Skip to content

draft: snowflake WIP

eta requested to merge eta/snowflake-wip into main

Partial solution for #70, which doesn't work yet (it panics inside the Go code for some reason after arti tries to make a 2nd guard connection via snowflake). However, the log lines printed look somewhat promising.

Test by building with VERBOSE=1 ./ as per usual, and then adding the below bridgeline in the VPN config UI:

snowflake 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=,,,,,,,,, utls-imitate=hellorandomizedalpn

The log messages from snowflake go to logcat.

The snowflake running is patched with this patch in an effort to make outgoing UDP/TCP connections have protect() called on them properly. In addition, we also override the go net.DefaultResolver -- currently hardcoded to, since it was trying to use the VPN DNS server otherwise. (I didn't figure out how to make it use the system DNS server.)

Merge request reports