[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] using obfs4 to tunnel to a SOCKS proxy server

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] using obfs4 to tunnel to a SOCKS proxy server
From: Hans-Christoph Steiner <hans@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 23 Jan 2019 11:42:16 +0100
Autocrypt: addr=hans@xxxxxxxxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBFY1RO0BEAC94s679hO9oxi2h1GF0hN7xCXxeIyJp58rA2QxuMJ/NvMhrfBGVqhkolUb 7IqvHy8n7jvTCCAJOHP6ZAtUUwV20ZpUa2Mfp0/6dbGkvXcXwGlU9ShpBiXnDsKvgRRX5gOO /WeWLe8x8HRcFfcJVXS9pHRw2bxjrbs3zKlf7yBACcSt6ZSgPsqHuUQSUs4Qo0E0/H14uJiD k32qQ1YicVrE1r2pFe9iZpxBMGTwgZyNUEUYDeVfTDubL7Jc1MUpgotNTxbJ3jVxt0uHn20l hNXG6ybaYK3MhIHIEp9Nbd4l6+Y81ZgIQbs4jAbAPcy+qY3GT2uQfbFb2UK8+hnDotGmejgo YuDZGBaAukiELIKxrsNCvaSg5DI/yrH6Vx6ZceHpitrer6yOwZescc5SGud3btU4Iktfw7w+ 5pxmyypUazaltibSd13o56n/aKrQZw098bhqnh9xTbPVK14t4wTdsJKyZmJv8oKCqppEuhTc q8kur0PWOM85NSBl0igSfj8/CR8CbzgasMPNQVVwUA0Ody0s8wO13+WVaLq7y6Xpy9t6jSVv S8KLgmJ/wTJimHb2cctHNBSQEwnJtRyy/o7kKnge6HPzOprjPAlv6okA2XQaLTxyjW1YCRwN GatNAJ2WnJx3m89WGRONN6qQ3RFX59kbyzR1uL6D3Z6ts7bTmwARAQABzTJIYW5zLUNocmlz dG9waCBTdGVpbmVyIDxoYW5zQGd1YXJkaWFucHJvamVjdC5pbmZvPsLBvgQTAQoAaAIbAQUL CQgHAwUVCgkICwUWAgMBAAIeAQIXgAIZAQUCVjdjhUMYaHR0cHM6Ly9wZ3AubWl0LmVkdS9w a3MvbG9va3VwP29wPXZpbmRleCZzZWFyY2g9MHhFOUUyOERFQTAwQUE1NTU2AAoJEOnijeoA qlVW/IwP/0Uq8896f4NJPv9m5xKZnpCErXhvGU8b4gwH5EXaw66Z/0Zp56zF+J0rLdQZ9FoL HmShM8ZIEHmbNs/NTxqJ5qR0QDKJl8kJW7P/yfNjYOHtBCxPOS5LcapGtUT9jx7GAPU+oJ7z RC0nF8eot97Ds797n139BSbabZ74j0mfwKdGFxRaZVAfhzOD3tevyxUGMwj3w+zRpSXrDHc+ mZa9oHVE6J632rKMUTyDH/7kjzqN54l+dW29SK2NCfC79jfjDcO+ldbUV0lDz+HcLAiEYY1U ucuGVYgL0s/blCqw8YBmwBFdzYYwL6JXiK0KO+eukEZZl9nAWb0CUtuq/8dqkB5VKE39sBjZ pADf8xknMXJVTN1NlMUv6ZDKgRByL0gWdxmSaLLcjBliieXsDvMDHZnwhVsXeoPB1o6PaNLr Ho6ohf8vUrpVzDt6jwEydKBjJiykoSae4Gb7zgVx2/jvHZG3TrMqwktmPQKc+mS/WQBVMfUm ay3EYuIXRFhh2l4czMxFPWpan0nxV3QSpjPYJFOcKm0fPOLBAfe5WnatO8RGtL/quOdpOhMi rfzZKb0I4CiLGmyUHhewCGcggejqrBNDsip4RE4XwEYbH/VjWs0g5VVodSLUm0aC/98eG+XR 0bV/v0urdHFedFOVbkTBYYYJWNzRxvv2paJVoUzxWn5GzsBNBFY1RikBCAC2ZLMA4e7v4nZL 4Fy5X5vfaZ5pGHuh/8i34V4geqbMgWKnTgi2CJkAzglVDkbhpyk/Q8hCj4DdiRMsK4+TpLmp sbCYVGBeoaB/zkhZdjHksymED7V5sUim1BV418JXk19bnrDNFvfyhy8fer8FoDKeT0HJNdab lTt5NJrVFIVmglOZFIF+dSbz+HoH15bbwUDoedM63Q9ChQ5RsPKxiKHbwsYQ6zAJb+f/xLsG RUSzg6q6GPwX0A0P6QMkl2a/OXZhk+LGmzvldg4M0roWr6ohH+4iiBxttId4VACNPjQR7UME c8E6GZTRpviaMTTioXHY2wxkjcD6LmdjZ7Hm7F2NABEBAAHCwWUEGAEKAA8FAlY1RikCGwwF CQlmAYAACgkQ6eKN6gCqVVZbvxAAk1RTjZ017OWt/Tpm7Wa1VprbNPSFmDjzXSjIM2ut7E5B iScJLRy4sl7Fl5GcwS8lWkfIz2n8R7zn0Xj4T91dKZZ4J9m+Mf37cHGBBn5Hp2E6gqoClqbN CNLpWeHtwbLf7p9e513yRZwIdwAC4sHCGSzT6ZpFNhOhTqSj4nllfpbkSSjac5KaeV7oRQXI fE8BvwH02sGM5LpsoifhShrdcoEZe3GjyERbf3oh3cqYnr9pR64DnO8IMc+RL2c+sGPoirVS d/kBCIA8vEABZzpHeoNN4DNu3ykg0d0Knn/2CoMY92w4UGrdDRc++uMOawXtI9aGdtt4AIMy YvHfSO5KtZr+U9sViMhSXiiJ1Ofl46C9nZwjyZ5t5NnwfVh3Am79uhDHrckxJ/2aWOt9KOdY H8QqxovWCCq9esUgV+Q0SXow8zdkBa8lKR2H9xbI4frKULnu29iyIv4CbWOZE8QbjKoBcThA XesRjmVb5bvAYx+t5UMyQKaaH7dVTzvdFiIRM3zm0Hxrpxn3muaGk9WRTzKi+cYlAcT3o2ES mlWXkYGArbRoOtnQ1aXbySkF/+veMptetrZ8nyAZJ5oZmjDJ70EBGHEbEhMhNhYXlua4QIiV HdBRZ93PQnQA5j8JcYkeY8g977F9I/Cjk4xSmEuPZ/rmXci54nqnT4tGKQsdnsU=
Cc: Nathan of Guardian <nathan@xxxxxxxxxxxxxxxxxxxx>, Michael Pöhn <michael.poehn@xxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 23 Jan 2019 05:42:42 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Openpgp: preference=signencrypt
Organization: Guardian Project
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hey all,

Hopefully this is a valid place to ask about PTs technical details.  So
n8fr8, uniqx (Michael Pöhn), and I are working to make an easily
reproducible obfs4 client and server setup with ansible scripts

uniqx got the setup working with obfs4 connecting to a port on the
server side, like a webserver. Weŕe trying to figure out a way to make
this obfs4 setup to behave like an SSH port forward, but weŕe banging
our heads against the concept.

For example, could the obfs4 server side provide a generic SOCKS proxy?
Hereś the use case:  wikimedia foundation wants to run their own PTs
built into their own client but it needs to support multiple domains,
e.g. en.wikipedia.org and commons.wikimedia.org.  So we would like to
have a generic SOCKS proxy for the client.  Then server side, the SOCKS
proxy only allows connections to a whitelist of wikimedia servers.

Here are uniqxś PT projects:
https://gitlab.com/uniqx/pt-obfs4proxy-minimal-demo
https://gitlab.com/uniqx/pt-socks5-over-obfs4proxy
https://gitlab.com/uniqx/pt-obfs4proxy-tcp-bridge
https://gitlab.com/uniqx/pt-tor-obfs4-bridge-test-vm

.hc

-- 
PGP fingerprint: EE66 20C7 136B 0D2C 456C  0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] using obfs4 to tunnel to a SOCKS proxy server
  - From: Yawning Angel

Prev by Author: Re: [tor-dev] using obfs4 to tunnel to a SOCKS proxy server
Next by Author: Re: [tor-dev] Multi-threading throughout
Previous by thread: Re: [tor-dev] RFC: Using `utls` in meek_lite.
Next by thread: Re: [tor-dev] using obfs4 to tunnel to a SOCKS proxy server
Index(es):
- Author
- Thread