[tor-dev] How to integrate an external name resolver into Tor
Nick Mathewson
nickm at torproject.org
Tue Aug 2 13:37:53 UTC 2016
Hi, all!
I've seen a couple of emails from people looking into new ways to do
naming for onion services. That's great! Before anybody gets too
far, I'd like to send this quick note to let you know that integrating
stuff like this into Tor is actually easier than you think.
Here's how you do it, using a Tor controller. (See control-spec.txt
for protocol documentation. Also see one of the several friendly
libraries, like steam, that exist to interface with Tor over this
protocol.)
First, you set the Tor option "__LeaveStreamsUnattached". This tells
Tor that it shouldn't try to handle new client requests immediately,
but it should instead let the controller take responsibility.
In the controller, you make sure that you are watching STREAM events
so that you find out about new streams.
Whenever there's a new stream, you check its address. If the address
is one that you don't want to rewrite, you just call ATTACHSTREAM on
it, with a circuit ID of 0. (The 0 means "Tor, you figure out how to
attach this one.".
Otherwise, you do whatever magic dance you do in order to find out the
real address for the stream.
If the lookup operation is successful, you say "REDIRECTSTREAM (stream
ID) (new address". And then you ATTACHSTREAM as above.
If the lookup operation fails, you call "CLOSESTREAM (stream ID) 2".
(The 2 means "resolve failed".
And that's it for the Tor integration! All you need to do now is
figure out how the name lookup works.
cheers,
--
Nick
More information about the tor-dev
mailing list