[tor-commits] [obfs4/master] Update the README.md (No functional changes).
yawning at torproject.org
yawning at torproject.org
Wed Sep 3 09:44:58 UTC 2014
commit 79e94103d6bf7685c78e991f0d1b93b0eecefa3d
Author: Yawning Angel <yawning at torproject.org>
Date: Wed Sep 3 09:44:18 2014 +0000
Update the README.md (No functional changes).
---
README.md | 46 ++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 44 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 3ee9c0c..4ad8b5c 100644
--- a/README.md
+++ b/README.md
@@ -32,14 +32,56 @@ handshake variants without being obscenely slow is non-trivial.
Build time library dependencies are handled by go get automatically but are
listed for clarity.
- * Go 1.2.0 or later. Debian stable packages Go 1.0.2 which is missing several
- things obfs4 depends on like SHA256.
+ * Go 1.2.0 or later. Prior versions of Go 1.0.2 are missing certain important
+ parts of the runtime library like a SHA256 implementation.
* go.crypto (https://code.google.com/p/go.crypto)
* go.net (https://code.google.com/p/go.net)
* ed25519/extra25519 (https://github.com/agl/ed25519/extra25519)
* SipHash-2-4 (https://github.com/dchest/siphash)
* goptlib (https://git.torproject.org/pluggable-transports/goptlib.git)
+### Installation
+
+To build:
+`go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy`
+
+To install:
+Copy `$GOPATH/bin/obfs4proxy` to a permanent location (Eg: `/usr/local/sbin`)
+
+Client side torrc configuration:
+```
+ClientTransportPlugin obfs4 exec /usr/local/sbin/obfs4proxy
+```
+
+Bridge side torrc configuration:
+```
+# Act as a bridge relay.
+BridgeRelay 1
+
+# Use obfs4proxy to provide the obfs4 protocol.
+ServerTransportPlugin obfs4 exec /usr/local/sbin/obfs4proxy
+
+# (Optional) Listen on the specified address/port for obfs4 connections as
+# opposed to picking a port automatically.
+#ServerTransportListenAddr obfs4 0.0.0.0:443
+```
+
+### Tips and tricks
+
+ * On modern Linux systems it is possible to have obfs4proxy bind to reserved
+ ports (<=1024) even when not running as root by granting the
+ `CAP_NET_BIND_SERVICE` capability with setcap:
+
+ `# setcap 'cap_net_bind_service=+ep' /usr/local/sbin/obfs4proxy`
+
+ * obfs4proxy can also act as a obfs2 and obfs3 client or server. Adjust the
+ `ClientTransportPlugin` and `ServerTransportPlugin` lines in the torrc as
+ appropriate.
+
+ * The autogenerated obfs4 bridge parameters are placed in
+ `DataDir/pt_state/obfs4_state.json`. An obfs4 bridge line requires the
+ `node-id`, `public-key` and `iat-mode` arguments.
+
### Thanks
* David Fifield for goptlib.
More information about the tor-commits
mailing list