Re: [tor-bugs] #34231 [Metrics/Onionperf]: Document and maybe improve how we're mapping TGen transfers to Tor streams/circuits

2020-05-28 Thread Tor Bug Tracker & Wiki
#34231: Document and maybe improve how we're mapping TGen transfers to Tor
streams/circuits
---+
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Onionperf  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #33328 | Points:
 Reviewer: |Sponsor:  Sponsor59-must
---+

Comment (by karsten):

 This looks like a very promising approach! Some thoughts:

  - We're currently using TGen 0.0.1. It sounds like we would first have to
 upgrade to 1.0.0 in order to use this feature (#33974).

  - If we're concerned about `tgen` generated SOCKS credentials not being
 long enough to avoid conflicts, we could additionally look at source ports
 to match transfers and streams.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs


Re: [tor-bugs] #34231 [Metrics/Onionperf]: Document and maybe improve how we're mapping TGen transfers to Tor streams/circuits

2020-05-23 Thread Tor Bug Tracker & Wiki
#34231: Document and maybe improve how we're mapping TGen transfers to Tor
streams/circuits
---+
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Onionperf  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #33328 | Points:
 Reviewer: |Sponsor:  Sponsor59-must
---+

Comment (by acute):

 At the moment, Onionperf uses `stem` to log events from the Tor control
 socket corresponding to Onionperf's tor process, and later parses these
 logs (we refer to them as `torctl` logs) line by line at analysis time
 into `CircuitEvents`, `StreamEvents`, `BandwidthEvents` and
 `BuildTimeoutSetEvents`.

 The `StreamEvent` is used to extract the port which originated the
 connection (source port) and circuit ID, which is what we currently use
 for matching. There don't seem to be any other useful `StreamEvent`
 variables that can help with matching (see
 https://stem.torproject.org/api/response.html).

 However, I believe we can match `tgen` streams to Tor circuits in the
 `torctl` logs directly using SOCKS authentication.

 `Tgen 1.0.0` supports generating random usernames and passwords for SOCKS
 authentication, which can be be used to uniquely identify a transfer and
 match it to a `CircuitEvent` (`stem` already fills the `socks_username`
 and `socks_password` fields during parsing anyway).

 I've done a quick test to check,  this is how the log lines look like if
 we enable the random SOCKS authentication strings in `tgen`:

 {{{
 2020-05-23 18:01:14 1590253274.675001 [info] [tgen-transport.c:771]
 [_tgentransport_receiveSocksAuth] socks server localhost:127.0.0.1:34810
 authentication succeeded with username='zRhBJ8o' and password='zRhBJ8o'
 }}}

 ...and this is a sample line from the corresponding `torctl` log:
 {{{
 2020-05-23 18:01:17 1590253277.57 650 CIRC 406 EXTENDED
 
$87C08DDFD32C62F3C56D371F9774D27BFDBB807B~Unnamed,$B9E7A637B00BBB77853A639CC33245A2FEB8F033~theykilledaaron,$3E13E2EB87CCF5690564EE33E9F9F9F80B229FBB~hotzenplotz
 BUILD_FLAGS=IS_INTERNAL,NEED_CAPACITY PURPOSE=HS_CLIENT_REND
 HS_STATE=HSCR_CONNECTING
 REND_QUERY=afa4fswz3ifwlbwsgk6va7vbbxj35m3geo3hvpc5u22w66yadr6xfayd
 TIME_CREATED=2020-05-23T17:01:16.357678 SOCKS_USERNAME="zRhBJ8o"
 SOCKS_PASSWORD="zRhBJ8o"
 }}}

 As far as the code goes, the change to the Onionperf parsers seems simple,
 and this is a better way of matching.

 Some questions/thoughts:

   * Turning on SOCKS authentication in Onionperf means we use stream
 isolation. My understanding is that each transfer (stream) would use a
 different circuit, which is what we expect anyway in Onionperf? Would this
 change affect measurements?

   * Is it likely that the `tgen` generated SOCKS credentials would
 conflict?

   * If we have plans to change what we use to parse Onionperf logs, we
 should check the replacements support this.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs


Re: [tor-bugs] #34231 [Metrics/Onionperf]: Document and maybe improve how we're mapping TGen transfers to Tor streams/circuits

2020-05-21 Thread Tor Bug Tracker & Wiki
#34231: Document and maybe improve how we're mapping TGen transfers to Tor
streams/circuits
---+
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Onionperf  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #33328 | Points:
 Reviewer: |Sponsor:  Sponsor59-must
---+

Comment (by dennis.jackson):

 I have a need for similar functionality, with a slightly different twist.
 I would like to associate web requests from the Tor Browser with
 particular circuits. So the mapping would be User Action -> HTTP Request
 -> SOCKS Username/Password for Stream Isolation -> A Circuit.

 As far as I understand TorButton uses this exact functionality internally
 so as to display it to the user, however, I haven't looked into it in
 enough detail to see if it is robust:

 https://gitweb.torproject.org/torbutton.git/tree/chrome/content/tor-
 circuit-display.js#n45

 https://gitweb.torproject.org/torbutton.git/tree/components/domain-
 isolator.js#n124

 In particular, the following comment is informative:
 {{{
 // Watches for STREAM SENTCONNECT events. When a SENTCONNECT event occurs,
 then
 // we assume isolation settings (SOCKS username+password) are now fixed
 for the
 // corresponding circuit. Whenever the first stream on a new circuit is
 seen,
 // looks up u+p and records the node data in the credentialsToNodeDataMap.
 // We need to update the circuit display immediately after any new node
 data
 // is received. So the `updateUI` callback will be called at that point.
 // See https://trac.torproject.org/projects/tor/ticket/15493
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs


Re: [tor-bugs] #34231 [Metrics/Onionperf]: Document and maybe improve how we're mapping TGen transfers to Tor streams/circuits

2020-05-15 Thread Tor Bug Tracker & Wiki
#34231: Document and maybe improve how we're mapping TGen transfers to Tor
streams/circuits
---+
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Onionperf  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID:  #33328 | Points:
 Reviewer: |Sponsor:  Sponsor59-must
---+
Changes (by gaba):

 * parent:   => #33328


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #34231 [Metrics/Onionperf]: Document and maybe improve how we're mapping TGen transfers to Tor streams/circuits

2020-05-15 Thread Tor Bug Tracker & Wiki
#34231: Document and maybe improve how we're mapping TGen transfers to Tor
streams/circuits
---+
 Reporter:  karsten|  Owner:  metrics-team
 Type:  enhancement| Status:  new
 Priority:  Medium |  Milestone:
Component:  Metrics/Onionperf  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:  Sponsor59-must
---+
Changes (by gaba):

 * sponsor:   => Sponsor59-must


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs