Hello all,
So after a brief pause in my productivity due to the dev meeting and some IRL things, I'm back in the swing of development and have been working on getting obfs4 ready for development.
I've recently mostly finished a fairly large cleanup/refactor of the obfs4 codebase and dusted off the Tor Browser build integration patch.
Test bundles signed with my PGP key are available at: https://people.torproject.org/~yawning/volatile/tor-browser-obfs4-20140820/
Some quick notes:
* The bundles are alpha. DO NOT USE THEM IF YOU REQUIRE STRONG ANONYMITY OR SECURITY.
* While it is possible to pull out the obfs4proxy binary from the bundle and use it to run a bridge, that will be a *terrible* idea because the bundles are missing some logging related fixes.
* The Windows and OSX bundles are entirely untested, because I do not have access to either platform. The Linux bundle appears to work.
* Using obfs2/obfs3 will also exercise new code (obfs4proxy instead of obfsproxy).
* I'm not uploading a 32 bit linux bundle for now.
* The one obfs4 test bridge is mine, and is the one I posted to tor-dev@ (port is different, bridge parameters are the same).
If you wish to follow obfs4 deployment the bug associated with this task is #12130.
Questions, comments, feedback welcome.
Hello everyone,
I just uploaded a new set of obfs4 test bundles to: https://people.torproject.org/~yawning/volatile/tor-browser-obfs4-20140829/
I forgot to change the file names (oops), but that shouldn't affect the bundles and regenerating them just to rename/reversion would take quite a while, so I'll pass on doing so.
Changes since the last version: * obfs4proxy * obfs4proxy -v will print versioning information. * Bridge side logging will sanitize golang networking errors unless the log scrubber is disabled. * Bridge lines now use Base16 instead of Base64 to work around bugs in the pt bridge args processing. * A dumb bug that was causing TYPE_PRNG_SEED frames to be silently ignored was fixed. * Bridge lines now have "iat-mode" which controls Inter-Arrival Time obfuscation. This is done so the bridge administrator can specify client behavior (Default is to disable IAT obfuscation). * There is now an optional paranoid IAT obfuscation mode, which disables optimizations made around bulk data transfer for additional obfuscation. This has a major impact on bulk data throughput and is not recommended.
* Bundling * The #12535 patch is integrated into the goptlib build process, and go based pluggable transports will use SOCKS5. Eventually the patch will be merged into goptlib proper. * The default test bridge was updated to the new bridge line format, and includes the "iat-mode" argument. * The obfs4proxy and Go licenses are now included in the bundle.
I have verified that the linux64 and windows (thanks to a friend) bundles appear to be functional. If you wish to follow obfs4 deployment the bug associated with this task is #12130.
Questions, comments, feedback welcome.
Hello everyone,
I just uploaded a new set of obfs4 test bundles to: https://people.torproject.org/~yawning/volatile/tor-browser-obfs4-20140926/
Changes since the last version: * obfs4proxy * Updated to 0.0.2 (Most of the changes are related to packaging and a minor bridge side quality of life feature, no real functional changes since the last version from a client perspective.)
* Bundling * Rebased my integration branch on Tor Browser 4.0-alpha-3. * I backed out the goptlib SOCKS5 code since I changed the patch a bunch. IPv6 obfs2/3/4 bridges will probably not work because of this, but that is a know issue, and the patch is sitting in a branch awaiting review and a better opportunity for systematic testing.
To be perfectly honest not much has changed to the point where it really warrants another release, but apparently people are still using my old snapshots, so here's a new set for those people that folds in all the changes that went into the Tor Browser side of things.
As far as the roadmap for full fledged deployment goes, it's at the "get enough bridges" point, with the step after that being "getting the Tor Browser folks to merge my branch".
I have verified that the linux64 and windows (thanks to a friend) bundles appear to be functional. If you wish to follow obfs4 deployment the bug associated with this task is #12130.
Questions, comments, feedback welcome.
-
Yawning Angel