Snowflake issueshttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues2024-01-22T16:33:10Zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40087Let's Encrypt "DST Root X3" root expiration affects old Android clients acces...2024-01-22T16:33:10ZcybertaLet's Encrypt "DST Root X3" root expiration affects old Android clients accessing brokerRunning Snowflake with the default config mentioned in this repository and shown below Snowflake fails to create a connection on some Android devices (apparently older Android versions, I could reproduce that issue using Android 4 and An...Running Snowflake with the default config mentioned in this repository and shown below Snowflake fails to create a connection on some Android devices (apparently older Android versions, I could reproduce that issue using Android 4 and Android 6 on a real device and on an emulator).
The error log tells me the cause of the connection failure is an expired certificate.
`WebRTC: x509: certificate has expired or is not yet valid: current time 2021-12-28T16:12:58Z is after 2021-09-30T14:01:15Z Retrying... `
Default config, I'm referring to:
```
snowflake-target https://snowflake-broker.torproject.net.global.prod.fastly.net/
snowflake-front cdn.sstatic.net
```
Using a different broker and domain-fronting I can work around the issue (config taken from https://github.com/cohosh/snowflake)
Could you please have a look at the broker / domain fronting setup or adapt the documentation here?Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40069Snowflake needs outbound proxy support2023-10-25T15:40:24ZtlaSnowflake needs outbound proxy supportFor continued iOS support, we will need to run Snowflake behind a proxy, since with its Go runtime it's way to big to run in a [Network Extension](https://developer.apple.com/documentation/networkextension/packet_tunnel_provider), which ...For continued iOS support, we will need to run Snowflake behind a proxy, since with its Go runtime it's way to big to run in a [Network Extension](https://developer.apple.com/documentation/networkextension/packet_tunnel_provider), which has a hard 15 MByte RAM usage limit.
Currently, Snowflake doesn't seem to support that scenario.
Please point me to the code, if it actually has, so I can understand how to leverage it.
If not, I suggest having a look at Obfs4proxy for reference on how this could be implemented:
https://gitlab.com/yawning/obfs4/-/blob/master/obfs4proxy/obfs4proxy.go#L67-158
Thank you!shelikhooshelikhoohttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40001Generating random SID2020-06-23T14:52:54ZHashikDGenerating random SIDGeneration random SID to send it to the server and using the generated SID in subsequent calls to the broker. if the connection terminates re-generating a random SID.Generation random SID to send it to the server and using the generated SID in subsequent calls to the broker. if the connection terminates re-generating a random SID.Cecylia BocovichCecylia Bocovich