What cert should the egress server use? - Githubissues

getlantern / browsersunbounded

Interoperable browser-based P2P proxies for censorship circumvention

GNU General Public License v3.0

14 stars 0 forks source link

What cert should the egress server use? #145

Closed noahlevenson closed 1 year ago

noahlevenson commented 1 year ago

We still have InsecureSkipVerify set to true for the Broflake client configuration in Flashlight. I guess that means widget users can MITM the QUIC connection? What cert should we use for the egress server?

noahlevenson commented 1 year ago

That was a project. Addressed here:

https://github.com/getlantern/broflake/commit/6d21c3a02d8bb3016e45fa0c1ae375a09daf7997

https://github.com/getlantern/broflake/commit/0c21dbe9195ea9d7ea1773f18040ef85cc3b2047

https://github.com/getlantern/broflake/commit/3b1050a67a6d216eca495f796b49fef4ac5dec43

https://github.com/getlantern/http-proxy-lantern/pull/555

https://github.com/getlantern/lantern-desktop/pull/326/commits/fc10882e21aacc09ede7893a745c8a4c1febadb5

https://github.com/getlantern/flashlight/pull/1295/commits/ac90c981adb2df6dc96aa2a45ef46ebc6951f053

And prob a couple other places I'm forgetting...