[tbb-bugs] #14389 [Core Tor/Tor]: little-t-tor: Provide support for better TBB UI of hidden service client authorization

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu May 9 09:17:13 UTC 2019


#14389: little-t-tor: Provide support for better TBB UI of hidden service client
authorization
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.2.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, tbb-usability, ux-team, hs-  |  Actual Points:
  auth                                           |
Parent ID:  #30000                               |         Points:  14-24
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------

Comment (by asn):

 Replying to [comment:52 mcs]:
 > We don't know the history of tor's use of SOCKS, but here is an idea:
 We could add a tor option that allowed a client to include an request
 identifier within the SOCKS5 password field (we would need to agree on a
 delimiter since we would need `IsolateSOCKSAuth` to ignore the request
 identifier). Then, when tor generates a control port messages that is
 associated with a specific SOCKS request, it would include the request
 identifier.

 Hey mcs and Kathy. I think the above seems plausible but I would need to
 lookup the code and SOCKS5 spec to see how this is done and whether we
 have enough space. As an alternative (to minimize added functionality)
 could we use the SOCKS username/password that is sent from TB to Tor in
 those control messages?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14389#comment:53>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list