[tor-dev] Stream Isolation

Traumschule traumschuleriebau at riseup.net
Fri Oct 26 23:09:07 UTC 2018 

Hi,

without checking the list archive,

On Fri, 26 Oct 2018 16:42:16 +0330
sarpedon montecarlo <sarpedon000 at gmail.com> wrote:

> My problem here, is that I am handling the routing and stream
> attaching all by myself and I can not use the provided
> IsolateSocksStream option because I am handling the circuit
> generation by myself because of the specific policies I am using for
> generating circuits, and their related paths. So if I am facing a
> bunch of streams, and I have a bunch of circuits myself, How am I
> going to detect that Stream A is from tab A of TBB and Stream B is
> from tab B of TBB, so I attach stream A to circuit A, and attach
> stream B to circuit B. Thanks in advance.

It sounds like you looked at the code already, so excuse me if this
doesn't help too much. You could use authentication like here:
http://jqs44zhtxl2uo6gk.onion/torbutton.git/tree/src/components/domain-isolator.js#n128
https://gitweb.torproject.org/torbutton.git/tree/src/components/domain-isolator.js#n128

Stem is another option to control circuits using circuit IDs:
http://vt5hknv6sblkgf22.onion/api/control.html#stem.control.Controller.new_circuit
https://stem.torproject.org/api/control.html#stem.control.Controller.new_circuit

Tails implements stream isolation by using a different SocksPort per
application (the document is slightly outdated, #3455 is fixed already):
https://tails.boum.org/contribute/design/stream_isolation/

More developer info can be found here:
https://kkkkkkkkkk63ava6.onion.si/wiki/Stream_Isolation#Information
https://tor.stackexchange.com/questions/10559/whats-the-best-way-to-isolate-applications-as-they-enter-the-tor-network

Hope that helps!

-- 
traumschule.org

gpg fingerprint:
9356 4DED 8546 8D9A C290  3605 12EE 7D70 7111 2056

/otr info
OTR: traumschule at irc.indymedia.org fingerprint:
OTR: 35AACA83 4564616C B6EBEC66 56B6B2FC C8D572F1
OTR: traumschule at irc.oftc.net fingerprint:
OTR: D1CCD207 B60C1866 56A975AE ACE090E9 45E90846
OTR: traumschule at chat.freenode.net fingerprint:
OTR: 51BF8BB9 434840CC 24F264BC 76450C27 A6AADB12

More information about the tor-dev mailing list