On Tuesday, December 13, 2022, 10:11:41 AM PST, David Fifield david@bamsoftware.com wrote:
The Snowflake proxy is not a pluggable transport. You just > run it as a normal command-line program. There is no torrc involved, and the proxy does not interact with a tor process at all.
Thank you for the clarification. It seems I incorrectly assumed that extor-static-cookie was a wrapper for snowflake-proxy.
"To work around this problem, there is a shim called extor-static-cookie that presents an ExtORPort with a fixed, unchanging authentication key on a static port, and forwards the connections (again as ExtORPort) to tor, using that instance of tor's authentication key on an ephemeral port. One extor-static-cookie process is run per instance of tor, using ServerTransportPlugin and ServerTransportListenAddr." Am I correct in assuming extor-static-cookie is only useful within the context of bridging connections between snowflake-server and tor (not as a pluggable transport similar to obfs4proxy)? What about a connection flow of haproxy/nginx => (snowflake-server => extor-static-cookie => tor) on separate servers? Thanks, again.
Gary