[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29627 [Applications/Tor Launcher]: Moat: add support for obfsproxy's meek_lite



#29627: Moat: add support for obfsproxy's meek_lite
---------------------------------------+------------------------------
 Reporter:  mcs                        |          Owner:  brade
     Type:  defect                     |         Status:  needs_review
 Priority:  Medium                     |      Milestone:
Component:  Applications/Tor Launcher  |        Version:
 Severity:  Normal                     |     Resolution:
 Keywords:  TorBrowserTeam201905R      |  Actual Points:
Parent ID:  #29430                     |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+------------------------------
Changes (by gk):

 * keywords:  TorBrowserTeam201905 => TorBrowserTeam201905R
 * status:  needs_information => needs_review


Comment:

 Replying to [comment:9 mcs]:
 > Replying to [comment:8 gk]:
 > > Okay, I gave it another look. Just one final bit: You write
 > > {{{
 > > +    //      If the encoded argument list is less than 255 bytes in
 > > }}}
 > > which seems correct to me, but then you do
 > > {{{
 > > +      if (this.mMeekClientEscapedArgs.length <= 255)
 > > }}}
 > > I guess you want `if (this.mMeekClientEscapedArgs.length < 255)`
 instead?
 >
 > That is a good question.  We think the code is correct but the spec is
 wrong.  SOCKS5 supports up to 255 bytes in each auth field.  The
 obfs4proxy code reads a byte to get the length and does not have any other
 limitations, so up to and including 255 is supported.  Kathy and I wanted
 to maximize the space available for args, so we used <=.  Do you think
 this is OK?  Should we file a bug against the PT spec?

 Yes, please file a spec bug.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29627#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs