summaryrefslogtreecommitdiff
path: root/transports
AgeCommit message (Collapse)Author
2016-01-25Fix other instances of attempting to close `nil` on handshake failure.Yawning Angel
Bug introduced in e52258edac55d82ff153755493d770bfbbc9a346, not in any released version of obfs4proxy.
2016-01-17fix incorrect connection closepminmax945
when obfs4 connection create failed,conn variable is set to nil already.
2015-10-30meek-lite: Don't send a "User-Agent" header.Yawning Angel
2015-10-30meek-lite: combine small writes at request dispatch time.Yawning Angel
This dramatically improves bulk upload performance, from totally shit to just shit.
2015-10-29Add the "meek_lite" transport, which does what one would expect.Yawning Angel
This is a meek client only implementation, with the following differences with dcf's `meek-client`: - It is named `meek_lite` to differentiate it from the real thing. - It does not support using an external helper to normalize TLS signatures, so adversaries can look for someone using the Go TLS library to do HTTP. - It does the right thing with TOR_PT_PROXY, even when a helper is not present. Most of the credit goes to dcf, who's code I librerally cribbed and stole. It is intended primarily as a "better than nothina" option for enviornments that do not or can not presently use an external Firefox helper.
2015-10-29Make establishing outgoing connections the transport's responsibility.Yawning Angel
ClientFactories now have a Dial() method instead of a WrapConn() method, so that it is possible to write something like meek-client using the obfs4proxy framework. This breaks the external interface if anyone is using obfs4proxy as a library, but the new way of doing things is a trivial modification, to a single routine that shouldn't have been very large to begin with.
2015-06-01Delay transport initialization till after logging has been setup.Yawning Angel
2015-03-22Simplify some err and return logicDaniel Martí
2015-03-18Reduce some if err != nil logic linesDaniel Martí
2015-03-16Fix all go vet issuesDaniel Martí
2015-03-16Run go fmtDaniel Martí
2015-02-17Add support for acting as a ScrambleSuit client.Yawning Angel
This allows obfs4proxy to be used as a ScrambleSuit client that is wire compatible with the obfs4proxy implementation, including session ticket support, and length obfuscation. The current implementation has the following limitations: * IAT obfuscation is not supported (and is disabled in all other ScrambleSuit implementations by default). * The length distribution and probabilites are different from those generated by obfsproxy and obfsclient due to a different DRBG. * Server support is missing and is unlikely to be implemented.
2015-01-14Change the import path for go.crypto.Yawning Angel
The Go developers decided to move the go.crypto repository to golang.org/x/crypto, and also to transition from hg to git. The tip of tree code.google.com copy of the code is broken due to the import paths pointing at the new repository. While the change here is simple (just update the import location), this affects packagers as it now expects the updated package. Sorry for the inconveneince, I blame the Go people.
2014-10-24Fix minor issues pointed out by "go vet".Yawning Angel
2014-10-03Improve the performance of the obfs4 handshake test.Yawning Angel
Exhaustively testing padding combinations is really slow, and was causing timeouts during the Debian ARM package build process. Attempt to improve the situation by: * Reusing the client and server keypair for all of the tests, to cut runtime down by ~50%. * Splitting the client side and server side tests up, as it appears the timeout is per-test case. If this doesn't fix things, the next thing to try would be to reduce the actual number of padding lengths tested, but that is a last resort at the moment.
2014-10-01Change the bridge line format to be more compact.Yawning Angel
Instead of "node-id" and "public-key" that are Base16 encoded, use "cert" which contains the "node-id" and "public-key" in Base64 encoded form. This is more compact and cuts the length down by 49 characters.
2014-09-24Write an example obfs4 bridge line to "obfs4_bridgeline.txt".Yawning Angel
Write an example client bridge line suitable for use with the running obfs4 server instance to "obfs4_bridgeline.txt" for the convenience of bridge operators.
2014-08-27Various IAT related changes.Yawning Angel
* Unbreak inbound TYPE_PRNG_SEED processing. * IAT obfuscation is now a per-bridge argument (iat-mode). * 0 (default) = Disabled. * 1 = Enabled, ScrambleSuit-style with bulk throughput optimizations. * 2 = Paranoid, Each IAT write will send a length sampled from the length distribution. (EXPENSIVE). The "iat-mode" argument is mandatory on the Bridge lines, and as a ServerTransportOption. Old statefiles will continue to load and use the default value, edit it if your hat is made of tin foil.
2014-08-27Display a more useful error on JSON Unmarshall failure.Yawning Angel
2014-08-23Change all the arguments to use base16 from base64.Yawning Angel
WARNING: THIS BREAKS BACKWARD COMPATIBILITY. This is primarily to work around bug #12930. Base16 was chosen over unpadded Base64 because the go runtime Base64 decoder does not handle omitting the padding. May $deity have mercy on anyone who needs to hand-enter an obfs4 bridge line because I will not.
2014-08-18Change the drbg seed field in the state file.Yawning Angel
Changing from "drbgSeed" to "drbg-seed" to be consistent with the ServerTransportOptions to allow for easier copy/paste.
2014-08-18Add support for enabling IAT obfuscation and biased WDist.Yawning Angel
Golang's command line parser is slightly cumbersome to use with subcommands, so the arguments are "obfs4-iatObufscation" and "obfs-distBias" instead of obfsproxy style subcommands.
2014-08-17Massive cleanup/code reorg.Yawning Angel
* Changed obfs4proxy to be more like obfsproxy in terms of design, including being an easy framework for developing new TCP/IP style pluggable transports. * Added support for also acting as an obfs2/obfs3 client or bridge as a transition measure (and because the code itself is trivial). * Massively cleaned up the obfs4 and related code to be easier to read, and more idiomatic Go-like in style. * To ease deployment, obfs4proxy will now autogenerate the node-id, curve25519 keypair, and drbg seed if none are specified, and save them to a JSON file in the pt_state directory (Fixes Tor bug #12605).