[tor-talk] x509 cert mismatch gmail badexit

grarpamp grarpamp at gmail.com
Thu Jan 19 02:43:38 UTC 2012


> If you get strange Google certs, please report them to me including the full
> PEM chain (openssl s_client -showcerts will output them.)

Yeah, x509 is no problem. Now if Tor would have a config
option to log just the socks_request that was made to the exit_node that
was used, that would make things easy. I'd log all my stuff because it's
immensely useful, especially with 'Tamper Data' and packet tools.

As it is now, either:
- hopping manually into the Tor console is too late because the data expired.
- we have to console log two things and trim a lot of fat to get the pairing.
usefeature extended_events
usefeature verbose_names
setevents circ
setevents stream
getinfo circuit-status
getinfo stream-status

Unless we're already watching the console, much easier to just newnym and
forget it. Something like 'LogReq2Exit <file|facility:level>' would be nice.


More information about the tor-talk mailing list