On Sat, 11 Oct 2014 18:17:34 +0200 Oliver Baumann <baumanno@xxxxxxxxxxxxxx> wrote: > I fought long and hard with this and found out something. > Not being able to connect via obfs4 using the info from > bridgeline.txt, I conducted some experiments using info from IRC and > obfs4_state.json. Oh dear. I am so sorry about that. > For me to be able to connect to my obfs4-RPi-bridge, I need a > bridgeline like this: > > bridge obfs4 <IP>:<PORT> $fp $cert $public-key $node-id $iat-mode > > ... where $public-key and $node-id can be taken from the state.json > and PORT is (obviously?) the obfs4-port, not the ORPort (this was not > quite so obvious to me). > > This bridgeline-format worked for at least one other person having > difficulties connecting to their obfs4-bridge, so it might be worth > adding a hint somewhere. That's the old bridge line format (changed between 0.0.2 and 0.0.3)[0]. The difference in the formats is the "node-id" and "public-key" parameters were replaced with "cert" (and base64 encoded) to be more compact (so either "cert" or "node-id" + "public-key")[1]. This issue will solve itself eventually, because I will nuke the snapshots once the browser people merge my branch (and master already points to a version that honors the "cert" parameter), but till then: Bridge obfs4 ip:port fingerprint public-key=<public key> node-id=<node-id> iat-mode=<iat-mode> Is what people should be using to test things. On new snapshots (or fingers crossed official Tor Browser builds with obfs4 support), what is in the text file will be correct (though the older format is naturally also supported). Sorry for the confusion, -- Yawning Angel [0]:https://gitweb.torproject.org/pluggable-transports/obfs4.git/commit/6cd81ec42f203585c59e610dc16728cb0a5d1455 [1]: "cert" is b64(node-id | public-key), with the trailing "="s removed. A trivial $languageOfChoice script can convert between the two, though as you noted, pulling the parameters out of the JSON file in the meantime isn't too difficult.
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays