[tor-bugs] #29347 [Obfuscation/meek]: Rewrite meek-http-helper as a WebExtension
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 19 18:26:23 UTC 2019
#29347: Rewrite meek-http-helper as a WebExtension
------------------------------+--------------------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: assigned
Priority: Medium | Milestone:
Component: Obfuscation/meek | Version:
Severity: Normal | Resolution:
Keywords: webextension | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+--------------------------
Comment (by dcf):
I want to mention an alternative architecture, in case the native
messaging aspect turns out to be too awkward to deal with.
Fundamentally we need some kind of channel between meek-client and the
browser, so that meek-client can send encoded HTTP requests to the
browser, and the browser can send back encoded HTTP responses. With the
old XPCOM extension, that channel was an `nsiServerSocket` that the
extension opened itself. In the WebExtension Ihave been working on so far,
with native messaging, the channel is a socket opened by the native shim,
plus the stdio channel provided by the WebExtension API.
An alternative is to have meek-client run a local web server, and the
browser communicate with it by making local HTTP or WebSocket requests.
Let's say WebSocket, that's a little easier to explain. meek-client starts
a WebSocket server. The browser extension establishes a connection to the
server. They then exchange serialized requests and responses.
The thing that starts the local web server doesn't have to be meek-client
itself; it could be a separate process. It could be part of meek-client-
torbrowser. The important difference is that the separate process would
not be a child of firefox. Compare with the diagram in comment:5:
{{{
tor
└─meek-client-torbrowser
├─meek-client-webserver (opens a WebSocket socket on port YYYY, and a
helper server on port XXXX)
├─firefox --headless (connects over WebSocket to 127.0.0.1:YYYY)
└─meek-client --helper 127.0.0.1:XXXX
}}}
The communications channel would be (keeping in mind that there are other
options, like combining meek-client and meek-client-webserver):
{{{
[meek-client] <-- helper protocol --> :XXXX [meek-client-webserver] :YYYY
<-- WebSocket --> [firefox]
}}}
One difficulty is how to inform the browser extension of the local web
server's port number. Before the whole communications channel is set up,
there are limited ways to get information into the browser extension. I
don't think you can even read environment variables from a browser
extension. One option is of course to run the web server on a consistent
port, but then you have to deal with the case that the port number is
already in use.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29347#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list