[tor-dev] Help hacking Mumble
Matt
matt at pagan.io
Sun Feb 9 21:52:53 UTC 2014
On Fri, 07 Feb 2014 09:54:35 +0400
meejah <meejah at meejah.ca> wrote:
> What I would suggest:
>
> 1. change ConnectDialog so that it always uses not-yet-looked-up
> QHostAddresses (perhaps only if a proxy is enabled). This still
> won't help Tor, since they're sending UDP.
>
> 2. change Cert.cpp so it doesn't have to do a host-lookup. I sort-of
> asked in my other email, but does this actually gain anything?
> That is, does checking that the domain looks up "to something" really
> accomplish anything useful? If the answer is "yes", then more
> thinking; all I can think of is attempting a TCP/UDP connection
> (again, with a not-yet-looked-up QHostAddress) to the server in
> question (which will only work if there is a well-known port upon
> which it should be listening to be considered valid).
>
I haven't actually confirmed that there is a DNS leak here. I've been
focusing mostly on ConnectDialog, but mentioned Cert because it also
had DNS-related code that I hadn't spent as much time with.
> 3. suggest/document that Tor uses need to un-set the "show reachable"
> (Settings::ShowReachable) option so that a server doesn't need a
> valid ping-reply to show up in the list.
>
> Another option might be to factor out all the "ping" stuff to its own
> class and simply not instatiate/use it when ShowReachable is off (or
> have a separate option for pinging all the servers).
>
> Yet another different option might be to just have an option to turn
> off the pinging of servers, leaving open the Cert.cpp question (which
> one could also punt on by having an option). Then the game would be
> to get Tor users to have the right options enabled ;)
>
I tried to do something like this in my branch; optionally turning off
pings to Public and LAN servers was easy. Turning off pings to Favorite
servers seemed a little trickier, especially if they are still to
remain reachable.
Thanks for all the pointers. A C++ developer volunteered to take a
closer look at this issue. At this point, I think further discussion
would most useful for all parties if it moved onto the bug ticket:
https://github.com/mumble-voip/mumble/issues/1033
More information about the tor-dev
mailing list