[tor-dev] RFC: Using `utls` in meek_lite.

David Fifield david at bamsoftware.com
Thu Jan 24 06:47:37 UTC 2019

On Mon, Jan 21, 2019 at 05:12:41AM +0000, Yawning Angel wrote:
> I just pushed a change to obfs4proxy master to use `utls` to mask the
> ClientHello signature (currently Chrome 70.x).
> https://gitlab.com/yawning/obfs4/commit/4d453dab2120082b00bf6e63ab4aaeeda6b8d8a3

	// This also assumes that req.URL.Host will remain constant for the
	// lifetime of the roundTripper, which is a valid assumption for meeklite.

Am I wrong, or is the actual restriction less strict? You can reuse the
roundTripper for different hosts--the ServerName is taken from the addr
argument to dialTLS--but only if those different hosts negotiate the
same ALPN, because the choice of http.Transport or http2.Transport is
made only once and persists for the lifetime of the roundTripper.

For the same reason, I don't think we'll be able to use HelloRandomized,
only HelloRandomizedALPN or HelloRandomizedNoALPN. Otherwise we may
negotiate different ALPN even against the same server during the
lifetime of roundTripper. I tried adding a
inside dialTLS to force it to re-dial frequently, and with
HelloRandomized it does indeed eventually trip the "horrifically wrong"
branch with an error like:
	net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x05\x00\x10\x00\x00\x00\x03\x00\x00\x00\xfa\x00\x06\x00\x10\x01@"
Despite the error, the client recovers quickly, redialing until it gets
a compatible ALPN.

More information about the tor-dev mailing list