[tor-dev] Optimistic SOCKS Data

Tom Ritter tom at ritter.vg
Tue Jul 2 14:23:58 UTC 2019


On Tue, 2 Jul 2019 at 13:42, Mark Smith <mcs at pearlcrescent.com> wrote:
>
> On 6/21/19 8:50 PM, Tom Ritter wrote:
> > The attached is a draft proposal for allowing tor to lie to an
> > application about the SOCKS connection enabling it to send data
> > optimistically.
> >
> > It's going to need some fleshing out in ways I am not familiar with,
> > but I wanted to get something out to start as we think that this is
> > probably the best path forward for bringing back Tor Browser's
> > optimistic SOCKS behavior.
>
> I am not sure what to do about it, but I think the approach you describe
> will break the method that Tor Browser just started to use to detect
> that an onion service requires client authentication (see
> https://trac.torproject.org/projects/tor/ticket/30000 and associated
> child tickets). The tldr is that we rely on receiving a new error code
> from the SOCKS connect request.

Hm, yes.

We could not use optimistic data for onions...

Or instead of using a SOCKs error code we could return a special type
of error (encapsulated in a HTTP response) recognizable by Tor
Browser. Something like "If the response to an onion request is status
code 407 Proxy Authentication Required (or 4xx whatever) then the
Browser should prompt for onion service client authentication and
retry the request with that."

Or... something else?  Very interested in what David/asn think since
they worked on #30382 ...

-tom


More information about the tor-dev mailing list