README
¶
obfs4
This is a look-like nothing obfuscation protocol that incorporates ideas and concepts from Philipp Winter's ScrambleSuit protocol. The obfs naming was chosen primarily because it was shorter, in terms of protocol ancestery obfs4 is much closer to ScrambleSuit than obfs2/obfs3.
The notable differences between ScrambleSuit and obfs4:
- The handshake always does a full key exchange (no such thing as a Session Ticket Handshake).
- The handshake uses the Tor Project's ntor handshake with public keys obfuscated via the Elligator 2 mapping.
- The link layer encryption uses NaCl secret boxes (Poly1305/XSalsa20).
- As an added bonus, obfs4proxy also supports acting as an obfs2/3 client and bridge to ease the transition to the new protocol.
Using obfs4
Go Version:
obfs4 is one of the transports available in the Shapeshifter-Transports library.
-
First, you need to create a dialer
dialer := proxy.Direct -
Create an instance of an obfs4 server
obfs4Transport := obfs4.Transport{ CertString: "InsertCertStringHere", IatMode: 0 or 1, Address: "InsertAddressHere", Dialer: dialer,} -
Call Dial on obfs4Transport:
_, err := obfs4Transport.Dial()
Documentation
¶
Overview ¶
Package obfs4 provides an implementation of the Tor Project's obfs4 obfuscation protocol.
Index ¶
- Variables
- func MakeLog()
- func RunLocalObfs4Server(data string) bool
- func RunLocalObfs4ServerFactory(data string) bool
- type ClientArgs
- type Config
- type InvalidAuthError
- type InvalidMacError
- type InvalidPacketLengthError
- type InvalidPayloadLengthError
- type ServerFactory
- type Transport
- type TransportClient
- type TransportServer
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidHandshake = errors.New("handshake: Failed to find M_[C,S]")
ErrInvalidHandshake is the error returned when the obfs4 handshake fails due to the peer not sending the correct mark. This error is fatal and the connection MUST be dropped.
var ErrMarkNotFoundYet = errors.New("handshake: M_[C,S] not found yet")
ErrMarkNotFoundYet is the error returned when the obfs4 handshake is incomplete and requires more data to continue. This error is non-fatal and is the equivalent to EAGAIN/EWOULDBLOCK.
var ErrNtorFailed = errors.New("handshake: ntor handshake failure")
ErrNtorFailed is the error returned when the ntor handshake fails. This error is fatal and the connection MUST be dropped.
var ErrReplayedHandshake = errors.New("handshake: Replay detected")
ErrReplayedHandshake is the error returned when the obfs4 handshake fails due it being replayed. This error is fatal and the connection MUST be dropped.
Functions ¶
func RunLocalObfs4Server ¶
RunLocalObfs4Server runs the server side in the background for the test
func RunLocalObfs4ServerFactory ¶ added in v3.0.5
Types ¶
type ClientArgs ¶
type ClientArgs struct {
// contains filtered or unexported fields
}
ClientArgs contains arguments for client side
type Config ¶
type Config struct {
CertString string `json:"cert"`
IatMode string `json:"iat-mode"`
Address string `json:"address"`
}
Config contains arguments formatted for a json file
type InvalidAuthError ¶
InvalidAuthError is the error returned when the ntor AUTH tags do not match. This error is fatal and the connection MUST be dropped.
func (*InvalidAuthError) Error ¶
func (e *InvalidAuthError) Error() string
type InvalidMacError ¶
InvalidMacError is the error returned when the handshake MACs do not match. This error is fatal and the connection MUST be dropped.
func (*InvalidMacError) Error ¶
func (e *InvalidMacError) Error() string
type InvalidPacketLengthError ¶
type InvalidPacketLengthError int
InvalidPacketLengthError is the error returned when decodePacket detects a invalid packet length/
func (InvalidPacketLengthError) Error ¶
func (e InvalidPacketLengthError) Error() string
type InvalidPayloadLengthError ¶
type InvalidPayloadLengthError int
InvalidPayloadLengthError is the error returned when decodePacket rejects the payload length.
func (InvalidPayloadLengthError) Error ¶
func (e InvalidPayloadLengthError) Error() string
type ServerFactory ¶
type ServerFactory struct {
// contains filtered or unexported fields
}
ServerFactory contains arguments for server side
func NewObfs4ServerFactory ¶ added in v3.0.5
func NewObfs4ServerFactory(stateDir string) (*ServerFactory, error)
NewObfs4Server initializes the obfs4 server side
type Transport ¶
type Transport struct {
// contains filtered or unexported fields
}
Transport that uses the obfs4 protocol to shapeshift the application network traffic
func NewObfs4Client ¶
NewObfs4Client initializes the obfs4 client side
func NewObfs4Server ¶
NewObfs4Server initializes the obfs4 server side
func RunObfs4Client ¶
RunObfs4Client runs the client side in the background for the test
type TransportClient ¶ added in v3.0.4
type TransportClient struct {
CertString string
IatMode int
Address string `json:"address"`
Dialer proxy.Dialer
}
TransportClient contains parameters to be used in Optimizer
func RunObfs4ClientFactory ¶ added in v3.0.5
func RunObfs4ClientFactory() (*TransportClient, error)
RunObfs4Client runs the client side in the background for the test
type TransportServer ¶ added in v3.0.4
type TransportServer struct {
ServerFactory *ServerFactory
Address string
}
Source Files
Directories