/briar-core/src/org/briarproject/plugins/tcp/LanTcpPlugin.java
+++ b/briar-core/src/org/briarproject/plugins/tcp/LanTcpPlugin.java
@@ -29,6 +29,7 @@ import java.util.logging.Logger;

 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
+import static org.briarproject.util.PrivacyUtils.scrubSocketAddress;

 class LanTcpPlugin extends TcpPlugin {

@@ -177,7 +178,7 @@ class LanTcpPlugin extends TcpPlugin {
 				break;
 			} catch (IOException e) {
 				if (LOG.isLoggable(INFO))
-					LOG.info("Failed to bind " + addr);
+					LOG.info("Failed to bind " + scrubSocketAddress(addr));
 				tryToClose(ss);
 			}
 		}
@@ -205,20 +206,24 @@ class LanTcpPlugin extends TcpPlugin {
 		if (!isConnectable(remote)) {
 			if (LOG.isLoggable(INFO)) {
 				SocketAddress local = socket.getLocalSocketAddress();
-				LOG.info(remote + " is not connectable from " + local);
+				LOG.info(scrubSocketAddress(remote) +
+						" is not connectable from " +
+						scrubSocketAddress(local));
 			}
 			return null;
 		}
 		Socket s = new Socket();
 		try {
-			if (LOG.isLoggable(INFO)) LOG.info("Connecting to " + remote);
+			if (LOG.isLoggable(INFO))
+				LOG.info("Connecting to " + scrubSocketAddress(remote));
 			s.connect(remote);
 			s.setSoTimeout(socketTimeout);
-			if (LOG.isLoggable(INFO)) LOG.info("Connected to " + remote);
+			if (LOG.isLoggable(INFO))
+				LOG.info("Connected to " + scrubSocketAddress(remote));
 			return new TcpTransportConnection(this, s);
 		} catch (IOException e) {
 			if (LOG.isLoggable(INFO))
-				LOG.info("Could not connect to " + remote);
+				LOG.info("Could not connect to " + scrubSocketAddress(remote));
 			return null;
 		}
 	}
--- a/briar-core/src/org/briarproject/plugins/tcp/PortMapperImpl.java
+++ b/briar-core/src/org/briarproject/plugins/tcp/PortMapperImpl.java
@@ -1,7 +1,9 @@
 package org.briarproject.plugins.tcp;

-import static java.util.logging.Level.INFO;
-import static java.util.logging.Level.WARNING;
+import org.bitlet.weupnp.GatewayDevice;
+import org.bitlet.weupnp.GatewayDiscover;
+import org.briarproject.api.lifecycle.ShutdownManager;
+import org.xml.sax.SAXException;

 import java.io.IOException;
 import java.net.InetAddress;
@@ -10,10 +12,9 @@ import java.util.logging.Logger;

 import javax.xml.parsers.ParserConfigurationException;

-import org.bitlet.weupnp.GatewayDevice;
-import org.bitlet.weupnp.GatewayDiscover;
-import org.briarproject.api.lifecycle.ShutdownManager;
-import org.xml.sax.SAXException;
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.util.PrivacyUtils.scrubInetAddress;

 class PortMapperImpl implements PortMapper {

@@ -35,7 +36,7 @@ class PortMapperImpl implements PortMapper {
 		InetAddress internal = gateway.getLocalAddress();
 		if (internal == null) return null;
 		if (LOG.isLoggable(INFO))
-			LOG.info("Internal address " + getHostAddress(internal));
+			LOG.info("Internal address " + scrubInetAddress(internal));
 		boolean succeeded = false;
 		InetAddress external = null;
 		try {
@@ -50,7 +51,8 @@ class PortMapperImpl implements PortMapper {
 			}
 			String externalString = gateway.getExternalIPAddress();
 			if (LOG.isLoggable(INFO))
-				LOG.info("External address " + externalString);
+				LOG.info(
+						"External address " + scrubInetAddress(externalString));
 			if (externalString != null)
 				external = InetAddress.getByName(externalString);
 		} catch (IOException e) {
--- a/briar-core/src/org/briarproject/plugins/tcp/TcpPlugin.java
+++ b/briar-core/src/org/briarproject/plugins/tcp/TcpPlugin.java
@@ -30,6 +30,7 @@ import java.util.regex.Pattern;

 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
+import static org.briarproject.util.PrivacyUtils.scrubSocketAddress;

 abstract class TcpPlugin implements DuplexPlugin {

@@ -107,14 +108,15 @@ abstract class TcpPlugin implements DuplexPlugin {
 			public void run() {
 				if (!running) return;
 				ServerSocket ss = null;
-				for (SocketAddress addr : getLocalSocketAddresses()) {
+				for (InetSocketAddress addr : getLocalSocketAddresses()) {
 					try {
 						ss = new ServerSocket();
 						ss.bind(addr);
 						break;
 					} catch (IOException e) {
 						if (LOG.isLoggable(INFO))
-							LOG.info("Failed to bind " + addr);
+							LOG.info("Failed to bind " +
+									scrubSocketAddress(addr));
 						tryToClose(ss);
 					}
 				}
@@ -128,9 +130,11 @@ abstract class TcpPlugin implements DuplexPlugin {
 				}
 				socket = ss;
 				backoff.reset();
-				SocketAddress local = ss.getLocalSocketAddress();
-				setLocalSocketAddress((InetSocketAddress) local);
-				if (LOG.isLoggable(INFO)) LOG.info("Listening on " + local);
+				InetSocketAddress local =
+						(InetSocketAddress) ss.getLocalSocketAddress();
+				setLocalSocketAddress(local);
+				if (LOG.isLoggable(INFO))
+					LOG.info("Listening on " + scrubSocketAddress(local));
 				callback.transportEnabled();
 				acceptContactConnections();
 			}
@@ -166,7 +170,8 @@ abstract class TcpPlugin implements DuplexPlugin {
 				return;
 			}
 			if (LOG.isLoggable(INFO))
-				LOG.info("Connection from " + s.getRemoteSocketAddress());
+				LOG.info("Connection from " +
+						scrubSocketAddress(s.getRemoteSocketAddress()));
 			backoff.reset();
 			TcpTransportConnection conn = new TcpTransportConnection(this, s);
 			callback.incomingConnectionCreated(conn);
@@ -223,20 +228,25 @@ abstract class TcpPlugin implements DuplexPlugin {
 			if (!isConnectable(remote)) {
 				if (LOG.isLoggable(INFO)) {
 					SocketAddress local = socket.getLocalSocketAddress();
-					LOG.info(remote + " is not connectable from " + local);
+					LOG.info(scrubSocketAddress(remote) +
+							" is not connectable from " +
+							scrubSocketAddress(local));
 				}
 				continue;
 			}
 			Socket s = new Socket();
 			try {
-				if (LOG.isLoggable(INFO)) LOG.info("Connecting to " + remote);
+				if (LOG.isLoggable(INFO))
+					LOG.info("Connecting to " + scrubSocketAddress(remote));
 				s.connect(remote);
 				s.setSoTimeout(socketTimeout);
-				if (LOG.isLoggable(INFO)) LOG.info("Connected to " + remote);
+				if (LOG.isLoggable(INFO))
+					LOG.info("Connected to " + scrubSocketAddress(remote));
 				return new TcpTransportConnection(this, s);
 			} catch (IOException e) {
 				if (LOG.isLoggable(INFO))
-					LOG.info("Could not connect to " + remote);
+					LOG.info("Could not connect to " +
+							scrubSocketAddress(remote));
 			}
 		}
 		return null;
@@ -255,6 +265,7 @@ abstract class TcpPlugin implements DuplexPlugin {
 			return new InetSocketAddress(a, p);
 		} catch (UnknownHostException e) {
 			if (LOG.isLoggable(WARNING))
+				// not scrubbing to enable us to find the problem
 				LOG.warning("Invalid address: " + addr);
 			return null;
 		} catch (NumberFormatException e) {
--- a/briar-core/src/org/briarproject/util/PrivacyUtils.java
+++ b/briar-core/src/org/briarproject/util/PrivacyUtils.java
@@ -1,9 +1,57 @@
 package org.briarproject.util;

+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+
 public class PrivacyUtils {

 	public static String scrubOnion(String onion) {
+		// keep first three characters of onion address
 		return onion.substring(0, 3) + "[_scrubbed_]";
 	}

+	public static String scrubMacAddress(String address) {
+		if (address == null) return null;
+		// this is a fake address we need to know about
+		if (address.equals("02:00:00:00:00:00")) return address;
+		// keep first and last octet of MAC address
+		return address.substring(0, 3) +
+				"[scrubbed]" +
+				address.substring(14, 17);
+	}
+
+	public static String scrubInetAddress(InetAddress address) {
+		// don't scrub link and site local addresses
+		if (address.isLinkLocalAddress() || address.isSiteLocalAddress())
+			return address.toString();
+		// completely scrub IPv6 addresses
+		if (address instanceof Inet6Address) return "[scrubbed]";
+		// keep first and last octet of IPv4 addresses
+		return scrubInetAddress(address.toString());
+	}
+
+	public static String scrubInetAddress(String address) {
+		if (address == null) return null;
+
+		int firstDot = address.indexOf(".");
+		if (firstDot == -1) return "[scrubbed]";
+		String prefix = address.substring(0, firstDot + 1);
+		int lastDot = address.lastIndexOf(".");
+		String suffix = address.substring(lastDot, address.length());
+		return prefix + "[scrubbed]" + suffix;
+	}
+
+	public static String scrubSocketAddress(InetSocketAddress address) {
+		InetAddress inetAddress = address.getAddress();
+		return scrubInetAddress(inetAddress);
+	}
+
+	public static String scrubSocketAddress(SocketAddress address) {
+		if (address instanceof InetSocketAddress)
+			return scrubSocketAddress((InetSocketAddress) address);
+		return scrubInetAddress(address.toString());
+	}
 }