This PR adds support for routing plaintext HTTP traffic only to proxies deployed by Lantern, in this moment it may not represent any difference.
HTTPs can travel safely along trusted and untrusted proxies without compromising user's data, as the protocol itself provides point to point encryption (well, point to Trusted Third Parties and eventually to point, but that's outside our scope).
A new property trusted was added to our configuration settings, this feature depends on whether this flag is set true or not. If no servers marked as trusted are found Lantern will try to use any server (getting unsafe access is better than having no access at all).
Routing an HTTP URL would produce a log like:
curl -x 127.0.0.1:8787 http://www.google.com/humans.txt
Apr 21 19:56:19.621 - balancer: balancer.go:100 Dialing tcp://www.google.com:80 with (trusted) fronted proxy at nl.fallbacks.getiantem.org:443 using masquerade set cloudflare
While routing an HTTPs URL would look like:
curl -x 127.0.0.1:8787 https://www.google.com/humans.txt
Apr 21 19:57:05.401 - balancer: balancer.go:100 Dialing tcp://s3.amazonaws.com:443 with chained proxy at 178.62.243.211:443
You'll probably need to edit lantern.yaml manually to set the trusted field on fronted and chained proxies.
I also added many comments on the code that would make it easier to understand what is each part trying to do and fixed a few minor bugs.
This PR adds support for routing plaintext HTTP traffic only to proxies deployed by Lantern, in this moment it may not represent any difference.
HTTPs can travel safely along trusted and untrusted proxies without compromising user's data, as the protocol itself provides point to point encryption (well, point to Trusted Third Parties and eventually to point, but that's outside our scope).
A new property
trusted
was added to our configuration settings, this feature depends on whether this flag is set true or not. If no servers marked astrusted
are found Lantern will try to use any server (getting unsafe access is better than having no access at all).Routing an HTTP URL would produce a log like:
While routing an HTTPs URL would look like:
You'll probably need to edit
lantern.yaml
manually to set thetrusted
field on fronted and chained proxies.I also added many comments on the code that would make it easier to understand what is each part trying to do and fixed a few minor bugs.
See our discussion at: https://github.com/getlantern/lantern/issues/2290