[tor-bugs] #30509 [Circumvention/Snowflake]: snowflake-broker certificate fetch failing after update
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 14 20:34:12 UTC 2019
#30509: snowflake-broker certificate fetch failing after update
-------------------------------------+------------------------
Reporter: cohosh | Owner: (none)
Type: defect | Status: new
Priority: Immediate | Milestone:
Component: Circumvention/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+------------------------
Changes (by dcf):
* cc: dcf (added)
Comment:
The WebSocket bridge has a certificate cache:
https://gitweb.torproject.org/pluggable-
transports/snowflake.git/tree/server/server.go?id=d865b7c252d3a7efd789a84757fc2635b1964921#n309
The broker doesn't cache certificates, but it should, to avoid this kind
of problem.
In the meantime I can get a conventional cert, but we'll have to add
`--cert` and `--key` options to the broker like meek-server has:
https://gitweb.torproject.org/pluggable-transports/meek.git/tree/meek-
server/meek-server.go?h=0.33#n394
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30509#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list