[tor-bugs] #12125 [Pluggable transport]: Proposal 232 (TOR_PT_PROXY) support for goptlib

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun May 25 19:37:02 UTC 2014 

#12125: Proposal 232 (TOR_PT_PROXY) support for goptlib
-------------------------------------+--------------------------
     Reporter:  dcf                  |      Owner:  dcf
         Type:  project              |     Status:  needs_review
     Priority:  normal               |  Milestone:
    Component:  Pluggable transport  |    Version:
   Resolution:                       |   Keywords:  goptlib
Actual Points:                       |  Parent ID:
       Points:                       |
-------------------------------------+--------------------------

Comment (by dcf):

 Replying to [comment:4 yawning]:
 > The proposal also says that the pluggable transports should connect to
 the proxy before `PROXY DONE`ing, which implies that validation is done at
 config time, but none of the existing implementations actually do the
 "connect before reporting" thing (IIRC I discussed this with asn when
 writing the patch and we came to the conclusion that just validating would
 be better because opening network connections on startup that aren't used
 is rude, and possibly identifiable behaviour).  This should be changed in
 the proposal.

 I agree completely. It's a bug in the proposal. I've been ignoring that
 part, on the assumption that it will get changed.

 > >
 [https://github.com/Yawning/obfs4/blob/c05a7a2e34dc832f192beaeee43931d13778dbe2/obfs4proxy/pt_extras.go#L144
 validateAddrStr] appears to allow only IP addresses, not host names. I
 guess prop 232 isn't clear whether host names need to be supported. I
 assumed they should be, without thinking about it. (The use case I'm
 thinking of is like a corporate proxy-only network, where you set your
 proxy to "!http://proxy.megacorp.example.com:8000/". I was also doing
 tests locally with "localhost".) I suppose this should be clarified in the
 proposal.
 >
 > This should be clarified in the proposal, yes.  For what it's worth, as
 it stands now, the code will always pass an IP address in the URI because
 tor does a `tor_addr_port_lookup` on each of the variables when parsing
 the config file (the URI format does say `ip`).  Allowing FQDNs would be
 more robust to changes on the tor side of the equation, but I am uncertain
 as to if this will change any time in the foreseeable future.

 Good to know, thanks.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12125#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list