Skip to content

Cherry-pick meek uTLS support

meskio requested to merge meskio/obfs4:utls into master

While we wait for upstream to review this change (https://gitlab.com/yawning/obfs4/-/merge_requests/10) it might make sense to build a version of obfs4proxy including it so we can roll out the obfs4 security fixes to users in Tor Browser.

I have tested it with Tor Browser (by replacing the binary inside) and works fine to reach moat, I could not test it with meek as our meek bridge is offline (tpo/anti-censorship/team#100 (closed)). I'll test it as soon as it gets back online.

This is basically copypaste from the last uTLS support (https://gitlab.com/yawning/obfs4/-/tree/f01e92dde7c2d4e55e3e030da39e991b4e341899/transports/meeklite), I only added more fingerprints and disable dynamic record size (https://gitlab.com/yawning/obfs4/-/commit/ca6765e3e3995144df2b1ca9f0e9d823a7f8a47c).

Merge request reports