[tor-bugs] #29207 [Circumvention/Snowflake]: New design for broker -- proxy protocol for snowflakes
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 28 18:38:50 UTC 2019
#29207: New design for broker -- proxy protocol for snowflakes
-------------------------------------------------+-------------------------
Reporter: cohosh | Owner: cohosh
Type: enhancement | Status:
| assigned
Priority: High | Milestone:
Component: Circumvention/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: snowflake, design, ex-sponsor-19, | Actual Points:
anti-censorship-roadmap |
Parent ID: | Points: 5
Reviewer: | Sponsor:
| Sponsor28-must
-------------------------------------------------+-------------------------
Comment (by cohosh):
=== Summary of how things work now ===
Note: see [https://github.com/ahf/snowflake-
notes/blob/master/Broker.markdown Broker.markdown] for documentation of
the Snowflake broker. This is a more specific proxy-focused break down of
the messages sent.
==== Proxy Poll ====
The proxy sends
{{{
POST [broker URL] HTTP [version]
X-Session-ID: [session id]
[session id]
}}}
and the broker confirms that the session id given in the header matches
that given in the body.
The broker then responds with one of three messages:
- If the session ID in the header did not match the session ID in the
body, it sends:
{{{
HTTP 400 Bad Request
}}}
- If there is a client matched to the proxy, it sends:
{{{
HTTP 200 OK
{
type: offer
sdp: [WebRTC SDP]
}
}}}
where the HTTP response body is a serialized WebRTC Session description
offer
- If there are no clients matched the proxy, it sends:
{{{
HTTP 504 Gateway Timeout
}}}
==== Proxy Answers ====
The proxy sends
{{{
POST [broker URL] HTTP[version]
X-Session-ID: [session id]
{
type: answer
sdp: [WebRTC SDP]
}
}}}
where the HTTP response body is a serialized WebRTC Session description
answer.
The broker then uses the provided session ID to match this answer with the
correct snowflake and provides one of three responses:
- If the proxy took too long to respond, it sends:
{{{
HTTP 410 Gone
}}}
- If the body of the POST request was empty or surpassed the read limit,
it sends:
{{{
HTTP 400 Bad Request
}}}
- If the answer was sent to the client, it sends:
{{{
HTTP 200 OK
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29207#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list