[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR-Client bug?/wrong package size?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] TOR-Client bug?/wrong package size?
From: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed, 29 Jun 2011 11:26:06 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 29 Jun 2011 11:26:19 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; bh=iEWmx2PTrNYpzZh6Q2IZoBPd7PXz1FjF31vnIlmlUy8=; b=p6N8yUfM8CYAvlTgkRxkRkymzP0SGj0206iWXpjyRBaR6avFqfvhD3v1O03h5sWPuQ suUBCsH3w/ckGU5MHUKQEbM9Ka2RyI4Rcp3KhjwB7qBaMnH1kLd3g6h1BuBYE31TtLu1 dBhP2W9JRpZWxhxyHxt8HvqS1tkSlt7Ets2EE=
In-reply-to: <20110629085108.B6BD56F43F@xxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20110629085108.B6BD56F43F@xxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Wed, Jun 29, 2011 at 4:51 AM,  <bemoo129@xxxxxxxxxxxx> wrote:
> Hello,
>
> Does anybody know how TOR deals with TCP-Pakets?
>
> For example, while logging my outgoing traffic via iptables or
> wireshark, i saw a large amount of TLS-encrypted packages - but
> they all had a differend size, sometimes 60bytes, sometimes more
> then 1000.
>
> In the TOR Documentation they explain, TOR will sent no normal tcp-
> packets via a tcp-connection, but "cell" packets - with have a
> fixed size of 512 byte.

Cells are 512 bytes.

Cells are sent over TLS, which adds its own message over head.
Because of the way that Tor's internal buffers work, the TLS
implemantation may decide to send any number (not necessarily integer)
of cells in a TLS record that it wants.

TLS  records are sent over TCP.  The TLS implementation delivers TLS
records to the kernel's TCP stack using the send() call [or write(),
or writev(), or WSASend(), depending on which network backend it's
using].  The TCP stack is then free to send these TLS records in as
many or as few TCP records as it wants.

So you shouldn't expect to see TCP packets that are an even multiple
of 512 bytes: the TLS and TCP implementations are both free to package
or split byte streams.

hth,
-- 
Nick
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] TOR-Client bug?/wrong package size?
  - From: bemoo129

Prev by Author: Re: [tor-talk] embedding tor into apps?
Next by Author: [tor-talk] Question regarding torifying applications
Previous by thread: [tor-talk] TOR-Client bug?/wrong package size?
Next by thread: [tor-talk] embedding tor into apps?
Index(es):
- Author
- Thread