[tor-bugs] #12208 [meek]: Make it possible to use an IP address as a front (no DNS request and no SNI)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 20 18:04:26 UTC 2014
#12208: Make it possible to use an IP address as a front (no DNS request and no
SNI)
-----------------------------+-----------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: meek | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+-----------------
Comment (by dcf):
Psiphon and Lantern both independently discovered this issue. They found
that connecting with no SNI is necessary when using the
[http://www.fastly.com/ Fastly] CDN. They both worked around it by
patching the Go crypto/tls library.
Psiphon:
* Go http.Transport modified: no SNI in TSL client hello, new meek client
binary\\
https://bitbucket.org/psiphon/psiphon-circumvention-
system/commits/c93134904eb67b5c36e80ee2b1cdf2e264113c22
Lantern:
* Bad news - I had to fork Go's tls library.\\
https://groups.google.com/forum/#!topic/lantern-devel/ya1_kjzwWzw\\
https://github.com/getlantern/tls/commit/c26f6d9c4b17213b1bd78a734465f2e33be3d12f
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12208#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list