Client side bridge, proxy, and PT support
Arti clients should be able to use outbound proxies, pluggable transports, and bridges.
To use proxies:
-
Allow configuration of at least SOCKS4, SOCKS5, and SOCKS*-with-Tor extensions for outbound proxy types. HTTP is optional. (4h) (partially defer) -
Implement the above protocols. (16h) -
In the code, allow these proxies to be applied to a single TCP connection, or to all TCP connections. This might need to apply at the channel level; we'll probably need to add more complexity in tor_chanmgr. (16h) (partially defer) -
When these proxies are configured, apply them to all outgoing connections that they're configured for. (16h) (partially defer)
To implement bridge usage:
-
Allow a configuration of a list of bridges. (8h) -
Allow bridge usage to be turned on and off. (4h) - ✗
Possibly, kill all streams and circuits when doing this.(24h) -
Retire no-longer-correct streams and circuits when doing this. (#650 (closed)) (8h)
- ✗
-
Support code, either in dirmgr or as a separate thing, to download and maintain a set of router descriptors for a set of configured bridges. (40h) -
Persistently cache downloaded descriptors -
Ability to configure the bridge descriptor downloader's parameters
-
-
Support multiple guard sets, and switching between them. (24h) -
Extend guard manager code to allow guards to be bridges as well as relays in the public network. (24h) -
Allow guards to be chosen from a universe of bridges -
Install a universe of bridges as appropriate -
Inform the directory manager when we want different bridges
-
-
Extend circuit manager code to use bridges correctly. (24h) -
Ask FirstHop
to be aCircTarget
before hitting the directory for aRelay
-
Make sure that a bridge-based FirstHop
can indeed be aCircTarget
on its own.
-
- (Also, see all places in the specs that talk about bridges)
To implement PT usage:
-
Allow a set of pluggable transports to be configured, either as managed or unmanaged proxies. (12h) -
Allow bridges to be configured to use pluggable transports. (4h) - ✗ For unmanaged PTs (are these used?), connect to chosen IP:Port and speak SOCKS. (defer)
-
Implement the code to launch and manage a pluggable transport according to the protocols in pt-spec.txt
(24h) -
For managed PTs, launch them when we need them, handle it if they crash, and route traffic through them via SOCKS as appropriate. If we go for a long time without using a managed PT, maybe shut it down. (40h) - (Also, see
pt-spec.txt
)
Edited by Nick Mathewson