[tor-bugs] #18628 [Obfuscation/Snowflake]: Devise some way for the browser proxy to forward metadata to the bridge before the OR data

Wed Sep 13 20:35:38 UTC 2017

#18628: Devise some way for the browser proxy to forward metadata to the bridge
before the OR data
-----------------------------------+--------------------------
 Reporter:  arlolra                |          Owner:  cmm323
     Type:  defect                 |         Status:  assigned
 Priority:  High                   |      Milestone:
Component:  Obfuscation/Snowflake  |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:                         |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+--------------------------

Comment (by dcf):

 Replying to [comment:12 cmm323]:
 > Replying to [comment:8 dcf]:
 > >
 > > In websocket:
 > >
 > > I'm thinking it would be better to make request a pointer; i.e.
 `request *http.Request`, `ws.request = req`, in order to avoid copying the
 struct. I'm not sure it's safe to shallow-copy a Request struct, which may
 contain other recursive structures.
 >
 > Done.

 Great, merged all the websocket changes to master here:
 https://gitweb.torproject.org/pluggable-
 transports/websocket.git/log/?id=e0bb5efd8d78d372711652ec061923debe7f5cb0

 ----

 > > In snowflake:
 > >
 > > I'm a little concerned about parsing the SDP in order to get the
 remote address. Ideally, of course, we'd find another way to do it, or use
 a proper library to parse the SDP. But in the meantime, I
 [https://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=bug18628&id=485538bcf00bd4ddaeb5f81dd05e3caaa89ffd6d
 pushed some tests] to cover some additional syntax options that I took
 from RFC 4566. Can you pull those changes and update the code so that all
 the tests pass with `go test`?
 >
 > Let me know if you feel like this is still needed.

 Yes, I think it's important. My worry is that if browsers change their SDP
 so that it is still within the spec but doesn't match what our code
 expects, we'll suddenly lose a lot of statistics without realizing it. I
 think the code doesn't need much more tweaking to make `go test` pass.

 Here's JS code that passes the same tests:
 https://gitweb.torproject.org/user/dcf/snowflake.git/tree/proxy/util.coffee?h=bug18628#n115

 ----

 The other changes in the snowflake branch look good. Please also
 merge/rebase with my commits at
 https://gitweb.torproject.org/user/dcf/snowflake.git/log/?h=bug18628
 (which include the tests for SDP parsing).
 {{{
 git remote add dcf https://git.torproject.org/user/dcf/snowflake.git
 git fetch dcf
 git merge dcf bug18628 # or rebase, deal with conflicts
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18628#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online