[tor-bugs] #6045 [Tor Bridge]: Ethiopia blocks Tor based on ServerHello

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sat Jun 9 20:33:19 UTC 2012


#6045: Ethiopia blocks Tor based on ServerHello
------------------------+---------------------------------------------------
 Reporter:  asn         |          Owner:     
     Type:  task        |         Status:  new
 Priority:  normal      |      Milestone:     
Component:  Tor Bridge  |        Version:     
 Keywords:  dpi         |         Parent:     
   Points:              |   Actualpoints:     
------------------------+---------------------------------------------------
Changes (by murble):

 * cc: bill-torstuff@… (added)


Comment:

 It seems for the blocking to happen you have to have Hello, Cert, Server
 Key Exchange and Hello Done in the same packet.

 stud (https://github.com/bumptech/stud) configured with a self signed key
 and the recommended settings is also blocked example
 (https://www.yuri.org.uk/~murble/tor/0x39serverstud1024.cap) the server
 hello from  https://bu.mp/ also TLS1_TXT_DHE_RSA_WITH_AES_256_SHA is not
 blocked as it doesn't
 all fit in a single packet(?). Normal web servers with non self signed
 certs do not seem to to fit the above in a single packet.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6045#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list