[tor-bugs] #8979 [pyobfsproxy]: obfsproxy: Use server-side transport parameters
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 7 18:18:46 UTC 2013
#8979: obfsproxy: Use server-side transport parameters
-------------------------+--------------------------------------------------
Reporter: asn | Owner: asn
Type: task | Status: new
Priority: normal | Milestone:
Component: pyobfsproxy | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by phw):
asn and I just discussed this in #tor-dev. In principle, there are two
options:
1. We can just blindly pass all transport parameters to BridgeDB. This
would be the easiest solution. If pluggable transports expect "secret"
information which BridgeDB should not know (such as directory paths), then
the transports could provide a dedicated config file rather than let this
information pass through Tor/pyptlib/obfsproxy. Note that right now we
don't have a transport which wants secret information.
1. Instead of blindly forwarding parameters to BridgeDB, we could
sanitize them first and remove "secret" parameters. There are two ways how
this could be done:
1. pyptlib could forward the parameters to the pluggable transport
which then tells pyptlib which parameters are safe to publish. This would
probably require nontrivial changes to pyptlib/obfsproxy.
1. The "Bridge" line in the torrc could somehow encode which parameters
are safe to publish and which are not. This would requiring changing
[https://trac.torproject.org/projects/tor/ticket/8929 #8929] but could be
easier to implement than the first option.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8979#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list