[tor-dev] Pluggable Transport through SOCKS proxy
Arturo Filastò
hellais at torproject.org
Wed Feb 29 00:12:53 UTC 2012
Following up on the discussion at the Tor dev meeting with Nick this
is the proposal for the Pluggable Transport through SOCKS proxies.
You can also find it committed on github:
https://github.com/hellais/torspec/commit/f0a89c8ded1971199fec6ffd0fe7e40562274ced
Filename: xxx-pluggable-transports-through-proxy.txt
Title: Pluggable Transport through SOCKS proxy
Author: Arturo Filastò
Created: 28 February 2012
Status: Draft
Overview
Tor introduced Pluggable Transports in proposal 180 Pluggable Transports
for circumvention.
The problem is that Tor currently cannot use a Pluggable Transport proxy
and a SOCKS proxy at the same time. This has been noticed by users in
#5195, where Tor would be failing saying "Unacceptable option value:
You have configured more than one proxy type".
Trivia
This comes from a discussion that came up with Nick and I promised
to write a proposal for it if I wanted to hear what he had to say.
Nick spoke and I am writing this proposal.
Acknowledgements
Most of the credit goes to Nick Mathewson for the main idea and
the rest of it goes to George Kadianakis for helping me out in writing
it.
Motivation
After looking at some options we decided to go for this solution solution
since it guarantees backwards compatibility and is not particularly
costly to implement.
Design overview
When Tor is configured to use both a Pluggable Transport proxy and SOCKS
proxy it should delegate the proxying to the pluggable transport proxy.
This can be achieved by setting the environment variables for the SOCKS
proxy to that specified inside of the torrc.
When the pluggable transport proxy starts it will first read the environment
variables and if it detects that it should be using a SOCKS proxy make
all it's traffic go through it. Once the pluggable transport proxy has successfully
established a connection to the SOCKS proxy it should notify Tor of it's
success or failure.
When both the SOCKS and the PluggableTransport directives are set Tor
should set the environemnt variable start the pluggabletransport proxy and wait
for it to report back on the SOCKS proxy status. If the pluggable transport
reports back a failure or it does not report back at all (maybe because
it is an outdated version), Tor should notify the user of the failure
and exit with an error.
The environment variables can also contain the credentials for accessing
the proxy.
Specifications: Tor Pluggable Transport communication
When Tor detects a SOCKS proxy directive and a Pluggable Transport
proxy directive it sets the environment variable:
"TOR_PT_PROXY" -- This is the address of the proxy to be used by
the pluggable transport proxy. It is in the format:
<proxy_type>://<user_name?>:<password?>@<ip>:<port>
ex. socks5://tor:test1234 at 198.51.100.1:8000
socks4a://198.51.100.2:8001
If the pluggable transport proxy detects that the TOR_PT_PROXY environment
variable is set it attempts connecting to it. On successs it will
write to stdout (as specified in 180-pluggable-transport.txt)
PROXY true. On failure it should write PROXY-ERROR <errormessage>.
If Tor does not read any PROXY line or it reads a PROXY-ERROR line
and it is configured to use both SOCKS and PluggableTransport it should
exit with error.
More information about the tor-dev
mailing list