[tor-bugs] #2760 [Tor Client]: Proof of concept transport plugin: superencryption

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Mar 15 10:03:35 UTC 2011


#2760: Proof of concept transport plugin: superencryption
------------------------+---------------------------------------------------
 Reporter:  arma        |          Owner:                     
     Type:  task        |         Status:  new                
 Priority:  major       |      Milestone:  Deliverable-May2011
Component:  Tor Client  |        Version:                     
 Keywords:              |         Parent:                     
   Points:              |   Actualpoints:                     
------------------------+---------------------------------------------------

Comment(by asn):

 Hey,

 obfsproxy, as a project, is basically two products atm:
 a) the SOCKS proxy
 b) an implementation of brl's OpenSSH obfuscation [1], which will be
 used on the Tor TLS handshake.

 The status is the following:
 * SOCKS proxy:
 - Most of the SOCKS code is done. You are basically getting a
 functional SOCKS proxy if you pull the repo atm. But:
 - On the unit tests side, there are unit tests for the SOCKS5/IPv4
 part, but we still miss SOCKS4 and IPv6 ones. nickm said that I can
 call it his task. We also miss a couple of obfsproxy internal unit
 tests [2].

 * OpenSSH obfuscation transport plugin:
 - It's code is ready. It's unit tests are ready. It also seems to work.

 * Tor side:
 - The Tor code that will allow the clients to handshake through the
 obfsproxy is not written. nickm told me that Tor can currently use
 SOCKS proxies, but I haven't had the time to check how and if it
 fits our use. We basically need Tor to pipe only it's
 TLS handshake into obfsproxy, no?

 * Others/Future:
 - The current network code of obfsproxy has brl's transport plugin
 hardcoded all over it. In the future (or now), we should abstract
 this so that obfsproxy is modular and can easily support more
 plugins. I've made an attempt to abstract it here: [3].
 obfsproxy can work alright without this as well - just with brl's
 plugin - but in the future we want it modular and compliant with
 /proposals/ideas/xxx-pluggable-transport.txt

 Basically, if we do the last unit tests, refactor/audit the code
 a bit and check the Tor side, I'd say it's shippable if it's urgent.

 By the way, I was really not aware of #2759 (or well, I was, but I
 didn't know it was actively developed) or #2468. I'll try to steal
 some time and check them out today.

 Personally, I'm in the middle of the exams period here, so I'm
 spending most of my time on the library studying boring stuff. I'll
 be able to actually get back to this next week.

 * passes the mic to nick *

 [1]: https://github.com/brl/obfuscated-openssh
 [2]: I had to check my notes for all these, so it might not be The
 Definite List Of Things Left Todo.
 [3]: http://gitorious.org/obfsproxy/obfsproxy/commits/generic
 I've thought of some minor improvements, but I need
 more thinking time on how to abstract this correctly,
 what operations should all the plugins have, when should they
 be called etc.
 All in all I haven't touch this for a while; I'm waiting for
 Nick's comments.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2760#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list