shapeshifter-dispatcher.git/doc, branch master

Add the "meek_lite" transport, which does what one would expect.

2015-10-29T17:29:21+00:00

This is a meek client only implementation, with the following
differences with dcf's `meek-client`:

 - It is named `meek_lite` to differentiate it from the real thing.
 - It does not support using an external helper to normalize TLS
   signatures, so adversaries can look for someone using the Go
   TLS library to do HTTP.
 - It does the right thing with TOR_PT_PROXY, even when a helper is
   not present.

Most of the credit goes to dcf, who's code I librerally cribbed and
stole.  It is intended primarily as a "better than nothina" option
for enviornments that do not or can not presently use an external
Firefox helper.

Move logging wrappers into common/log, and add a DEBUG log level.

2015-04-03T14:21:31+00:00

Implements feature #15576.

Add support for acting as a ScrambleSuit client.

2015-02-17T11:33:29+00:00

This allows obfs4proxy to be used as a ScrambleSuit client that is wire
compatible with the obfs4proxy implementation, including session ticket
support, and length obfuscation.

The current implementation has the following limitations:
 * IAT obfuscation is not supported (and is disabled in all other
   ScrambleSuit implementations by default).
 * The length distribution and probabilites are different from those
   generated by obfsproxy and obfsclient due to a different DRBG.
 * Server support is missing and is unlikely to be implemented.

Document the obfs4 NaCl secretbox nonce generation.

2015-01-14T20:49:56+00:00

Forgot to include this in the spec, though it was documented as a
comment in the framing code.

Write an example obfs4 bridge line to "obfs4_bridgeline.txt".

2014-09-24T16:00:42+00:00

Write an example client bridge line suitable for use with the running
obfs4 server instance to "obfs4_bridgeline.txt" for the convenience of
bridge operators.

Fix spelling error in man page, no functional changes.

2014-09-06T17:30:55+00:00

Add a man page for obfs4proxy.

2014-09-06T16:40:37+00:00

Change the TYPE_PRNG_SEED length to 24.

2014-08-27T12:26:09+00:00

This matches what the code actually sends.  It's shorter than the
ScrambleSuit PRNG seed, but that's because the SipHash-2-4 based
Hash_DRBG has 24 bytes of internal state (key + initial output).

Change how the length obfsucation mask is derived.

2014-06-02T17:50:01+00:00

Instead of using the nonce for the secret box, just use SipHash-2-4 in
OFB mode instead.  The IV is generated as part of the KDF.  This
simplifies the code a decent amount and also is better on the off
chance that SipHash-2-4 does not avalanche as well as it is currently
assumed.

While here, also decouple the fact that *this implementation* of obfs4
uses a PRNG with 24 bytes of internal state for protocol polymorphism
instead of 32 bytes (that the spec requires).

THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY.

Change the maximm handshake length to 8192 bytes.

2014-05-23T04:04:31+00:00

 * handhake_ntor_test now is considerably more comprehensive.
 * The padding related constants in the spec were clarified.

This breaks wireprotocol compatibility.