Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #6045
Closed (moved) (moved)
Open
Created Jun 03, 2012 by George Kadianakis@asn

Ethiopia blocks Tor based on ServerHello

Ethiopia is blocking Tor by DPIing the ServerHello TLS record. We found out that changing the ciphersuite selected (from the default TLS1_TXT_DHE_RSA_WITH_AES_256_SHA (0x0039)) bypasses the censorship.

This is a ticket to see how we can handle this issue. We should also be think about how #4744 (moved) and proposal 198 influence this.

The patch we used during tests removes 0x0039 from SERVER_CIPHER_LIST: https://gitorious.org/mytor/mytor/commit/087de5215cada3320c8494fdc97b87746b45e1cb

A good short-term plan would be to set-up a few patched bridges, update the blog post, and distribute the patched bridges to anyone who asks for them.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking