[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Call for testing/review: obfsclient-0.0.1rc2



Hello all,

I have a new release candidate of obfsclient available now.

Notable changes since 0.0.1rc1:
 * Use OpenSSL's CSPRNG instead of arc4random rng from libevent
 * Use a CTR_DRBG instead of WELL512
 * ScrambleSuit session tickets saved to disk also include a timestamp
 * ScrambleSuit is better about discarding handshake data for sessions
   that authenticate
 * ScrambleSuit IAT obfuscation is disabled by default
   (--enable-scramblesuit-iat)
 * The SOCKS5 TTL Expired code is sent when the handshake takes too
   long instead of abruptly closing the session
 * The Base32 decoder now accepts lower case input, and also will
   attempt to correct commonly mistyped characters (0,1,8)
 * Fixed a bug which would cause rare assertion when using obfs2

Known issues:
 * ScrambleSuit session ticket handshakes vs some of the bridges out
   there will fail (not a obfsclient bug).  I believe the bridge that
   phw posted to tor-talk is running updated code with this issue fixed.

Assuming nothing is broken, this will most likely become v0.0.1, though
I may end up disabling Session Ticket handshakes.

Where: https://github.com/Yawning/obfsclient/releases/tag/v0.0.1-rc2

Questions, comments, feedback appreciated!

-- 
Yawning Angel

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev