[tor-bugs] #7875 [Tor]: debian obfsproxies can't advertise ports under 1024
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jan 6 17:45:05 UTC 2013
#7875: debian obfsproxies can't advertise ports under 1024
------------------------+---------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor | Version:
Keywords: tor-bridge | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
We don't have (m)any obfsproxies running on port 443. That's a shame.
But if you're on debian and want to follow our instructions
(https://www.torproject.org/projects/obfsproxy-debian-instructions), even
if you know how to set up port forwarding, there's no way for your Tor to
advertise that your obfsproxy is listening on a low-numbered port.
One option is for Tor to launch obfsproxy as root before Tor drops privs,
and then obfsproxy binds its low-numbered port and then drops privs too.
That sounds awful.
Another option is to complexify ServerTransportListenAddr, or add a new
config option like it, so we can tell Tor what address to pretend
obfsproxy listens on. That sounds less awful but still not great.
Other options? It would be ideal if the Tor and obfsproxy debs could
somehow do this themselves, since an "add this line to your iptables"
component in our instructions places it out of reach of most users.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7875>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list