[tor-dev] RFC: Using `utls` in meek_lite.
Yawning Angel
yawning at schwanenlied.me
Mon Jan 21 05:12:41 UTC 2019
Hello,
I just pushed a change to obfs4proxy master to use `utls` to mask the
ClientHello signature (currently Chrome 70.x).
https://gitlab.com/yawning/obfs4/commit/4d453dab2120082b00bf6e63ab4aaeeda6b8d8a3
I understand that this is being worked on for the original meek (see:
https://bugs.torproject.org/29077), but I felt inspired and it was
relatively easy to get something working.
Caveats:
* This is only lightly tested, and may be doing something wrong or
distinct. It seems to work well enough to watch videos over it.
YMMV.
* Azure uses HTTP 2. Not really a problem.
* `utls.HelloFirefox_Auto` will fail to handshake with Azure due to an
incompatible group being negotiated.
* `utls.HelloChrome_Auto` ironically fails to handshake with
`google.com` in a standalone test case for me.
* `utls.HelloIOS_Auto` seems to work in all cases, so I may switch to
that before I tag.
Questions, comments, feedback appreciated,
--
Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190121/e6847acf/attachment.sig>
More information about the tor-dev
mailing list