[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Single hop connections?



Hi all,
  Thanks for the quick response. I am starting to do a project related to Tor that would require me to build 1-hop circuits and communicate from my OP to a webserver via the one single OR.
I was going though the Tor code and came across this function:

int
connection_exit_begin_conn(cell_t *cell, circuit_t *circ();

in the file src/or/connection_edge.c

Particularly, in line number: 2252

if (or_circ && or_circ->is_first_hop) {
      /* Don't let clients use us as a single-hop proxy; it attracts attackers
       * and users who'd be better off with, well, single-hop proxies.
       */
      log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
             "Attempt to open a stream on first hop of circuit. Closing.");
      end_payload[0] = END_STREAM_REASON_TORPROTOCOL;
      relay_send_command_from_edge(rh.stream_id, circ, RELAY_COMMAND_END,
                                   end_payload, 1, NULL);
      tor_free(address);
      return 0;
    }

I'm afraid this means that no OR will allow an OP to use it as a single-hop router (except for the director server connections?)

I tried making a one - hop circuit. It worked. However, when I try to attach a stream to the one-hop circuit, I get a RELAY_CELL_END immediately after I send a RELAY_SEND_BEGIN on that circuit.

Any suggestions? Maybe I'm getting the code all wrong?

Prithula


On Fri, Jun 26, 2009 at 12:35 PM, Damian Johnson <atagar1@xxxxxxxxx> wrote:
Tor caters to several different audiences. For individuals that want Tor for counter-censorship rather than privacy (ex. Chinese users) single-hop circuits make a lot of sense, IMHO. It would be faster for them and place less load on the Tor network (assuming exit nodes aren't the bottleneck). Chinese users use open proxies all the time simply to get around the great firewall, and this would allow them to use the Tor network like a big proxy grab-bag. If they don't need privacy then making them go through extra hops seems a lose-lose for both them and us.

However, it's not all roses and sunshine. One gotcha dr|z3d brought up on irc was: "The point about single hops is that it exposing the node operator to inordinate risk of legal pressure." Another issue might be making the network appear more desirable to p2p traffic (allowing for more speed probably means more abuse in that regard). Cheers! -Damian


On Fri, Jun 26, 2009 at 8:53 AM, Alberto M. Scattolo <thedarkfreesoul@xxxxxxxxx> wrote:
Hi Prithula,

I'm very new to Tor but I think this is not possible, unless you
change Tor source code and force it to do it. With one-hop-circuit you
would lose all anonymity. As far as I know Tor needs at least 2 hops
but 3 is much better.
Why do you want a single-hop circuit?
--

Alberto Maria Scattolo
Google profile: http://www.google.com/profiles/thedarkfreesoul




--
Prithula Dhungel