[tor-bugs] #16650 [Obfuscation/BridgeDB]: Set up domain fronting for BridgeDB
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 11 19:33:47 UTC 2017
#16650: Set up domain fronting for BridgeDB
-------------------------------------------------+-------------------------
Reporter: isis | Owner: isis
Type: enhancement | Status: closed
Priority: Medium | Milestone:
Component: Obfuscation/BridgeDB | Version:
Severity: Normal | Resolution: fixed
Keywords: bridgedb-dist, bridgedb-usability, | Actual Points:
tbb-wants, usability, bridge-distribution, |
TorCoreTeam201608 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by isis):
* status: needs_information => closed
* resolution: => fixed
Comment:
David and I spent some time in April hacking on this, and we've got it set
up such that, if you request https://tor-bridges-hyphae-
channel.appspot.com/meek it'll go to the Apache reverse proxy on
polyanthum, which strips out the authenticated layer of TLS (i.e. using
the cert for bridges.torproject.org) and then passes the underlying
payload (still TLS encrypted, but with a random cert) to meek which is
listening on localhost, which then passes it to the BridgeDB server.
(Right now the BridgeDB server doesn't understand the request yet for
`bridges.torproject.org/meek` yet, so it responds with a 404. But the
point is that the meek tunnel is set up and works.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16650#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list