Clarify whether Cloudflare's Universal SSL thing works with meek

[cypherpunks]

The Meek wiki page has a section on CloudFlare as a possible CDN to use, but seems to have been written before CloudFlare rolled out their ​Universal SSL free tier.
Would it be possible to have a meek-cloudflare using this Universal SSL thing?

[dcf]

Please give it a try. I think it works. There are some sample Wget commands on the wiki page.

If you're a CloudFlare customer you can easily test it yourself. Set up a new domain with ​https://meek.bamsoftware.com/ as your origin server. Then try to Wget a different CloudFlare home page with your domain name in the Host header.

I think CloudFlare is a good deployment target. But first we need to find a way to pay for it. It's also a non-negligible amount of maintenance work, each additional backend we deploy. If CloudFlare offers a better value (cheaper or better performance than meek-amazon, for example) then it would make sense to switch to it.

[benjojo]

Recent changes to how CloudFlare validates TLS connections means that this will no longer work.

Host header spoofing does not work for technical reasons on CloudFlare

[ Disclosure: I work for CloudFlare ]

[dcf]

Replying to benjojo:

Recent changes to how CloudFlare validates TLS connections means that this will no longer work.

Host header spoofing does not work for technical reasons on CloudFlare

[ Disclosure: I work for CloudFlare ]

Thanks for the information. We hadn't yet tried to get CloudFlare working, and knowing this will save some frustration.

If there is a way to restore this characteristic of the infrastructure, consistent with CloudFlare's technical and business constraints, a lot of censored users will appreciate it.

[abacabadabacaba]

I did some experiments with CloudFlare, and here are the results:

When using HTTP/1.1, CloudFlare requires SNI hostname to match the value of Host header. If this is violated, HTTP error 403 is returned.

However, when using HTTP/2, the check is less strict. HTTP/2 has a feature where a single connection can be used with multiple host names as long as the TLS certificate presented by the server is valid for all those host names. When using CloudFlare Free SSL, a single certificate is generated for multiple domains, and it is possible to utilize domain fronting as long as both the front and the back domain use the same certificate.

I don't know how they choose which domains share a certificate. Also, these certificates seem to be reissued much more frequently than their validity period might suggest. As a result, domain fronting with CloudFlare is possible, but not very convenient.

Anyway, I registered an address ​https://meek-reflect.cf/ which you can use for testing. Unfortunately, I don't know any command-line tools that can send HTTP/2 requests, and constructing HTTP/2 requests by hand is not trivial. Still, you can use this command to try the voodoo magic of domain fronting for yourself:

printf 'PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n\0\0\0\4\0\0\0\0\0\0\0\24\1\5\0\0\0\1\202\207\1\17meek-reflect.cf\204' | openssl s_client -quiet -connect spacebitco.in.net:443 -servername spacebitco.in.net -alpn h2

If you see the text I’m just a happy little web server. somewhere in the output, then it worked.

[dcf]

Replying to abacabadabacaba:

I did some experiments with CloudFlare, and here are the results:

Thanks, good to know. That's a creative approach.

[dcf]

I think the summary of the situation is that Cloudflare doesn't support domain fronting, but these days supports draft ESNI, and that's probably the promising path to pursue. There's some discussion of ESNI in #28168.