[bisq-network/bisq] Stream isolation for Tor (#2081)

[Manfred Karrer]

ManfredKarrer commented on this pull request.



> @@ -115,7 +117,17 @@ protected Socket createSocket(NodeAddress peerNodeAddress) throws IOException {
     public Socks5Proxy getSocksProxy() {
         try {
             tor = Tor.getDefault();
-            return tor != null ? tor.getProxy() : null;
+
+            String stream = "";
+            if (streamIsolation) {
+                // create a random string
+                byte[] bytes = new byte[512]; // note that getProxy does Sha256 that string anyways
+                new SecureRandom().nextBytes(bytes);
+                stream = new String(bytes);

Could there be any issues to use plain bytes here? Maybe more safe to use hex?

> @@ -206,7 +206,7 @@ public static boolean isDaoActivated(Environment environment) {
             torRcFile, torRcOptions, externalTorControlPort, externalTorPassword, externalTorCookieFile,
             socks5ProxyHttpAddress, useAllProvidedNodes, numConnectionForBtc, genesisTxId, genesisBlockHeight, referralId, daoActivated;
 
-    protected final boolean externalTorUseSafeCookieAuthentication;
+    protected final boolean externalTorUseSafeCookieAuthentication, torStreamIsolation;

Should torStreamIsolation be by default turned on (true)?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/pull/2081#pullrequestreview-182458715
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20181206/9fb9d35c/attachment-0001.html>