bridgedb.bridges

Classes for manipulating and storing Bridges and their attributes.

---

Glossary Terms

Bridge Line

A “Bridge Line” is how BridgeDB refers to lines in a torrc file which should begin with the word "Bridge", and it is how a client tells their Tor process that they would like to use a particular bridge.

---

exception PluggableTransportUnavailable

Bases: exceptions.Exception

Raised when a Bridge doesn’t have the requested PluggableTransport.

exception MalformedBridgeInfo

Bases: exceptions.ValueError

Raised when some information about a bridge appears malformed.

exception MalformedPluggableTransport

Bases: bridgedb.bridges.MalformedBridgeInfo

Raised when information used to initialise a PluggableTransport appears malformed.

exception InvalidPluggableTransportIP

Bases: bridgedb.bridges.MalformedBridgeInfo

Raised when a PluggableTransport has an invalid address.

exception MissingServerDescriptorDigest

Bases: bridgedb.bridges.MalformedBridgeInfo

Raised when the hash digest for an @type bridge-server-descriptor (which should be in the corresponding @type bridge-networkstatus document), was missing.

exception ServerDescriptorDigestMismatch

Bases: bridgedb.bridges.MalformedBridgeInfo

Raised when the digest in an @type bridge-networkstatus document doesn’t match the hash digest of the @type bridge-server-descriptor‘s contents.

exception ServerDescriptorWithoutNetworkstatus

Bases: bridgedb.bridges.MalformedBridgeInfo

Raised when we find a @type bridge-server-descriptor which was not mentioned in the latest @type bridge-networkstatus document.

exception InvalidExtraInfoSignature

Bases: bridgedb.bridges.MalformedBridgeInfo

Raised if the signature on an @type bridge-extrainfo is invalid.

interface IBridge

I am a (mostly) stub interface whose primary purpose is merely to allow other classes to signify whether or not they can be treated like a Bridge.

fingerprint

The lowercased, hexadecimal-encoded, hash digest of this Bridge’s public identity key.

address

This Bridge’s primary public IP address.

port

The port which this Bridge is listening on.

class Flags

Bases: object

All the flags which a Bridge may have.

fast = False

guard = False

running = False

stable = False

valid = False

update(flags)

Update with flags taken from an @type networkstatus-bridge ‘s’-line.

From dir-spec.txt:

“s” SP Flags NL

[Exactly once.]

A series of space-separated status flags, in lexical order (as ASCII

byte strings). Currently documented flags are:

[...]

“Fast” if the router is suitable for high-bandwidth circuits.

“Guard” if the router is suitable for use as an entry guard.

[...]

“Stable” if the router is suitable for long-lived circuits.

“Running” if the router is currently usable.

[...]

“Valid” if the router has been ‘validated’.

Parameters:flags (list) – A list of strings containing each of the flags parsed from the ‘s’-line.

class BridgeAddressBase

Bases: object

A base class for describing one of a Bridge‘s or a PluggableTransport‘s location, including its identity key fingerprint and IP address.

Variables:

• fingerprint – The uppercased, hexadecimal fingerprint of the identity key of the parent bridge running this pluggable transport instance, i.e. the main ORPort bridge whose @type bridge-server-descriptor contains a hash digest for a @type bridge-extrainfo-document, the latter of which contains the parameter of this pluggable transport in its transport line.
• address – The IP address of Bridge or one of its :class:`PluggableTransport`s.
• country – The two-letter GeoIP country code of the :ivar:`address`.
• port – A integer specifying the port which this Bridge (or PluggableTransport) is listening on.

fingerprint

Get this Bridge’s fingerprint.

Return type:str Returns:A 40-character hexadecimal formatted string representation of the SHA-1 hash digest of the public half of this Bridge’s identity key.

identity

Get this Bridge’s identity digest.

Return type:bytes Returns:The binary-encoded SHA-1 hash digest of the public half of this Bridge’s identity key, if available; otherwise, returns None.

address

Get this bridge’s address.

Return type:IPv4Address or IPv6Address Returns:The bridge’s address.

country

Get the two-letter GeoIP country code for the :ivar:`address`.

Return type:str or None Returns:If :ivar:`address` is set, this returns a two-letter country code for the geolocated region that :ivar:`address` is within; otherwise, returns None.

port

Get the port number which this Bridge is listening for incoming client connections on.

Return type:int or None Returns:The port (as an int), if it is known and valid; otherwise, returns None.

class PluggableTransport(fingerprint=None, methodname=None, address=None, port=None, arguments=None)

Bases: bridgedb.bridges.BridgeAddressBase

A single instance of a Pluggable Transport (PT) offered by a Bridge.

Pluggable transports are described within a bridge’s @type bridge-extrainfo descriptor, see the Specifications: Client behavior section and the TOR_PT_SERVER_TRANSPORT_OPTIONS description in pt-spec.txt for additional specification.

Variables:

• fingerprint (str) – The uppercased, hexadecimal fingerprint of the identity key of the parent bridge running this pluggable transport instance, i.e. the main ORPort bridge whose @type bridge-server-descriptor contains a hash digest for a @type bridge-extrainfo-document, the latter of which contains the parameter of this pluggable transport in its transport line.
• methodname (str) – The canonical “name” for this pluggable transport, i.e. the one which would be specified in a torrc file. For example, "obfs2", "obfs3", "scramblesuit" would all be pluggable transport method names.
• address (ipaddr.IPv4Address or ipaddr.IPv6Address) – The IP address of the transport. Currently (as of 20 March 2014), there are no known, widely-deployed pluggable transports which support IPv6. Ergo, this is very likely going to be an IPv4 address.
• port (int) – A integer specifying the port which this pluggable transport is listening on. (This should likely be whatever port the bridge specified in its ServerTransportPlugin torrc line, unless the pluggable transport is running in “managed” mode.)
• arguments (dict) –

  Some PTs can take additional arguments, which must be distributed to the client out-of-band. These are present in the @type bridge-extrainfo-document, in the transport line like so:

  METHOD SP ADDR ":" PORT SP [K=V[,K=V[,K=V[…]]]]
  

  where K is the key in arguments, and V is the value. For example, in the case of scramblesuit, for which the client must supply a shared secret to the scramblesuit instance running on the bridge, the arguments would be something like:

  {'password': 'NEQGQYLUMUQGK5TFOJ4XI2DJNZTS4LRO'}
  

Create a PluggableTransport describing a PT running on a bridge.

Parameters:

• fingerprint (str) – The uppercased, hexadecimal fingerprint of the identity key of the parent bridge running this pluggable transport.
• methodname (str) – The canonical “name” for this pluggable transport. See methodname.
• address (str) – The IP address of the transport. See address.
• port (int) – A integer specifying the port which this pluggable transport is listening on.
• arguments (dict) – Any additional arguments which the PT takes, which must be distributed to the client out-of-band. See arguments.

_parseArgumentsIntoDict(argumentList)

Convert a list of Pluggable Transport arguments into a dictionary suitable for arguments.

Parameters:argumentList (list) – A list of Pluggable Transport arguments. There might be multiple, comma-separated K=V Pluggable Transport arguments in a single item in the argumentList, or each item might be its own K=V; we don’t care and we should be able to parse it either way. Return type:dict Returns:A dictionary of all the K=V Pluggable Transport arguments.

_runChecks()

Validate that we were initialised with acceptable parameters.

We currently check that:

1. The port is an integer, and that it is between the values of 0 and 65535 (inclusive).
2. The arguments is a dictionary.
3. The arguments do not contain non-ASCII or control characters or double quotes or backslashes, in keys or in values.

Raises MalformedPluggableTransport:  if any of the above checks fails.

_checkArguments()

This method is a temporary fix for PTs with missing arguments (see ticket #13202).

methodname

Get this PluggableTransport‘s methodname.

Return type:str Returns:The (lowercased) methodname of this PluggableTransport, i.e. "obfs3", "scramblesuit", etc.

getTransportLine(includeFingerprint=True, bridgePrefix=False)

Get a Bridge Line for this PluggableTransport.

Note

If bridgePrefix is False, this method does not return lines which are prefixed with the word 'bridge', as they would be in a torrc file. Instead, lines returned look like:

obfs3 245.102.100.252:23619 59ca743e89b508e16b8c7c6d2290efdfd14eea98

This was made configurable to fix Vidalia being a brain-damaged piece of shit (ticket #5851). TorLaucher replaced Vidalia soon after, and TorLauncher is intelligent enough to understand :term:`Bridge Line`s regardless of whether or not they are prefixed with the word “Bridge”.

Parameters:

• includeFingerprints (bool) – If True, include the digest of this bridges public identity key in the torrc line.
• bridgePrefix (bool) – If True, add 'Bridge ' to the beginning of each returned line (suitable for pasting directly into a torrc file).

Return type:

str

Returns:

A configuration line for adding this Pluggable Transport into a torrc file.

updateFromStemTransport(fingerprint, methodname, kitchenSink)

Update this PluggableTransport from the data structure which Stem uses.

Stem’s stem.descriptor.extrainfo_descriptor.BridgeExtraInfoDescriptor parses extrainfo transport lines into a dictionary with the following structure:

{u'obfs2': (u'34.230.223.87', 37339, []),
 u'obfs3': (u'34.230.223.87', 37338, []),
 u'obfs4': (u'34.230.223.87', 37341, [
     (u'iat-mode=0,'
      u'node-id=2a79f14120945873482b7823caabe2fcde848722,'
      u'public-key=0a5b046d07f6f971b7776de682f57c5b9cdc8fa060db7ef59de82e721c8098f4')]),
 u'scramblesuit': (u'34.230.223.87', 37340, [
     u'password=ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'])}

This method will initialise this class from the dictionary key (methodname) and its tuple of values (kitchenSink).

Parameters:

• fingerprint (str) – The uppercased, hexadecimal fingerprint of the identity key of the parent bridge running this pluggable transport.
• methodname (str) – The methodname of this Pluggable Transport.
• kitchenSink (tuple) – Everything else that was on the transport line in the bridge’s extrainfo descriptor, which Stem puts into the 3-tuples shown in the example above.

class BridgeBase

Bases: bridgedb.bridges.BridgeAddressBase

The base class for all bridge implementations.

nickname

Get this Bridge’s nickname.

Return type:str Returns:The Bridge’s nickname.

orPort

Get this bridge’s ORPort.

Return type:int Returns:This Bridge’s default ORPort.

class BridgeBackwardsCompatibility(nickname=None, ip=None, orport=None, fingerprint=None, id_digest=None, or_addresses=None)

Bases: bridgedb.bridges.BridgeBase

Backwards compatibility methods for the old Bridge class.

Create a Bridge which is backwards compatible with the legacy Bridge class implementation.

_backwardsCompatible(nickname=None, address=None, orPort=None, fingerprint=None, idDigest=None, orAddresses=None)

Functionality for maintaining backwards compatibility with the older version of this class (see bridgedb.test.deprecated.Bridge).

getID()

Get the binary encoded form of this Bridge‘s fingerprint.

This method is provided for backwards compatibility and should not be relied upon.

setDescriptorDigest(digest)

Set this Bridge‘s server-descriptor digest.

This method is provided for backwards compatibility and should not be relied upon.

setExtraInfoDigest(digest)

Set this Bridge‘s extrainfo digest.

This method is provided for backwards compatibility and should not be relied upon.

setStatus(running=None, stable=None)

Set this Bridge‘s “Running” and “Stable” flags.

This method is provided for backwards compatibility and should not be relied upon.

getConfigLine(includeFingerprint=False, addressClass=None, request=None, transport=None)

Get a vanilla bridge line for this Bridge.

This method is provided for backwards compatibility and should not be relied upon.

The old bridgedb.Bridges.Bridge.getConfigLine() method didn’t know about BridgeRequestBase for getBridgeLine(). The default parameters are the same as they were in the old bridgedb.Bridges.Bridge class.

Parameters:

• includeFingerprint (bool) – If True, include the fingerprint of this Bridge in the returned bridge line.
• addressClass (ipaddr.IPv4Address or ipaddr.IPv6Address.) – Type of address to choose.
• request (str) – A string (somewhat) unique to this request, e.g. email-address or HTTPSDistributor.getSubnet(ip). In this case, this is not a BridgeRequestBase (as might be expected) but the equivalent of bridgerequest.BridgeRequestBase.client.
• transport (str) – A pluggable transport method name.

familiar

A bridge is “familiar” if 1/8 of all active bridges have appeared more recently than it, or if it has been around for a Weighted Time of eight days.

wfu

Weighted Fractional Uptime

weightedTime

Weighted Time

wmtbac

Weighted Mean Time Between Address Change

tosa

The Time On Same Address (TOSA)

weightedUptime

Weighted Uptime

class Bridge(*args, **kwargs)

Bases: bridgedb.bridges.BridgeBackwardsCompatibility

A single bridge, and all the information we have for it.

Variables:

• fingerprint (str or None) – This Bridge‘s fingerprint, in lowercased hexadecimal format.
• nickname (str or None) – This Bridge‘s router nickname.
• socksPort (int) – This Bridge‘s SOCKSPort. Should always be 0.
• dirPort (int) – This Bridge‘s DirPort. Should always be 0.
• orAddresses (list) –

  A list of 3-tuples in the form:

  (ADDRESS, PORT, IP_VERSION)
  

  where:

  • ADDRESS is an ipaddr.IPAddress,
  • PORT is an int,
  • IP_VERSION is either 4 or 6.

• transports (list) – A list of PluggableTransport, one for each transport that this Bridge currently supports.
• flags (Flags) – All flags assigned by the BridgeAuthority to this Bridge.
• hibernating (bool) – True if this Bridge is hibernating and not currently serving clients (e.g. if the Bridge hit its configured RelayBandwidthLimit); False otherwise.
• _blockedIn (dict) – A dictionary of ADDRESS:PORT pairs to lists of lowercased, two-letter country codes (e.g. "us", "gb", "cn", etc.) which that ADDRESS:PORT pair is blocked in.
• contact (str or None) – The contact information for the this Bridge’s operator.
• family (Set displays or None) – The fingerprints of other Bridges related to this one.
• platform (str or None) – The platform line taken from the @type bridge-server-descriptor, e.g. 'Tor 0.2.5.4-alpha on Linux'.
• software (stem.version.Version or None) – The OR version portion of the platform line.
• os (str or None) – The OS portion of the platform line.

Create and store information for a new Bridge.

_checkServerDescriptorSignature = True

(bool) If True, check that the signature of the bridge’s @type bridge-server-descriptor is valid and that the signature was created with the signing-key contained in that descriptor.

descriptorDigest = None

The hash digest of this bridge’s @type bridge-server-descriptor, as signed (but not including the signature). This is found in the ‘r’-line of this bridge’s @type bride-networkstatus document, however it is stored here re-encoded from base64 into hexadecimal, and converted to uppercase.

_checkServerDescriptor(descriptor)

_constructBridgeLine(addrport, includeFingerprint=True, bridgePrefix=False)

Construct a Bridge Line from an (address, port) tuple.

Parameters:

• addrport (tuple) – A 3-tuple of (address, port, ipversion) where address is a string, port is an integer, and ipversion is a integer (4 or 6).
• includeFingerprint (bool) – If True, include the fingerprint of this Bridge in the returned bridge line.
• bridgePrefix (bool) – if True, prefix the Bridge Line with 'Bridge '.

Return type:

string

Returns:

A bridge line suitable for adding into a torrc file or Tor Launcher.

classmethod _getBlockKey(address, port)

Format an address:port pair appropriately for use as a key in the _blockedIn dictionary.

Parameters:

• address – An IP address of this Bridge or one of its transports.
• port – A port.

Return type:

str

Returns:

A string in the form "ADDRESS:PORT" for IPv4 addresses, and "[ADDRESS]:PORT for IPv6.

_getTransportForRequest(bridgeRequest)

If a transport was requested, return the correlated Bridge Line based upon the client identifier in the bridgeRequest.

Warning

If this bridge doesn’t have any of the requested pluggable transport type (optionally, not blocked in whichever countries the user doesn’t want their bridges to be blocked in), then this method returns None. This should only happen rarely, because the bridges are filtered into the client’s hashring based on the bridgeRequest options.

Parameters:bridgeRequest (bridgedb.bridgerequest.BridgeRequestBase) – A BridgeRequest which stores all of the client-specified options for which type of bridge they want to receive. Raises PluggableTransportUnavailable:  if this bridge doesn’t have any of the requested pluggable transport type. This shouldn’t happen because the bridges are filtered into the client’s hashring based on the bridgeRequest options, however, this is useful in the unlikely event that it does happen, so that the calling function can fetch an additional bridge from the hashring as recompense for what would’ve otherwise been a missing Bridge Line. Return type:str or None Returns:If no transports were requested, return None, otherwise return a Bridge Line for the requested pluggable transport type.

_getVanillaForRequest(bridgeRequest)

If vanilla bridges were requested, return the assigned Bridge Line based upon the client identifier in the bridgeRequest.

Parameters:bridgeRequest (bridgedb.bridgerequest.BridgeRequestBase) – A BridgeRequest which stores all of the client-specified options for which type of bridge they want to receive. Return type:str or None Returns:If no transports were requested, return None, otherwise return a Bridge Line for the requested pluggable transport type.

_updateORAddresses(orAddresses)

Update this Bridge‘s orAddresses attribute from a 3-tuple (i.e. as Stem creates when parsing descriptors).

Parameters:orAddresses (tuple) – A 3-tuple of: an IP address, a port number, and a boolean (False if IPv4, True if IPv6). Raises FutureWarning:  if any IPv4 addresses are found. As of tor-0.2.5, only IPv6 addresses should be found in a descriptor’s ORAddress line.

allVanillaAddresses

Get all valid, non-PT address:port pairs for this bridge.

Return type:list Returns:All of this bridge’s ORAddresses, as well as its ORPort IP address and port.

assertOK()

Perform some additional validation on this bridge’s info.

We require that:

1. Any IP addresses contained in orAddresses are valid, according to isValidIP().
2. Any ports in orAddresses are between 1 and 65535 (inclusive).
3. All IP version numbers given in orAddresses are either 4 or 6.

Todo

This should probably be reimplemented as a property that automatically sanitises the values for each ORAddress, as is done for bridgedb.bridges.BridgeAddressBase.address and bridgedb.bridges.BridgeBase.orPort.

Raises MalformedBridgeInfo:  if something was found to be malformed or invalid.

getBridgeLine(bridgeRequest, includeFingerprint=True, bridgePrefix=False)

Return a valid Bridge Line for a client to give to Tor Launcher or paste directly into their torrc.

This is a helper method to call either _getTransportForRequest() or _getVanillaForRequest() depending on whether or not a PluggableTransport was requested in the bridgeRequest, and then construct the Bridge Line accordingly.

Parameters:

• bridgeRequest (bridgedb.bridgerequest.BridgeRequestBase) – A BridgeRequest which stores all of the client-specified options for which type of bridge they want to receive.
• includeFingerprint (bool) – If True, include the fingerprint of this Bridge in the returned bridge line.
• bridgePrefix (bool) – if True, prefix the Bridge Line with 'Bridge '.

_addBlockByKey(key, countryCode)

Create or append to the list of blocked countries for a key.

Parameters:

• key (str) – The key to lookup in the Bridge._blockedIn dictionary. This should be in the form returned by _getBlockKey().
• countryCode (str) – A two-character country code specifier.

addressIsBlockedIn(countryCode, address, port)

Determine if a specific (address, port) tuple is blocked in countryCode.

Parameters:

• countryCode (str) – A two-character country code specifier.
• address (str) – An IP address (presumedly one used by this bridge).
• port (int) – A port.

Return type:

bool

Returns:

True if the address:port pair is blocked in countryCode, False otherwise.

transportIsBlockedIn(countryCode, methodname)

Determine if any of a specific type of pluggable transport which this bridge might be running is blocked in a specific country.

Parameters:

• countryCode (str) – A two-character country code specifier.
• methodname (str) – The type of pluggable transport to check, i.e. 'obfs3'.

Return type:

bool

Returns:

True if any address:port pair which this bridge is running a PluggableTransport on is blocked in countryCode, False otherwise.

isBlockedIn(countryCode)

Determine, according to our stored bridge reachability reports, if any of the address:port pairs used by this Bridge or it’s transports are blocked in countryCode.

Parameters:countryCode (str) – A two-character country code specifier. Return type:bool Returns:True if at least one address:port pair used by this bridge is blocked in countryCode; False otherwise.

setBlockedIn(countryCode, address=None, port=None, methodname=None)

Mark this Bridge as being blocked in countryCode.

By default, if called with no parameters other than a countryCode, we’ll mark all this Bridge‘s allVanillaAddresses and transports as being blocked.

Otherwise, we’ll filter on any and all parameters given.

If only a methodname is given, then we assume that all transports with that methodname are blocked in countryCode. If the methodname is "vanilla", then we assume each address in data:allVanillaAddresses is blocked.

Parameters:

• countryCode (str) – A two-character country code specifier.
• address – An IP address of this Bridge or one of its transports.
• port – A specific port that is blocked, if available. If the port is None, then any address this Bridge or its :class:`PluggableTransport`s has that matches the given address will be marked as block, regardless of its port. This parameter is ignored unless an address is given.
• methodname (str) – A PluggableTransport.methodname to match. Any remaining PluggableTransport`s from :data:`transports which matched the other parameters and now also match this methodname will be marked as being blocked in countryCode.

getDescriptorLastPublished()

Get the timestamp for when this bridge’s last known server descriptor was published.

Return type::type:`datetime.datetime` or None Returns:A datetime object representing the timestamp of when the last known @type bridge-server-descriptor was published, or None if we have never seen a server descriptor for this bridge.

getExtrainfoLastPublished()

Get the timestamp for when this bridge’s last known extrainfo descriptor was published.

Return type::type:`datetime.datetime` or None Returns:A datetime object representing the timestamp of when the last known @type bridge-extrainfo descriptor was published, or None if we have never seen an extrainfo descriptor for this bridge.

getNetworkstatusLastPublished()

Get the timestamp for when this bridge’s last known networkstatus descriptor was published.

Return type::type:`datetime.datetime` or None Returns:A datetime object representing the timestamp of when the last known @type networkstatus-bridge document was published, or None if we have never seen a networkstatus document for this bridge.

supportedTransportTypes

A deduplicated list of all the :data:`PluggableTranport.methodname`s which this bridge supports.

updateFromNetworkStatus(descriptor, ignoreNetworkstatus=False)

Update this bridge’s attributes from a parsed networkstatus document.

Parameters:

• descriptor (stem.descriptors.router_status_entry.RouterStatusEntry) – The networkstatus document for this bridge.
• ignoreNetworkstatus (bool) – If True, then ignore most of the information in the networkstatus document.

updateFromServerDescriptor(descriptor, ignoreNetworkstatus=False)

Update this bridge’s info from an @type bridge-server-descriptor.

Note

If parseServerDescriptorFile() is called with validate=True, then Stem will handle checking that the signing-key hashes to the fingerprint. Stem will also check that the router-signature on the descriptor is valid, was created with the signing-key, and is a signature of the correct digest of the descriptor document (it recalculates the digest for the descriptor to ensure that the signed one and the actual digest match).

Parameters:descriptor (stem.descriptor.server_descriptor.RelayDescriptor) – The bridge’s server descriptor to gather data from. Raises MalformedBridgeInfo:  If this Bridge has no corresponding networkstatus entry, or its descriptor digest didn’t match the expected digest (from the networkstatus entry).

_verifyExtraInfoSignature(descriptor)

Verify the signature on the contents of this Bridge‘s @type bridge-extrainfo descriptor.

Parameters:descriptor (stem.descriptor.extrainfo_descriptor.RelayExtraInfoDescriptor) – An @type bridge-extrainfo descriptor for this Bridge, parsed with Stem. Raises InvalidExtraInfoSignature:  if the signature was invalid, missing, malformed, or couldn’t be verified successfully. Returns:None if the signature was valid and verifiable.

updateFromExtraInfoDescriptor(descriptor, verify=True)

Update this bridge’s information from an extrainfo descriptor.

Stem’s stem.descriptor.extrainfo_descriptor.BridgeExtraInfoDescriptor parses extrainfo transport lines into a dictionary with the following structure:

{u'obfs2': (u'34.230.223.87', 37339, []),
 u'obfs3': (u'34.230.223.87', 37338, []),
 u'obfs4': (u'34.230.223.87', 37341, [
     (u'iat-mode=0,'
      u'node-id=2a79f14120945873482b7823caabe2fcde848722,'
      u'public-key=0a5b046d07f6f971b7776de682f57c5b9cdc8fa060db7ef59de82e721c8098f4')]),
 u'scramblesuit': (u'34.230.223.87', 37340, [
     u'password=ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'])}

Todo

The transport attribute of Stem’s BridgeExtraInfoDescriptor class is a dictionary that uses the Pluggable Transport’s type as the keys… meaning that if a bridge were to offer four instances of obfs3, only one of them would get to us through Stem. This might pose a problem someday.

Parameters:

• descriptor (stem.descriptor.extrainfo_descriptor.BridgeExtraInfoDescriptor) – DOCDOC
• verify (bool) – If True, check that the router-signature on the extrainfo descriptor is a valid signature from signingkey.