[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] RFC: Using `utls` in meek_lite.



On 1/24/19 6:47 AM, David Fifield wrote:
> 	// This also assumes that req.URL.Host will remain constant for the
> 	// lifetime of the roundTripper, which is a valid assumption for meeklite.
> 
> Am I wrong, or is the actual restriction less strict? You can reuse the
> roundTripper for different hosts--the ServerName is taken from the addr
> argument to dialTLS--but only if those different hosts negotiate the
> same ALPN, because the choice of http.Transport or http2.Transport is
> made only once and persists for the lifetime of the roundTripper.
The lock protecting `roundTripper.initConn` is only held in `dialTLS`,
and the `roundTripper.transport` is not protected by a lock at all.

If the target host changes and there is simultaneous access (two threads
call into `roundTripper.RoundTrip` right after initialization
simultaneously), there is no guarantee that the connection used to
create the inner `http.RoundTripper` instance will be passed to the
correct thread.

Regards,

-- 
Yawning Angel

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev