[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9022 [Pluggable transport]: Create an XMPP pluggable transport
#9022: Create an XMPP pluggable transport
---------------------------------+------------------------------------------
Reporter: asn | Owner: feynman
Type: task | Status: accepted
Priority: normal | Milestone:
Component: Pluggable transport | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------------------+------------------------------------------
Comment(by feynman):
Replying to [comment:70 asn]:
> (fixed the issue with my sleekxmpp)
>
> btw, I kind of dislike the fact that we send our local ip:port through
XMPP. it's a small but unneeded information leak.
>
> Since (<remote ip/port>, <jid>) is not sufficient for your routing
table, why don't you also add the source IP of the other side in there?
You can probably get the client's IP using the sleekxmpp API; you don't
need the client to send its IP to the server. If that doesn't work, you
can get the client to generate a nonce and send it to the server.
>
> Do you think that makes sense?
The local ip:port is used to uniquely identify a connection--even among
several connections between the same client and server. Since the client
thinks it is connecting directly to the server, the source ip:port seemed
like the perfect unique identifier for that particular connection.
Whatever identifier you use, you are going to end up with something that
can be uniquely mapped to the client's source IP.
I just finished changing the source ip:port to a SHA512 hash of the source
ip:port.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9022#comment:73>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs