Opened 9 years ago

Closed 2 years ago

#1807 closed enhancement (wontfix)

Add support for displaying client Tor traffic in Wireshark and similar

Reported by: mwenge Owned by: mwenge
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Normal Keywords: tor-client
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I was under the mistaken impression that this patch had already been merged last year. No idea why I thought that.

See also https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3203

Child Tickets

Change History (12)

comment:1 Changed 9 years ago by mwenge

Component: - Select a componentTor - Tor client
Status: newneeds_review
Version: Tor: unspecified

comment:2 Changed 9 years ago by mwenge

Owner: set to mwenge
Status: needs_reviewassigned

comment:3 Changed 9 years ago by mwenge

Status: assignedneeds_review

comment:4 Changed 9 years ago by Sebastian

Milestone: Tor: post 0.2.2.x

comment:5 Changed 9 years ago by nickm

Milestone: Tor: post 0.2.2.xTor: unspecified

comment:6 Changed 8 years ago by Sebastian

As an idea, maybe this should option should require a private network?

comment:7 Changed 8 years ago by nickm

We should talk about this more in January, or whenever works. I am leery of merging this code into the mainline at all. It's useful for experimenting, and we should definitely point researchers at it, but I worry that shipping Tor with a "dump all your keys" mode would send entirely the wrong message to our users and operators.

comment:8 Changed 8 years ago by arma

I looked at this patch a while ago, and had the same initial impression as nickm.

It looks like the patch is pretty modular overall, meaning it probably won't become a broken patch very quickly.

How about we change tor_tls_set_logged_address() so it takes a port argument, and then it dups "address:port" into the tls->address field rather than just "address"? That would decrease the size of the patch and increase its robustness to changes in the Tor code.

The next question is: where should we store the patch so researchers will actually find it? The 'research' page perhaps? But again, I'm not thrilled with having it in the first set of things people see when they think of Tor and research. :(

comment:9 Changed 7 years ago by rransom

Status: needs_reviewneeds_revision

This patch is going to break in the crypto migration this year.

Also, this ticket looks like it's headed for ‘wontfix’.

comment:10 Changed 7 years ago by nickm

Keywords: tor-client added

comment:11 Changed 7 years ago by nickm

Component: Tor ClientTor

comment:12 Changed 2 years ago by nickm

Resolution: wontfix
Severity: Normal
Status: needs_revisionclosed
Note: See TracTickets for help on using tickets.