[tor-dev] Optimistic SOCKS Data

Tom Ritter tom at ritter.vg
Mon Aug 5 18:33:27 UTC 2019


On Tue, 2 Jul 2019 at 09:23, Tom Ritter <tom at ritter.vg> wrote:
> Or... something else?  Very interested in what David/asn think since
> they worked on #30382 ...

I never updated this thread after discussing with people on irc.

So the implementation of
SOCKS-error-code-for-an-Onion-Service-needs-auth implementation is
done. David (if I'm summarizing correctly) felt that the SOCKS Error
code approach may not be the best choice given our desire for
optimistic data; but felt it was up to the Tor Browser team to decide.

In the goal of something that works for 90%+ of use case today, the
rest later, I'll propose the following:

In little-t tor, detect if we're connecting to an onion site, and if
so do not early-report SOCKS connection.

Another ugly option is to early-report a successful SOCKS connection
even for onion sites, and if we later receive an auth request, send an
HTTP error code like 407 that we then detect over in the browser and
use to prompt the user. I don't like this because it is considerably
more work (I expect), horrible ugly layering violations, and I don't
think it will work for https://onion links.

-tom


More information about the tor-dev mailing list