Re: [tor-bugs] #25346 [Obfuscation/Snowflake]: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic certificates

2018-03-05 Thread Tor Bug Tracker & Wiki 
#25346: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic
certificates
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:  fixed
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by dcf):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Thanks, merged as [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/commit/?id=d0686b1c8df037413f32bef891ef90638b75a080
 d0686b1c8d].

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25346 [Obfuscation/Snowflake]: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic certificates

2018-03-05 Thread Tor Bug Tracker & Wiki 
#25346: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic
certificates
---+-
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  merge_ready
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+-
Changes (by arlolra):

 * status:  needs_review => merge_ready


Comment:

 Look good.  Hopefully nobody running this wants to enable TLS on port 80.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25346 [Obfuscation/Snowflake]: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic certificates

2018-03-05 Thread Tor Bug Tracker & Wiki 
#25346: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic
certificates
---+--
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  needs_review
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by dcf):

 * status:  new => needs_review


Comment:

 Here is a simple patch. I started this running on
 https://snowflake.bamsoftware.com/ and it just issued a fresh certificate.

 Because the SNI-based ACME challenge needed HTTPS on port 443, and we were
 going to be listening with HTTPS on other ports anyway, the way it was
 formerly handled is that if there was no listener for port 443, we just
 opened an additional one (as if the parent process had given us an
 additional bindaddr).

 Now we do something similar, except the additional listener we open on
 port 80 only handles HTTP-01 messages; it doesn't implement WebSocket and
 can't be used to reach tor.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25346 [Obfuscation/Snowflake]: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic certificates

2018-03-05 Thread Tor Bug Tracker & Wiki 
#25346: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic
certificates
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by dcf):

 * Attachment "0001-Use-Manager.HTTPHandler-for-automatic-TLS-support-
 in.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #25346 [Obfuscation/Snowflake]: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic certificates

2018-03-05 Thread Tor Bug Tracker & Wiki 
#25346: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic
certificates
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal | Resolution:
 Keywords: |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+
Changes (by dcf):

 * Attachment "0001-Use-Manager.HTTPHandler-for-automatic-TLS-support-
 in.patch" added.


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #25346 [Obfuscation/Snowflake]: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic certificates

2018-02-24 Thread Tor Bug Tracker & Wiki 
#25346: Adapt snowflake-server to use ACME HTTP-01 challenge for automatic
certificates
---+
 Reporter:  dcf|  Owner:  (none)
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:
Component:  Obfuscation/Snowflake  |Version:
 Severity:  Normal |   Keywords:
Actual Points: |  Parent ID:
   Points: |   Reviewer:
  Sponsor: |
---+
 As with the broker (#25345), we need to make the Snowflake server
 transport plugin use the HTTP-01 challenge.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs