Domů Procházet Nápověda
Přihlásit se
oid
/
snowflake
zrcadlo https://git.torproject.org/pluggable-transports/snowflake.git/
Sledovat 1
Oblíbit 0
Rozštěpit 0
Soubory Úkoly 0 Wiki

Bez popisu

Větev: main
Větve Značky
snowflake
ZIP TAR.GZ
Renovate Bot ef276c8161 chore(deps): update module github.com/pion/ice/v4 to v4.0.10 před 2 dny
broker 08239cca2a Remove broker log messages for invalid SDP and SQS cleanup před 4 týdny
client 4205121689 fix: make NATPolicy thread-safe před 1 měsícem
common 8343bbc336 Add context with timeout for client requests před 1 měsícem
doc 062411143c docs: fix example server library usage před 8 měsíci
probetest 64995f391b chore(deps): update golang docker tag to v1.23 před 4 měsíci
proxy f3e040bbd8 improvement: less scary failed conn logs & metrics před 1 měsícem
server 1923803124 fix: potential race conditions with non-local err před 1 měsícem
.gitignore 1318b6a9ec stripped down Android build process for gitlab-ci and Vagrant před 3 roky
.gitlab-ci.yml 2a5a09e451 CI: use the parent group as namespace for the dependency proxy před 1 týdnem
.gitmodules 6f89fc14f6 Remove proxy/translation submodule před 5 roky
.travis.yml ead5a960d7 Bump snowflake library imports and go.mod to v2 před 3 roky
CONTRIBUTING.md d3080e2566 Remove mentions of coffeescript from docs před 5 roky
ChangeLog 6472bd86cd Bump verison of Snowflake to 2.11.0 před 1 měsícem
Dockerfile e345c3bac9 proxy: add country to prometheus metrics před 2 měsíci
LICENSE e521a7217a Update license před 5 roky
README.md f715c397c2 Update README to reflect project usecase před 1 měsícem
Vagrantfile 82cc0f38f7 Move the development to gitlab před 1 rokem
docker-compose.yml 3d7dcfc55d Add updated docker compose file před 1 týdnem
go.mod ef276c8161 chore(deps): update module github.com/pion/ice/v4 to v4.0.10 před 2 dny
go.sum ef276c8161 chore(deps): update module github.com/pion/ice/v4 to v4.0.10 před 2 dny
renovate.json b11a41482c Use go 1.21 in renovate před 1 rokem

README.md

Snowflake

Snowflake is a censorship-evasion pluggable transport using WebRTC, inspired by Flashproxy.

Table of Contents

Structure of this Repository

  • broker/ contains code for the Snowflake broker
  • doc/ contains Snowflake documentation and manpages
  • client/ contains the Tor pluggable transport client and client library code
  • common/ contains generic libraries used by multiple pieces of Snowflake
  • proxy/ contains code for the Go standalone Snowflake proxy
  • probetest/ contains code for a NAT probetesting service
  • server/ contains the Tor pluggable transport server and server library code

Usage

Snowflake is currently deployed as a pluggable transport for Tor.

Using Snowflake with Tor

To use the Snowflake client with Tor, you will need to add the appropriate Bridge and ClientTransportPlugin lines to your torrc file. See the client README for more information on building and running the Snowflake client.

Running a Snowflake Proxy

You can contribute to Snowflake by running a Snowflake proxy. We have the option to run a proxy in your browser or as a standalone Go program. See our community documentation for more details.

Using the Snowflake Library with Other Applications

Snowflake can be used as a Go API, and adheres to the [v2.1 pluggable transports specification](). For more information on using the Snowflake Go library, see the Snowflake library documentation.

Test Environment

There is a Docker-based test environment at https://github.com/cohosh/snowbox.

FAQ

Q: How does it work?

In the Tor use-case:

  1. Volunteers visit websites that host the 'snowflake' proxy, run a snowflake web extension, or use a standalone proxy.
  2. Tor clients automatically find available browser proxies via the Broker (the domain fronted signaling channel).
  3. Tor client and browser proxy establish a WebRTC peer connection.
  4. Proxy connects to some relay.
  5. Tor occurs.

More detailed information about how clients, snowflake proxies, and the Broker fit together on the way...

Q: What are the benefits of this PT compared with other PTs?

Snowflake combines the advantages of flashproxy and meek. Primarily:

  • It has the convenience of Meek, but can support magnitudes more users with negligible CDN costs. (Domain fronting is only used for brief signalling / NAT-piercing to setup the P2P WebRTC DataChannels which handle the actual traffic.)

  • Arbitrarily high numbers of volunteer proxies are possible like in flashproxy, but NATs are no longer a usability barrier - no need for manual port forwarding!

Q: Why is this called Snowflake?

It utilizes the "ICE" negotiation via WebRTC, and also involves a great abundance of ephemeral and short-lived (and special!) volunteer proxies...

More info and links

We have more documentation in the Snowflake wiki and at https://snowflake.torproject.org/.

-- Android AAR Reproducible Build Setup --

Using gomobile it is possible to build snowflake as shared libraries for all the architectures supported by Android. This is in the .gitlab-ci.yml, which runs in GitLab CI. It is also possible to run this setup in a Virtual Machine using vagrant. Just run vagrant up and it will create and provision the VM. vagrant ssh to get into the VM to use it as a development environment.

uTLS Settings

Snowflake communicate with broker that serves as signaling server with TLS based domain fronting connection, which may be identified by its usage of Go language TLS stack.

uTLS is a software library designed to initiate the TLS Client Hello fingerprint of browsers or other popular software's TLS stack to evade censorship based on TLS client hello fingerprint with -utls-imitate . You can use -version to see a list of supported values.

Depending on client and server configuration, it may not always work as expected as not all extensions are correctly implemented.

You can also remove SNI (Server Name Indication) from client hello to evade censorship with -utls-nosni, not all servers supports this.