[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #25804 [Obfuscation/Snowflake]: Domain fronting to App Engine stopped working
#25804: Domain fronting to App Engine stopped working
---------------------------------------+--------------------
Reporter: dcf | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
---------------------------------------+--------------------
On or about 2018-03-13 16:00:00 UTC, domain-fronted requests for
snowflake-reg.appspot.com stopped working. It appears to affect fronting
to all appspot.com domains, not only ours. This leaves all currently
deployed clients unable to register themselves.
Requests now fail with status code 502:
{{{
$ wget -q -O - --content-on-error -S https://www.google.com/ --header
'Host: snowflake-reg.appspot.com'
HTTP/1.1 502 Bad Gateway
Date: Sun, 15 Apr 2018 04:58:49 GMT
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 209
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431;
quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
<html><body><h1>502 Bad Gateway</h1>\
<p>This HTTP request has a Host header that is not covered \
by the TLS certificate used. Due to an infrastructure change, \
this request cannot be processed.</p></body></html>
}}}
This ticket is to document the issue; I'm not sure we can do anything
about it directly.
Other related tickets:
* #22782, use non-Google domain fronts
* #25594, use non-fronting-based registration
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25804>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs