[tor-bugs] #29207 [Circumvention/Snowflake]: New design for broker -- proxy protocol for snowflakes

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Aug 28 18:38:50 UTC 2019


#29207: New design for broker -- proxy protocol for snowflakes
-------------------------------------------------+-------------------------
 Reporter:  cohosh                               |          Owner:  cohosh
     Type:  enhancement                          |         Status:
                                                 |  assigned
 Priority:  High                                 |      Milestone:
Component:  Circumvention/Snowflake              |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  snowflake, design, ex-sponsor-19,    |  Actual Points:
  anti-censorship-roadmap                        |
Parent ID:                                       |         Points:  5
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor28-must
-------------------------------------------------+-------------------------

Comment (by cohosh):

 === Summary of how things work now ===

 Note: see [https://github.com/ahf/snowflake-
 notes/blob/master/Broker.markdown Broker.markdown] for documentation of
 the Snowflake broker. This is a more specific proxy-focused break down of
 the messages sent.

 ==== Proxy Poll ====
 The proxy sends
 {{{
 POST [broker URL] HTTP [version]
 X-Session-ID: [session id]

 [session id]
 }}}
 and the broker confirms that the session id given in the header matches
 that given in the body.

 The broker then responds with one of three messages:
 - If the session ID in the header did not match the session ID in the
 body, it sends:
 {{{
  HTTP 400 Bad Request
 }}}
 - If there is a client matched to the proxy, it sends:
 {{{
  HTTP 200 OK

 {
     type: offer
     sdp: [WebRTC SDP]

 }

 }}}
 where the HTTP response body is a serialized WebRTC Session description
 offer
 - If there are no clients matched the proxy, it sends:
 {{{
  HTTP 504 Gateway Timeout
 }}}
 ==== Proxy Answers ====
 The proxy sends
 {{{
 POST [broker URL] HTTP[version]
 X-Session-ID: [session id]

 {
     type: answer
     sdp: [WebRTC SDP]
 }
 }}}
 where the HTTP response body is a serialized WebRTC Session description
 answer.

 The broker then uses the provided session ID to match this answer with the
 correct snowflake and provides one of three responses:
 - If the proxy took too long to respond, it sends:
 {{{
  HTTP 410 Gone
 }}}
 - If the body of the POST request was empty or surpassed the read limit,
 it sends:
 {{{
  HTTP 400 Bad Request
 }}}
 - If the answer was sent to the client, it sends:
 {{{
  HTTP 200 OK
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29207#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list