subject:"Re\: \[tor\-bugs\] #26122 \[Obfuscation\/Censorship analysis\]\: obfs4proxy\: closeAfterDelay\(\) should to conform to obfs4 spec"

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

2018-05-17 Thread Tor Bug Tracker & Wiki

#26122: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec
-+-
 Reporter:  cypherpunks  |  Owner:  dcf
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by yawning):

 > As I read it, the patch is about an alternate (spec-compliant) behavior
 that may make active probing somewhat more expensive.

 It doesn't.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

2018-05-17 Thread Tor Bug Tracker & Wiki

#26122: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec
-+-
 Reporter:  cypherpunks  |  Owner:  dcf
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by dcf):

 Yawning, I think this ticket was badly phrased wrt spec compliance. Since
 you don't want to maintain obfs4proxy anymore, could we at least leave the
 ticket open for discussion? As I read it, the patch is about an alternate
 (spec-compliant) behavior that may make active probing somewhat more
 expensive.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

2018-05-17 Thread Tor Bug Tracker & Wiki

#26122: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec
-+-
 Reporter:  cypherpunks  |  Owner:  dcf
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:  wontfix
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by yawning):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 It does conform to the spec.

 The interval and threshold is randomized on a per-server instance basis.
 Exactly how this is implemented (and even then there is a difference
 between `SHOULD` and `MUST`) is deliberately left up to the
 implementation, and the altered behavior is also fairly distinctive.

 As a side note: I both recommended starting the development of something
 new, and the migration off obfs4 over a year ago.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

2018-05-17 Thread Tor Bug Tracker & Wiki

#26122: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec
-+-
 Reporter:  cypherpunks  |  Owner:  dcf
 Type:  defect   | Status:  new
 Priority:  Medium   |  Milestone:
Component:  Obfuscation/Censorship analysis  |Version:
 Severity:  Normal   | Resolution:
 Keywords:   |  Actual Points:
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Proposed fix:
 {{{
 -   // Consume and discard data on this connection until either the
 specified
 -   // interval passes or a certain size has been reached.
 -   discarded := 0
 -   var buf [framing.MaximumSegmentLength]byte
 -   for discarded < int(sf.closeDelayBytes) {
 +   // Consume and discard data on this connection until the specified
 +   // interval passes.
 +   var buf [maxHandshakeLength]byte
 +   for {
 n, err := conn.Conn.Read(buf[:])
 if err != nil {
 return
 }
 -   discarded += n
 }
 }}}

 This fix can also to stop some form of active probing attack discovered by
 #26083

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

Re: [tor-bugs] #26122 [Obfuscation/Censorship analysis]: obfs4proxy: closeAfterDelay() should to conform to obfs4 spec

4 matches

Site Navigation

Mail list logo

Footer information