[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #15035 [Orbot]: URI format for bridges

#15035: URI format for bridges
------------------------------+-----------------------
 Reporter:  eighthave         |          Owner:  n8fr8
     Type:  task              |         Status:  new
 Priority:  normal            |      Milestone:
Component:  Orbot             |        Version:
 Keywords:  uri, url, bridge  |  Actual Points:
Parent ID:                    |         Points:
------------------------------+-----------------------
 Right now, according to @n8fr8, this is the URI format for the bridge
 URIs:

 `bridge://obfs3+194.132.209.140%3A10223+c6eda10edca8979b8a57617bf2d6e82bbecd287d+%0Aobfs3+194.132.209.57%3A6262+d27c48363c2ef8295b917961c11244c39fe739a5+%0Aobfs3+88.198.94.215%3A40872+b78a59f5bbb11190cd1cb44fb9eb2965d5a22e42+%0A`

 There is a problem with this format because it doesn't follow the URI RFC
 so that standard URI parsers won't parse it very well.  Adding the `//`
 after `bridge:` makes it a "hierarchical" URI, which means that it has the
 standard sections of authority, user info, host, port, path, query, and
 fragment. But the above URI will just stick all of the text in the
 "authority" part, but that section can't be broken down into the standard
 parts of the "authority", i.e. user info, host, and port.

 To keep the same data format, then this URI should be an "opaque" URI.
 That just means removing the `//`.  So that makes it like a `mailto:` URI.

 Otherwise, the data could be refactored to fit into the standard parts for
 a hierarchical URI, then standard URI parsing classes will be able to
 parse it.  For example, android.net.Uri, java.net.URL, etc.  That would
 make the URI look something like this:

 `obfs4://54.66.226.196:18965/95151988dc29fccb4f610a1c700a1ddf7d5ffbd4?cert=3wYo19iAMNbfO7snEeqVBmsIat+RMmMDV5BV4jDvXuz9BaACXt7XffC8Dz8J1MUvLKHKaQ
 &iat-mode=0`

 * `getScheme()` would be bridge type
 * `getAuthority()` would be IP and port number
 * `getHost()` would be IP
 * `getPort()` would be port number
 * `getPath()` would be this thing:
 `95151988dc29fccb4f610a1c700a1ddf7d5ffbd4`
 * then `cert=`, `iat-mode=`, etc. would be in the query string

 The downside of this approach is that there could only be a single bridge
 per URI, but maybe that's not so bad.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15035>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs