[tor-bugs] #9013 [BridgeDB]: BridgeDB should pass pluggable transport shared-secrets to clients

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Aug 17 15:22:14 UTC 2013 

#9013: BridgeDB should pass pluggable transport shared-secrets to clients
----------------------+-----------------------------------------------------
 Reporter:  asn       |          Owner:  isis    
     Type:  defect    |         Status:  assigned
 Priority:  normal    |      Milestone:          
Component:  BridgeDB  |        Version:          
 Keywords:  pt        |         Parent:          
   Points:            |   Actualpoints:          
----------------------+-----------------------------------------------------
Changes (by isis):

  * owner:  => isis
  * status:  new => assigned


Comment:

 Okay, I read over 642ea61bda70f2dafbd89e27aa91a5d452888358 in
 [https://gitweb.torproject.org/user/asn/tor.git/shortlog/refs/heads/bug8978
 asn's bug8978 branch]. It's just an unlimited number of unsanitised
 `key=value` pairs.

 From #9445:
 > The `[arglist]` portion of an <strikethough>extra-info</strikethrough>
 descriptor `transport` string is somewhat problematic, with
 [https://gitweb.torproject.org/torspec.git/commit/a01bb8e8e285d644c2e59c0ea788e45bf37470f4
 the current way that it is specified] -- though it does make sense to be
 spec'd this way. Basically, '''tor does no sanitisation of the `transport`
 line `[arglist]`''' for a pluggable transport sending args, because it is
 within the treat model to assume that the transport is a trusted
 application.
 >
 >However, '''this puts all the responsibility of parsing on BridgeDB'''.
 Which is also fine, and much more doable in Python than in C...it's just
 that '''writers of pluggable transports which they would like to see
 deployed need to create a spec, and need to create a ticket for BridgeDB
 that points to the spec and says exactly what BridgeDB should parse
 for.'''

 Another minor source of confusion, in little-t tor, the `[arglist]` is
 carried around as a comma-separated string, whereas in the actual bridge
 extra-info descriptors it seems to be space-separated like this:
 {{{
 transport obfs3 11.22.33.44:443 [exec /usr/local/bin/obfsproxy managed]
 }}}
 and so it's not actually following the `[arglist]`
 [https://gitweb.torproject.org/user/asn/torspec.git/commitdiff/27eaaaeaa79d800f81643d0c4333a6906e673db3
 specification]. If I understood that spec correctly, it should be like
 this:
 {{{
 transport obfs3 11.22.33.44:443
 [ARGS:exec=/usr/local/bin/obfsproxy,runtime=managed]
 }}}
 or something.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9013#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list