Git log: commit 8fac5904b4d51a11b35f4a5eb970cd178a44be14
Author: Micah Anderson <micah@riseup.net>
Date: Wed Jul 10 17:22:37 2024 -0400
Add DynamicUser=yes to systemd unit (Closes: #1075885)
commit 47e36bbb4a2a43af2cdc55fff048100d67cbb306
Merge: 2ec0b5e 059b96a
Author: meskio <meskio@sindominio.net>
Date: Tue Apr 9 11:52:52 2024 +0000
Merge branch 'add-cli-arguments-support' into 'debian/sid'
Allow passing flags to proxy via /etc/default
See merge request pkg-privacy-team/snowflake!4
commit 059b96adc35beac227f3db83113515db3c214cda
Author: Johannes Christ <jc@jchri.st>
Date: Wed Aug 23 00:21:43 2023 +0200
Allow passing flags to proxy via /etc/default
commit 2ec0b5e3fa6bf1447b6be6d4da37d5333a71b08a
Author: Nilesh Patra <nilesh@nileshpatra.info>
Date: Sun Feb 26 00:44:53 2023 +0530
Really upload to unstable
commit db16115ada535e6c2e43cd20fa32a61e7aeab499
Author: meskio <meskio@torproject.org>
Date: Fri Feb 24 13:59:07 2023 +0100
New upstream release
commit f36135edef9df6fcd9c7002324c34b14ea048eea
Merge: 15aaf49 7b77001
Author: meskio <meskio@torproject.org>
Date: Fri Feb 24 13:56:17 2023 +0100
Update upstream source from tag 'upstream/2.5.1'
Update to upstream version '2.5.1'
with Debian dir 050abeb2ab0fbac629af6ab2dd4c912ed507bd6e
commit 15aaf49e50a5afb51abb83d54330fdb4bb43aac4
Author: meskio <meskio@torproject.org>
Date: Mon Nov 14 17:27:49 2022 +0100
Bump debian policy
commit ad30ff55710df4c465cbe5f357890bfd18d0ebac
Author: meskio <meskio@torproject.org>
Date: Mon Nov 14 16:43:47 2022 +0100
Remove unused dependencies from the sourcecode
Remove geoip, hyperloop and the vendor folder, as those dependencies are
only used by the broker and not needed in the package.
commit af59ae6100bbae0fe7e1b3d56a91ad7776e54e28
Author: meskio <meskio@torproject.org>
Date: Mon Nov 14 14:43:42 2022 +0100
Remove the test entropy patch
It was included upstream
commit 1d0e792989acc0f9d42d7d268e961af297941ca9
Author: meskio <meskio@torproject.org>
Date: Mon Nov 14 14:17:41 2022 +0100
New 2.3.1 version
commit 6a298eef467f9e32fbc2952ad1f43494e92f8a85
Merge: b7f01d2 36f03df
Author: meskio <meskio@torproject.org>
Date: Mon Nov 14 16:36:31 2022 +0100
Merge tag 'upstream/2.3.1' into debian/sid
commit b7f01d25b2ba60eb82a6a7f491c9de2a4ce3077e
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 24 17:45:09 2022 +0530
Upload to unstable
commit 931afdd3fa06285fe66396e0b68b77a9868f4535
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 17 20:15:21 2022 +0530
Upload to unstable
commit 87742c3184fcd55ec25c4f255735ef795d5727ff
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 17 15:18:39 2022 +0000
Add missing-indep override for arch:all pkg, do not worry about binaries in usr/bin
commit 5291abca8097ffd0d5140f67eca0d024a3bd3073
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 17 20:20:34 2022 +0530
Remove copyright entry for pion libs
commit 7bc337651c9ac55896fd879797b004bb29a778af
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 17 20:14:55 2022 +0530
Add golang-github-pion-webrtc.v3-dev as B-D and Dependency for lib package
commit 5e0915a6ffa922676c032071c238cdc778c0a8e3
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 17 20:13:26 2022 +0530
Un-vendor pion libs that have been accepted
commit 1155c1592b108205211f95cf65f2fb0c1fcd99ec
Author: Nilesh Patra <nilesh@debian.org>
Date: Fri Jun 17 20:11:56 2022 +0530
Provide golang-snowflake-dev as library package
commit f01c019f0a361beadf558464d0952d6f7cfc9a90
Author: meskio <meskio@torproject.org>
Date: Sat Jun 11 14:58:26 2022 +0200
Package snowflake library
commit cc02e581bf53a9f127893f8f7af27685108dbba6
Author: meskio <meskio@torproject.org>
Date: Thu Jun 2 17:37:54 2022 +0200
Bump version 2.2.0-2
commit c577fdc8b8c6a615d3cda83e0d88bde7c16165ed
Author: meskio <meskio@torproject.org>
Date: Thu Jun 2 17:29:36 2022 +0200
Patch the tests to don't use entropy
They were failing in mips
commit 87e8a37ff7ef2b34aafd25300f882b1917565db2
Author: meskio <meskio@torproject.org>
Date: Tue May 31 11:47:42 2022 +0200
Close the bugs related to the pion update
commit cd50d4d3e714a55eacd3eb9ff8b968f73aaa7bdb
Author: meskio <meskio@torproject.org>
Date: Mon May 30 20:11:30 2022 +0200
Use the actuall changelog from the package
commit 76694dbbd5a7e39fa22fcb3b79030951e3b5ab8e
Author: meskio <meskio@torproject.org>
Date: Thu May 26 17:14:07 2022 +0200
Update copyright
commit 686756a6bee29187ea4bbb48d6deff0753e71a1d
Author: meskio <meskio@torproject.org>
Date: Thu May 26 15:52:17 2022 +0200
Update changelog for 2.2.0
commit c2bbf65aaf844b245295f99612fe292fe01de250
Author: meskio <meskio@torproject.org>
Date: Thu May 26 16:15:20 2022 +0200
Update dependencies
commit bca30ca0e9e31220f815b56dd31cf6b87717e697
Author: meskio <meskio@torproject.org>
Date: Thu May 26 16:07:34 2022 +0200
Remove upstreamed proxy patch
commit 4c873ea8111a0c972d5d5180d7472379156cc4b9
Author: meskio <meskio@torproject.org>
Date: Thu May 26 15:55:38 2022 +0200
Update vendored code that solves several CVEs
Add gitlab.torproject.org/tpo/anti-censorship/geoip library to the
vendored libs.
Fixes: CVE-2022-29189, CVE-2022-29190, CVE-2022-29222
commit c176df6792ffe30ccb5b5913f758bcf1cf251c1c
Merge: 42203cc ae5a71e
Author: meskio <meskio@torproject.org>
Date: Thu May 26 15:47:42 2022 +0200
Update upstream source from tag 'upstream/2.2.0'
Update to upstream version '2.2.0'
with Debian dir f8ff773494db83544efc7f3651d0b7d31e344ce7
commit 42203cce7554aa383a5376b55d965f0c0992a282
Author: meskio <meskio@torproject.org>
Date: Thu Sep 9 10:56:04 2021 +0200
Fix copyright issues
commit fe089f48e0ae6b7ac00f6c070ccd96515882bcd8
Author: meskio <meskio@torproject.org>
Date: Fri Sep 3 16:00:12 2021 +0200
Change the maintainer to the privacy maintainers
commit ba9da406e16a134e41dd226ce6291359e591ede8
Author: meskio <meskio@torproject.org>
Date: Thu Sep 2 12:10:49 2021 +0200
Bump the standards version
commit b236e78b8078797165dff43a09ff394761def062
Author: meskio <meskio@torproject.org>
Date: Thu Sep 2 12:03:11 2021 +0200
Patch broken test
commit 48f168c851c592a905413c31f93252cf8b4a2863
Author: meskio <meskio@torproject.org>
Date: Thu Sep 2 10:14:09 2021 +0200
Update changelog for 1.1.0
commit a620db8019c2ee1adeee9df25d1851a25ac4a532
Merge: 0a552ef b852599
Author: meskio <meskio@torproject.org>
Date: Thu Sep 2 10:11:55 2021 +0200
Update upstream source from tag 'upstream/1.1.0'
Update to upstream version '1.1.0'
with Debian dir ea7d7d169a72ee08566c32b976f039679cbad677
commit b85259916339daf0dbac7d2edc8bdb650554e341
Author: meskio <meskio@torproject.org>
Date: Thu Sep 2 10:11:55 2021 +0200
New upstream version 1.1.0
commit 0a552ef2ae7dd95975e696a29f3264c1c67b0802
Author: meskio <meskio@torproject.org>
Date: Wed Jun 9 10:45:38 2021 +0200
Add snowflake-proxy.service
commit 1d2a108a7b33f1049a7ed5d78ba4695f433e8370
Author: meskio <meskio@torproject.org>
Date: Tue Jun 8 12:35:45 2021 +0200
Initial package
commit 82deeb7b7201bb39d652fe95160566717ab337f2
Author: meskio <meskio@torproject.org>
Date: Tue Jun 8 12:31:16 2021 +0200
New upstream version 1.0.0
commit bf733fc50a0bf74c25055236c28d989cf3c85168
Author: meskio <meskio@torproject.org>
Date: Tue Jun 8 12:31:16 2021 +0200
Ignore quilt dir .pc via .gitignore
commit 8e0b5bd20a91fabbdaa156ae3b58d35d7e8d4d71
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Mon Jun 7 10:24:19 2021 -0400
Add changelog and release v1.0.0
commit c5ca41f1387b2157c0c8e66a0ecaf7a36506c4fe
Author: meskio <meskio@torproject.org>
Date: Tue Jun 1 19:25:10 2021 +0200
Add man pages for proxy and client commands
To be used by the debian package (#19409)
commit 270eb218037ca78c5a09d8e8cae9187a22cee122
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed May 5 15:31:39 2021 -0400
Encode client-broker messages as json in HTTP body
Send the client poll request and response in a json-encoded format in
the HTTP request body rather than sending the data in HTTP headers. This
will pave the way for using domain-fronting alternatives for the
Snowflake rendezvous.
commit ae7cc478fd345a1e588f8315ec980809c6806372
Author: David Fifield <david@bamsoftware.com>
Date: Mon May 24 15:09:29 2021 -0600
Release resources in client Transport.Dial on error.
Make a stack of cleanup functions to run (as with defer), but clear the
stack before returning if no error occurs.
Uselessly pushing the stream.Close() cleanup just before clearing the
stack is an intentional safeguard, for in case additional operations are
added before the return in the future.
Fixes #40042.
commit 01a96c7d95bfcc6ec5b6a770c8a56ef7da6605f4
Author: David Fifield <david@bamsoftware.com>
Date: Mon May 24 14:36:24 2021 -0600
Fix error handling around transport.Dial.
The code checked for and displayed an error, but would then go on to
call copyLoop on the nil Conn returned from transport.Dial. Add a return
in that case, and put the cleanup operations in defer. Also remove an
obsolete comment about an empty address. Obsolete because:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/31#note_2733279
commit ef4d0a1da56e15327173923fa14a28d9ca40789c
Author: David Fifield <david@bamsoftware.com>
Date: Wed May 19 13:03:23 2021 +0200
Stop timers before expiration
If we don't stop them explicitly, the timers will not get garbage collected
until they timeout:
https://medium.com/@oboturov/golang-time-after-is-not-garbage-collected-4cbc94740082
Related to #40039
commit 7ef49272fa8c4169a5ec13988a71011dbe14bbfb
Author: Arlo Breault <abreault@wikimedia.org>
Date: Thu May 20 15:36:08 2021 -0400
Remove sync.Once from around logMetrics
Follow up to 160ae2d
Analysis by @dcf,
> I don't think the sync.Once around logMetrics is necessary anymore.
Its original purpose was to inhibit logging on later file handles of
metrics.log, if there were more than one opened. See 171c55a9 and #29734
(comment 2593039) "Making a singleton *Metrics variable causes problems
with how Convey does tests. It shouldn't be called more than once, but
for now I'm using sync.Once on the logging at least so it's explicit."
Commit ba4fe1a7 changed it so that metrics.log is opened in main, used
to create a *log.Logger, and that same instance of *log.Logger is passed
to both NewMetrics and NewBrokerContext. It's safe to share the same
*log.Logger across multiple BrokerContext.
commit 160ae2dd71879ab83226a3d4eb2b15cefdb570f4
Author: Arlo Breault <abreault@wikimedia.org>
Date: Tue May 18 20:06:28 2021 -0400
Make promMetrics not a global
Doesn't seem like it needs to exist outside of the metrics struct.
Also, the call to logMetrics is moved to the constructor. A metrics
instance is only created when a BrokerContext is created, which only
happens at startup. The sync of only doing that once is left for
documentation purposes, since it doesn't hurt, but also seems redundant.
commit 0054cb2dec19e89e07b8c5a6d8b9d23589842deb
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed May 12 10:40:56 2021 -0400
Update .gitlab-ci.yml after refactor of client
commit 7c9005bed3e353c4e108355abd1ed4b35099f2ea
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed May 12 09:32:07 2021 -0400
Ensure turbotunnel read and write loop terminate
Introduce a waitgroup and done channel to ensure that both the read and
write gorouting for turbotunnel connections terminate when the
connection is closed.
commit 11f0846264d4033e7a7dc7824febb6ad7140762f
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Sat Mar 20 18:24:00 2021 -0400
Implement server as a v2.1 PT Go API
commit e87b9175dd7559fccd665cd7eb4b6edecc231950
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Sat Mar 20 12:36:33 2021 -0400
Implement snowflake client lib as PTv2.1 Go API
This implements a pluggable transports v2.1 compatible Go API in the
Snowflake client library, and refactors how the main Snowflake program
calls it. The Go API implements the two required client side functions:
a constructor that returns a Transport, and a Dial function for the
Transport that returns a net.Conn. See the PT specification for more
information:
https://github.com/Pluggable-Transports/Pluggable-Transports-spec/blob/master/releases/PTSpecV2.1/Pluggable%20Transport%20Specification%20v2.1%20-%20Go%20Transport%20API.pdf
commit af6e2c30e1a6aacc6e7adf9a31df0a387891cc37
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Apr 1 14:21:12 2021 -0400
Replace default with custom prometheus registry
The default prometheus registry exports data that may be useful for
side-channel attacks. This removes all of the default metrics and makes
sure we are only reporting snowflake metrics from the broker.
commit 2a310682b51b3da514d7e1927aafcdae9b9c8820
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Mar 31 17:22:31 2021 -0400
Add new gauge to show currently available proxies
commit 92bd900bc57f1d56c21c5abf736deb6ce3a83837
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Mar 31 10:52:01 2021 -0400
Implement binned counts for polling metrics
commit 83ef0b6f6de83e877caf455f17732acf8eb9b232
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Tue Mar 30 15:40:02 2021 -0400
Export snowflake broker metrics for prometheus
This change adds a prometheus exporter for our existing snowflake broker
metrics. Current values for the metrics can be fetched by sending a GET
request to /prometheus.
commit eff73c3016ec259918e117665833df04f1755e80
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Apr 1 11:29:52 2021 -0400
Switch front domain and host to fastly
commit 196c230ac7e6e2d6be7c00d2c3f90e11d23b21b7
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Tue Feb 2 16:11:29 2021 -0500
Update Go version for .gitlab-ci.yml
commit 087a037f82d7088c253936f5450c933867b10b2d
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Mar 18 23:08:05 2021 -0400
Update webrtc library to v3.0.15
This fixes a vulnerability in the library: CVE-2021-28681
commit c0b6e082f2f30cbeca962937ea5a777b98cf3ebb
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Mon Mar 8 22:16:33 2021 -0500
Don't log errors from callng close on OR conns
Snowflake copies data between the OR connection and the KCP stream,
meaning that in most cases the copy loops will only terminate once the
OR connection times out. In this case the OR connection is already
closed and so calls to CloseRead and CloseWrite will generate errors.
commit 720d2b8eb7be9e2a41126624083054a66017d452
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Mon Mar 8 21:50:42 2021 -0500
Don't log io.ErrClosedPipe in server
These errors are triggered in three places when the OR connection times
out. They don't tell us anything useful and are filling up our logs.
commit 850d2f0683ede3d24a2b907161b6d88b32bed24a
Author: David Fifield <david@bamsoftware.com>
Date: Fri Mar 5 23:26:35 2021 -0700
Update required Go version to 1.13 in README.
commit 7187f1009ef7aaae6aa557fe1f724aa1df718b24
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Mon Jan 25 13:01:37 2021 -0500
Log a throughput summary for each connection
This will increase transparency for people running standalone proxies
and help us debug any potential issues with proxies behaving unreliably.
commit bae0bacbfdcd7d195e5ecff985bbff2361937170
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Fri Jan 15 11:50:56 2021 -0500
Classify proxies with unknown NATs as restricted
commit 1b29ad7de14fb0a6d2bf88aea38353733682cd26
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Mon Jan 25 10:28:17 2021 -0500
Bump version of pion/sdp
Update our dependency on pion/sdp from v2 to v3, to match pion/webrtc
v3. This requires some changes in how we parse out addresses from ice
candidates. This will ease tor browser builds of snowflake since we are
now only relying on one version of pion/sdp instead of two different
ones.
commit 83c01565ef90a13b0cab390fd59d7d36da76ec1e
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Dec 17 12:25:11 2020 -0500
Update webrtc library to v3.0.0
This update required two main changes to how we use the library. First,
we had to make sure we created the datachannel on the offering peer side
before creating the offer. Second, we had to make sure we wait for the
gathering of all candidates to complete since trickle-ice is enabled by
default. See the release notes for more details:
https://github.com/pion/webrtc/wiki/Release-WebRTC@v3.0.0.
commit f908576c604e812c70e4b4ef8d12b5ebd55f3166
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Dec 16 10:19:28 2020 -0500
Increase the KCP maximum window size
commit 8ec8a7cb635f1eaf36eadff06c653e73fe553817
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Dec 16 10:52:19 2020 -0500
Pass lock to socksAcceptLoop by reference
This fixes a bug where we were passing the lock by value to
socksAcceptLoop.
commit 3e8947bfc9af1b299bc202d0252245c03ba20f11
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Fri Dec 4 13:41:11 2020 -0500
Avoid double delay in client from ReconnectTimeout
Run the snowflake collection ReconnectTimeout timer in parallel to the
negotiation with the broker. This way, if the broker takes a long time
to respond the client doesn't have to wait the full timeout to respond.
commit effc6675448a3a6e62d2784557d67e2c46e376d5
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Fri Dec 4 10:50:00 2020 -0500
Wait until all goroutines finish before shutdown
commit b9cc54b3b7dbd76d85613f0f478c95b193441564
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Oct 29 16:21:37 2020 -0400
Send shutdown signal to shutdown open connections
Normally all dangling goroutines are terminated when the main function
exits. However, for projects that use a patched version of snowflake as
a library, these goroutines continued running as long as the main function
had not yet terminated. This commit has all open SOCKS connections close
after receiving a shutdown signal.
commit 114df695ceff25d0213200a3368ed7a1bb1c7668
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Mon Nov 23 14:02:54 2020 -0500
Create new smux session for each SOCKS connection
Each SOCKS connection has its own set of snowflakes and broker poll
loop. Since the session manager was tied to a single set of snowflakes,
this resulted in a bug where RedialPacketConn would sometimes try to
pull snowflakes from a previously melted pool. The fix is to maintain
separate smux sessions for each SOCKS connection, tied to its own
snowflake pool.
commit 5efcde518796e319231fd68c816e1ab74dd66129
Author: Philipp Winter <phw@nymity.ch>
Date: Fri Nov 27 11:04:00 2020 -0800
Sort snowflake-ips stats by country count.
We currently don't sort the snowflake-ips metrics:
snowflake-ips CA=1,DE=1,AR=1,NL=1,FR=1,GB=2,US=4,CH=1
To facilitate eyeballing our metrics, this patch sorts snowflake-ips by
value. If the value is identical, we sort by string, i.e.:
snowflake-ips US=4,GB=2,AR=1,CA=1,CH=1,DE=1,FR=1,NL=1
This patch fixes tpo/anti-censorship/pluggable-transports/snowflake#40011
commit 665d76c5b04c4e470d85a826ea617a2404ed4a1d
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Fri Nov 13 15:08:00 2020 -0500
Remove for loop around broker.Negotiate
Instead of continuously polling the broker until the client receives a
snowflake, fail back to the Connect() loop and try again to collect more
peers after ReconnectTimeout.
commit ece43cbfcfc328bf0d45ee1ce5998ea295035af4
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Fri Nov 20 01:15:16 2020 -0500
Note that isRestrictedFiltering is no longer used
commit 00f8f85f412878c2066fcb5d3f4739e50912a925
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Nov 18 16:18:35 2020 -0500
Use remote probe to determine proxy NAT type
Rather than having standalone proxies determine their NAT type by
conducting the NAT behaviour checks in RFC 5780, use the remote probe
service instead.
commit cf2eb5e6c0981831d713a38056226813b8ded623
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Nov 18 15:57:51 2020 -0500
Add a stub sid to probetest answer
This will prevent calls to DecodeAnswerRequest from returning an error
even though the sid is not needed for the probetest.
commit 0bed9c48b7a3f59c7141e9934a44e73e03096faf
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Nov 18 15:40:32 2020 -0500
Redefine only symmetric NATs as restricted
commit 61beb9d996527cd8cb9e4ca650f8cbf24df1503e
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Nov 5 19:28:20 2020 -0500
Revert accidentally merged code
Some temporary testing code for the proxy got accidentally merged into
the latest changes. This commit undoes that mistake.
commit 4663599382e4db8167fcc23a1a890e24ebca517a
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Nov 5 16:48:00 2020 -0500
Make probetest wait for a datachannel to open
commit b5ce2598586d729b0906d3936706dc48e82e1455
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Nov 5 12:34:24 2020 -0500
Fixed a bug that forced datachannel timeout
The probetest answer response was not being sent until the select call
received a datachannel timeout causing all attempted connections to
fail.
commit a4f10d9d6eaa8806adc5eefaf7ac46d4050340d1
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Oct 14 15:49:01 2020 -0400
Add Dockerfile and README for deploying probetest
The easiest way to set up the probe server behind a symmetric NAT is to
deploy it as a Docker container and alter the iptables rules for the
Docker network subnet that the container runs in.
commit f368c871095dae3aa990e7d46a1d6612af9909b9
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Tue Oct 13 17:18:50 2020 -0400
Add a remote service to test NAT compatability
Add a remote probetest service that will allow proxies to test their
compatability with symmetric NATs.
commit 7a0428e3b11ba437f27d09b1a9ad0fa820e54d24
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Tue Oct 13 11:06:14 2020 -0400
Refactor proxy to reuse signaling code
Simplify proxy interactions with the broker signaling server and prepare
for the introduction of an additional signaling server.
commit 912bcae24eb71bc52c6f28b908e3c7678781e1a2
Author: David Fifield <david@bamsoftware.com>
Date: Thu Oct 22 23:01:45 2020 -0600
Don't log io.ErrClosedPipe in proxy.
We expect one of these at the end of just about every proxy session, as
the Conns in both directions are closed as soon as the copy loop
finishes in one direction.
Closes #40016.
commit 6baa3c4d5f70fd50223dc41febf67576267d039b
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Oct 15 14:47:51 2020 -0400
Add synchronization to prevent post-melt collects
This fixes a race condition in which snowflakes.End() is called while
snowflakes.Collect() is in progress resulting in a write to a closed
channel. We now wait for all in-progress collections to finish and add
an extra check before proceeding with a collection.
commit d7aa9b835645bc52c29ba13cdab461fe0d0e4e66
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Sep 30 10:10:29 2020 -0400
Extract remote address from ICE candidates
Parse the received ICE candidates as well as the Connection Data
field for a non-local IP address to pass to the bridge. This fixes
bug #33157.
commit 8467c01e9e88523fcdef22fed8efadbd07484966
Author: Peter Gerber <peter@arbitrary.ch>
Date: Mon Sep 21 15:53:24 2020 +0000
Consider more IPs to be local
commit 2d43dd26b15d83b47ba3fe1320e4ebe63808028c
Merge: 3c33175 cc55481
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Thu Aug 27 16:45:05 2020 -0400
Merge branch 'issue/21314'
commit cc55481faf7bb886ef3cae99110800189abb0992
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Tue Aug 11 13:57:51 2020 -0400
Set max number of snowflakes in the Tongue
commit 3c3317503eb8e83bbf5bebff411bbd722e60ee2f
Author: Cecylia Bocovich <cohosh@torproject.org>
Date: Wed Aug 19 11:37:43 2020 -0400
Update broker stats to include info on NAT types
As we now partition proxies by NAT type, our stats are more useful if they
capture how many proxies of each type we have, and information on
whether we have enough proxies of the right NAT type for our clients.
This change adds proxy counts by NAT type and binned counts of denied clients by NAT type.