diff options
author | Yawning Angel <yawning@torproject.org> | 2014-10-01 19:00:30 +0000 |
---|---|---|
committer | Yawning Angel <yawning@torproject.org> | 2014-10-01 19:00:30 +0000 |
commit | 6cd81ec42f203585c59e610dc16728cb0a5d1455 (patch) | |
tree | 28e16d3446e40c2ad6a1b2d5aa46006704a616fb /transports/obfs4/obfs4.go | |
parent | 213495d3b9f6d41771751f5ab76711a225f05d9b (diff) |
Change the bridge line format to be more compact.
Instead of "node-id" and "public-key" that are Base16 encoded, use
"cert" which contains the "node-id" and "public-key" in Base64 encoded
form. This is more compact and cuts the length down by 49 characters.
Diffstat (limited to 'transports/obfs4/obfs4.go')
-rw-r--r-- | transports/obfs4/obfs4.go | 51 |
1 files changed, 33 insertions, 18 deletions
diff --git a/transports/obfs4/obfs4.go b/transports/obfs4/obfs4.go index b862e5a..256f549 100644 --- a/transports/obfs4/obfs4.go +++ b/transports/obfs4/obfs4.go @@ -57,6 +57,7 @@ const ( privateKeyArg = "private-key" seedArg = "drbg-seed" iatArg = "iat-mode" + certArg = "cert" biasCmdArg = "obfs4-distBias" @@ -122,8 +123,7 @@ func (t *Transport) ServerFactory(stateDir string, args *pt.Args) (base.ServerFa // Store the arguments that should appear in our descriptor for the clients. ptArgs := pt.Args{} - ptArgs.Add(nodeIDArg, st.nodeID.Hex()) - ptArgs.Add(publicKeyArg, st.identityKey.Public().Hex()) + ptArgs.Add(certArg, st.cert.String()) ptArgs.Add(iatArg, strconv.Itoa(st.iatMode)) // Initialize the replay filter. @@ -154,15 +154,39 @@ func (cf *obfs4ClientFactory) Transport() base.Transport { func (cf *obfs4ClientFactory) ParseArgs(args *pt.Args) (interface{}, error) { var err error - // Handle the arguments. - nodeIDStr, ok := args.Get(nodeIDArg) - if !ok { - return nil, fmt.Errorf("missing argument '%s'", nodeIDArg) - } var nodeID *ntor.NodeID - if nodeID, err = ntor.NodeIDFromHex(nodeIDStr); err != nil { - return nil, err + var publicKey *ntor.PublicKey + + // The "new" (version >= 0.0.3) bridge lines use a unified "cert" argument + // for the Node ID and Public Key. + certStr, ok := args.Get(certArg) + if ok { + var cert *obfs4ServerCert + if cert, err = serverCertFromString(certStr); err != nil { + return nil, err + } + nodeID, publicKey = cert.unpack() + } else { + // The "old" style (version <= 0.0.2) bridge lines use separate Node ID + // and Public Key arguments in Base16 encoding and are a UX disaster. + nodeIDStr, ok := args.Get(nodeIDArg) + if !ok { + return nil, fmt.Errorf("missing argument '%s'", nodeIDArg) + } + if nodeID, err = ntor.NodeIDFromHex(nodeIDStr); err != nil { + return nil, err + } + + publicKeyStr, ok := args.Get(publicKeyArg) + if !ok { + return nil, fmt.Errorf("missing argument '%s'", publicKeyArg) + } + if publicKey, err = ntor.PublicKeyFromHex(publicKeyStr); err != nil { + return nil, err + } } + + // IAT config is common across the two bridge line formats. iatStr, ok := args.Get(iatArg) if !ok { return nil, fmt.Errorf("missing argument '%s'", iatArg) @@ -173,15 +197,6 @@ func (cf *obfs4ClientFactory) ParseArgs(args *pt.Args) (interface{}, error) { return nil, fmt.Errorf("invalid iat-mode '%d'", iatMode) } - publicKeyStr, ok := args.Get(publicKeyArg) - if !ok { - return nil, fmt.Errorf("missing argument '%s'", publicKeyArg) - } - var publicKey *ntor.PublicKey - if publicKey, err = ntor.PublicKeyFromHex(publicKeyStr); err != nil { - return nil, err - } - // Generate the session key pair before connectiong to hide the Elligator2 // rejection sampling from network observers. sessionKey, err := ntor.NewKeypair(true) |