On 31 Mar 2018, at 04:03, jackoreamnos@tutanota.com jackoreamnos@tutanota.com wrote:
Alright, problem solved although I don't understand why. Hope someone can educate me:
What I did. (1) Turned on Log debug stderr in torrc, and I could see obfs4 loading correctly. (2) Then I realized obfs4 writes to a file to help people construct the bridgeline for tow browser in pt_state/obfs4_bridgeline.txt
The format is like: Bridge obfs4 <IP ADDRESS>:<PORT> <FINGERPRINT> cert=[scrubbed] iat-mode=[scrubbed]
Which is different from the bridge line I used by hand, i.e. has FINGERPRINT, has cert=? and iat-mode=?. These extra bits made all the difference, but why?
Tor can't connect to an obfs4 bridge without its certificate. The encryption just won't work.
iat-mode controls some other protocol details.
T