On Tue, May 05, 2020 at 08:05:36PM +0300, Eli Vakrat wrote:
As of writing this, I can send and receive the proper RELAY_BEGIN and RELAY_CONNECTED to and from my exit node, but I'm not quite sure what to do next...
Great. Now you have a socket open, and you talk to the remote server (e.g. webserver) over it. That is, you can pretend that you just opened that socket directly to the remote server. You put bytes into your RELAY DATA cells, and those bytes get sent to the remote server.
Do I just start sending RELAY_DATA cells (where the "data" of the cell is literally the encoded HTTP requests)?
Yes, almost. You make the data be whatever you want the other side to get. But now you need to understand what protocols the webserver thinks you'll speak, as you see below:
I've tried connecting to 'www.facebook.com:443' with the RELAY_BEGIN cells as a test (I do get a Relay Connected Cell so at least I know that part works).
www.facebook.com:443, also known as https://www.facebook.com/, will expect you to speak TLS to it. If you send it plaintext http requests, it will give you a tls error in response.
After getting back the RELAY_CONNECTED cell, I send a RELAY_DATA cell with the data of the cell being the following 'utf-8' encoded string:
- #######this is how i wrote the literal in python#### *
*'GET / HTTP/1.1\r\nHost: www.facebook.com http://www.facebook.com\r\nUser-Agent: python-requests/2.23.0\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nConnection: keep-alive\r\n\r\n\r\n'.encode() *
Yeah, you are trying to send http, when instead you should be starting your tls handshake.
What I get back is a short couple of bytes:
*\x15\x03\x03\x00\x02\x022*
I had no idea what this meant but after digging around a bit I found that this seems to be some part of the TLS handshake that is used in HTTPS.
That makes sense.
So now two questions arise:
- Is this a good TLS response? What does it mean exactly?
I haven't checked, but I assume it means "error, that thing you sent me was not the proper beginning of a tls handshake."
- Generally speaking, is this how the RELAY_DATA cells are supposed to be
sent and received?
Yes.
You might try sending your http text to www.facebook.com:80, which expects http without any tls.
At this point it sounds like your Tor is working, and your new question is "what's the right way to interact with a webserver?"
Hope this helps, --Roger