c/ooni-probe-cli
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hotfix: disable oocrypto until we investigate ciphers selection (#784)

Browse Source 
See https://github.com/ooni/probe/issues/2122 for context.
This commit is contained in:
Simone Basso
2022-06-02 08:52:15 +02:00
committed by GitHub
parent 92ebfd7986
commit b58cfadb39
4 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/netxlite/tls.go
+8 -2
View File
@@ -13,7 +13,6 @@ import (
"net"
"time"
ootls "github.com/ooni/oocrypto/tls"
oohttp "github.com/ooni/oohttp"
"github.com/ooni/probe-cli/v3/internal/model"
"github.com/ooni/probe-cli/v3/internal/runtimex"
@@ -206,7 +205,14 @@ func (h *tlsHandshakerConfigurable) newConn(conn net.Conn, config *tls.Config) (
if h.NewConn != nil {
return h.NewConn(conn, config)
}
return ootls.NewClientConnStdlib(conn, config)
// This used to be the place where we created a TLSConn using
// github.com/ooni/oocrypto's TLS. However, it seems this strategy
// does not correctly pick up the CPU capabilities. So, we have
// now disabled oocrypto until we investigate, to avoid making the
// development branch worse than it could in terms of TLS fingerprint.
//
// TODO(https://github.com/ooni/probe/issues/2122)
return tls.Client(conn, config), nil
}
// defaultTLSHandshaker is the default TLS handshaker.