[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Example of how a stream of RELAY_DATA cells would work?

On Tue, May 05, 2020 at 08:05:36PM +0300, Eli Vakrat wrote:
> As of writing this, I can send and receive the proper RELAY_BEGIN and
> RELAY_CONNECTED to and from my exit node, but I'm not quite sure what to do
> next...

Great. Now you have a socket open, and you talk to the remote server
(e.g. webserver) over it. That is, you can pretend that you just opened
that socket directly to the remote server. You put bytes into your RELAY
DATA cells, and those bytes get sent to the remote server.

> Do I just start sending RELAY_DATA cells (where the "data" of the cell is
> literally the encoded HTTP requests)?

Yes, almost. You make the data be whatever you want the other side to
get. But now you need to understand what protocols the webserver thinks
you'll speak, as you see below:

> I've tried connecting to 'www.facebook.com:443'  with the RELAY_BEGIN cells
> as a test (I do get a Relay Connected Cell so at least I know that part
> works).

www.facebook.com:443, also known as https://www.facebook.com/, will
expect you to speak TLS to it. If you send it plaintext http requests,
it will give you a tls error in response.

> After getting back the RELAY_CONNECTED cell, I send a RELAY_DATA cell with
> the data of the cell being the following 'utf-8' encoded string:
> 
> * #######this is how i wrote the literal in python#### *
> *'GET / HTTP/1.1\r\nHost: www.facebook.com
> <http://www.facebook.com>\r\nUser-Agent:
> python-requests/2.23.0\r\nAccept-Encoding: gzip, deflate\r\nAccept:
> */*\r\nConnection: keep-alive\r\n\r\n\r\n'.encode() *

Yeah, you are trying to send http, when instead you should be
starting your tls handshake.

> What I get back is a short couple of bytes:
> 
> 
> *\x15\x03\x03\x00\x02\x022*
> 
> I had no idea what this meant but after digging around a bit I found that
> this seems to be some part of the TLS handshake that is used in HTTPS.

That makes sense.

> So now two questions arise:
> 
> 1. Is this a good TLS response? What does it mean exactly?

I haven't checked, but I assume it means "error, that thing you sent me
was not the proper beginning of a tls handshake."

> 2. Generally speaking, is this how the RELAY_DATA cells are supposed to be
> sent and received?

Yes.

You might try sending your http text to www.facebook.com:80, which
expects http without any tls.

At this point it sounds like your Tor is working, and your new question
is "what's the right way to interact with a webserver?"

Hope this helps,
--Roger

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev