Opened 8 years ago

Closed 7 years ago

Last modified 18 months ago

#7211 closed defect (fixed)

impossible to specify --shared-secret in managed mode

Reported by: arma Owned by: asn
Priority: High Milestone:
Component: Archived/Obfsproxy Version:
Severity: Blocker Keywords: SponsorF20131101
Cc: nickm, asn, karsten Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Obfsproxy's obfs2 protocol has a --shared-secret option, to make the traffic flow resist what turns out to be trivial dpi.

But it looks like there's no way to pass "obfs2_args" to obfsproxy from the ClientTransportPlugin or ServerTransportPlugin lines?

Ideally on the client side the shared secret should be a function of the bridge, not a global property of all your bridges.

Child Tickets

TicketStatusOwnerSummaryComponent
#3594closedAdd support for SOCKS parameters in Bridge and {Client,Server}TransportPlugin linesCore Tor/Tor
#5299closedasnobfsproxy: Support SOCKS per-connection transport argumentsArchived/Obfsproxy

Change History (8)

comment:1 Changed 8 years ago by arma

Cc: nickm added

comment:2 Changed 8 years ago by nickm

Cc: asn added

comment:3 Changed 8 years ago by arma

Keywords: SponsorF20131101 added
Priority: normalmajor

comment:4 Changed 7 years ago by arma

asn: both the child tickets are now closed here. How are we doing on this one?

comment:5 Changed 7 years ago by asn

Oops. Seems like I've missed this ticket. Both of the child tickets (#3594, #5299) were for the client-side (even though the #3594 subject mentions ServerTransportPlugin).

The server-side is messier since it was not thought of when the 180 spec was written.
The following components are needed:

  • The shared-secret must be specified in the torrc and passed to the transport proxy (#8929).
  • Then, the transport proxy must announce to tor which strings must be passed to BridgeDB (#8979)
  • Then Tor must write those strings to its extrainfo descriptor and pass them to the auth (#8978).

(- Then BridgeDB must learn how to parse that extrainfo descriptor directive and present it to users (#9013))

I plan to start working on these soon (they are also needed if we want to deploy scramblesuit).

I was waiting for comments on the spec change suggestions in #8929. I guess I'll write a spec patch for it today or tomorrow.

comment:6 Changed 7 years ago by arma

Cc: karsten added

comment:7 Changed 7 years ago by asn

Resolution: fixed
Status: newclosed

All relevant tickets (comment:5) are now merged. See comment:4:ticket:8979 for torrc instructions. Enjoy responsibly.

Closing this ticket. Please reopen if you are not satisfied.

comment:8 Changed 18 months ago by eddie007

Severity: Blocker

Hi guys if you are using instagram and you want to learn hacking visit https://instahacker.xyz here you can learn how do i hack instagram account password

Note: See TracTickets for help on using tickets.