snowflake (2.5.1-1) [PTS] [DDPO]

COMMITS: VCS has seen 90 commits since the v2.5.1 tag

Git: https://salsa.debian.org/pkg-privacy-team/snowflake.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian/sid
Path: debian/changelog
Repo size: 417792
Browser: https://salsa.debian.org/pkg-privacy-team/snowflake
Last scan: 2024-04-23 12:18:16+00
Next scan: 2024-04-30 21:57:00+00
CI pipeline status: success

Debian changelog in Git:

snowflake (2.5.1-1) unstable; urgency=medium

  * New upstream release.
    + Versioned dep on pion-webrtc

 -- Ruben Pollan <meskio@sindominio.net>  Sat, 25 Feb 2023 19:03:02 +0530

This branch is 90 commits ahead of tag v2.5.1

Git log:

commit 47e36bbb4a2a43af2cdc55fff048100d67cbb306
Merge: 2ec0b5e 059b96a
Author: meskio <meskio@sindominio.net>
Date:   Tue Apr 9 11:52:52 2024 +0000

    Merge branch 'add-cli-arguments-support' into 'debian/sid'
    
    Allow passing flags to proxy via /etc/default
    
    See merge request pkg-privacy-team/snowflake!4

commit 059b96adc35beac227f3db83113515db3c214cda
Author: Johannes Christ <jc@jchri.st>
Date:   Wed Aug 23 00:21:43 2023 +0200

    Allow passing flags to proxy via /etc/default

commit 2ec0b5e3fa6bf1447b6be6d4da37d5333a71b08a
Author: Nilesh Patra <nilesh@nileshpatra.info>
Date:   Sun Feb 26 00:44:53 2023 +0530

    Really upload to unstable

commit db16115ada535e6c2e43cd20fa32a61e7aeab499
Author: meskio <meskio@torproject.org>
Date:   Fri Feb 24 13:59:07 2023 +0100

    New upstream release

commit f36135edef9df6fcd9c7002324c34b14ea048eea
Merge: 15aaf49 7b77001
Author: meskio <meskio@torproject.org>
Date:   Fri Feb 24 13:56:17 2023 +0100

    Update upstream source from tag 'upstream/2.5.1'
    
    Update to upstream version '2.5.1'
    with Debian dir 050abeb2ab0fbac629af6ab2dd4c912ed507bd6e

commit 15aaf49e50a5afb51abb83d54330fdb4bb43aac4
Author: meskio <meskio@torproject.org>
Date:   Mon Nov 14 17:27:49 2022 +0100

    Bump debian policy

commit ad30ff55710df4c465cbe5f357890bfd18d0ebac
Author: meskio <meskio@torproject.org>
Date:   Mon Nov 14 16:43:47 2022 +0100

    Remove unused dependencies from the sourcecode
    
    Remove geoip, hyperloop and the vendor folder, as those dependencies are
    only used by the broker and not needed in the package.

commit af59ae6100bbae0fe7e1b3d56a91ad7776e54e28
Author: meskio <meskio@torproject.org>
Date:   Mon Nov 14 14:43:42 2022 +0100

    Remove the test entropy patch
    
    It was included upstream

commit 1d0e792989acc0f9d42d7d268e961af297941ca9
Author: meskio <meskio@torproject.org>
Date:   Mon Nov 14 14:17:41 2022 +0100

    New 2.3.1 version

commit 6a298eef467f9e32fbc2952ad1f43494e92f8a85
Merge: b7f01d2 36f03df
Author: meskio <meskio@torproject.org>
Date:   Mon Nov 14 16:36:31 2022 +0100

    Merge tag 'upstream/2.3.1' into debian/sid

commit b7f01d25b2ba60eb82a6a7f491c9de2a4ce3077e
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 24 17:45:09 2022 +0530

    Upload to unstable

commit 931afdd3fa06285fe66396e0b68b77a9868f4535
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 17 20:15:21 2022 +0530

    Upload to unstable

commit 87742c3184fcd55ec25c4f255735ef795d5727ff
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 17 15:18:39 2022 +0000

    Add missing-indep override for arch:all pkg, do not worry about binaries in usr/bin

commit 5291abca8097ffd0d5140f67eca0d024a3bd3073
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 17 20:20:34 2022 +0530

    Remove copyright entry for pion libs

commit 7bc337651c9ac55896fd879797b004bb29a778af
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 17 20:14:55 2022 +0530

    Add golang-github-pion-webrtc.v3-dev as B-D and Dependency for lib package

commit 5e0915a6ffa922676c032071c238cdc778c0a8e3
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 17 20:13:26 2022 +0530

    Un-vendor pion libs that have been accepted

commit 1155c1592b108205211f95cf65f2fb0c1fcd99ec
Author: Nilesh Patra <nilesh@debian.org>
Date:   Fri Jun 17 20:11:56 2022 +0530

    Provide golang-snowflake-dev as library package

commit f01c019f0a361beadf558464d0952d6f7cfc9a90
Author: meskio <meskio@torproject.org>
Date:   Sat Jun 11 14:58:26 2022 +0200

    Package snowflake library

commit cc02e581bf53a9f127893f8f7af27685108dbba6
Author: meskio <meskio@torproject.org>
Date:   Thu Jun 2 17:37:54 2022 +0200

    Bump version 2.2.0-2

commit c577fdc8b8c6a615d3cda83e0d88bde7c16165ed
Author: meskio <meskio@torproject.org>
Date:   Thu Jun 2 17:29:36 2022 +0200

    Patch the tests to don't use entropy
    
    They were failing in mips

commit 87e8a37ff7ef2b34aafd25300f882b1917565db2
Author: meskio <meskio@torproject.org>
Date:   Tue May 31 11:47:42 2022 +0200

    Close the bugs related to the pion update

commit cd50d4d3e714a55eacd3eb9ff8b968f73aaa7bdb
Author: meskio <meskio@torproject.org>
Date:   Mon May 30 20:11:30 2022 +0200

    Use the actuall changelog from the package

commit 76694dbbd5a7e39fa22fcb3b79030951e3b5ab8e
Author: meskio <meskio@torproject.org>
Date:   Thu May 26 17:14:07 2022 +0200

    Update copyright

commit 686756a6bee29187ea4bbb48d6deff0753e71a1d
Author: meskio <meskio@torproject.org>
Date:   Thu May 26 15:52:17 2022 +0200

    Update changelog for 2.2.0

commit c2bbf65aaf844b245295f99612fe292fe01de250
Author: meskio <meskio@torproject.org>
Date:   Thu May 26 16:15:20 2022 +0200

    Update dependencies

commit bca30ca0e9e31220f815b56dd31cf6b87717e697
Author: meskio <meskio@torproject.org>
Date:   Thu May 26 16:07:34 2022 +0200

    Remove upstreamed proxy patch

commit 4c873ea8111a0c972d5d5180d7472379156cc4b9
Author: meskio <meskio@torproject.org>
Date:   Thu May 26 15:55:38 2022 +0200

    Update vendored code that solves several CVEs
    
    Add gitlab.torproject.org/tpo/anti-censorship/geoip library to the
    vendored libs.
    
    Fixes: CVE-2022-29189, CVE-2022-29190, CVE-2022-29222

commit c176df6792ffe30ccb5b5913f758bcf1cf251c1c
Merge: 42203cc ae5a71e
Author: meskio <meskio@torproject.org>
Date:   Thu May 26 15:47:42 2022 +0200

    Update upstream source from tag 'upstream/2.2.0'
    
    Update to upstream version '2.2.0'
    with Debian dir f8ff773494db83544efc7f3651d0b7d31e344ce7

commit 42203cce7554aa383a5376b55d965f0c0992a282
Author: meskio <meskio@torproject.org>
Date:   Thu Sep 9 10:56:04 2021 +0200

    Fix copyright issues

commit fe089f48e0ae6b7ac00f6c070ccd96515882bcd8
Author: meskio <meskio@torproject.org>
Date:   Fri Sep 3 16:00:12 2021 +0200

    Change the maintainer to the privacy maintainers

commit ba9da406e16a134e41dd226ce6291359e591ede8
Author: meskio <meskio@torproject.org>
Date:   Thu Sep 2 12:10:49 2021 +0200

    Bump the standards version

commit b236e78b8078797165dff43a09ff394761def062
Author: meskio <meskio@torproject.org>
Date:   Thu Sep 2 12:03:11 2021 +0200

    Patch broken test

commit 48f168c851c592a905413c31f93252cf8b4a2863
Author: meskio <meskio@torproject.org>
Date:   Thu Sep 2 10:14:09 2021 +0200

    Update changelog for 1.1.0

commit a620db8019c2ee1adeee9df25d1851a25ac4a532
Merge: 0a552ef b852599
Author: meskio <meskio@torproject.org>
Date:   Thu Sep 2 10:11:55 2021 +0200

    Update upstream source from tag 'upstream/1.1.0'
    
    Update to upstream version '1.1.0'
    with Debian dir ea7d7d169a72ee08566c32b976f039679cbad677

commit b85259916339daf0dbac7d2edc8bdb650554e341
Author: meskio <meskio@torproject.org>
Date:   Thu Sep 2 10:11:55 2021 +0200

    New upstream version 1.1.0

commit 0a552ef2ae7dd95975e696a29f3264c1c67b0802
Author: meskio <meskio@torproject.org>
Date:   Wed Jun 9 10:45:38 2021 +0200

    Add snowflake-proxy.service

commit 1d2a108a7b33f1049a7ed5d78ba4695f433e8370
Author: meskio <meskio@torproject.org>
Date:   Tue Jun 8 12:35:45 2021 +0200

    Initial package

commit 82deeb7b7201bb39d652fe95160566717ab337f2
Author: meskio <meskio@torproject.org>
Date:   Tue Jun 8 12:31:16 2021 +0200

    New upstream version 1.0.0

commit bf733fc50a0bf74c25055236c28d989cf3c85168
Author: meskio <meskio@torproject.org>
Date:   Tue Jun 8 12:31:16 2021 +0200

    Ignore quilt dir .pc via .gitignore

commit 8e0b5bd20a91fabbdaa156ae3b58d35d7e8d4d71
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Mon Jun 7 10:24:19 2021 -0400

    Add changelog and release v1.0.0

commit c5ca41f1387b2157c0c8e66a0ecaf7a36506c4fe
Author: meskio <meskio@torproject.org>
Date:   Tue Jun 1 19:25:10 2021 +0200

    Add man pages for proxy and client commands
    
    To be used by the debian package (#19409)

commit 270eb218037ca78c5a09d8e8cae9187a22cee122
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed May 5 15:31:39 2021 -0400

    Encode client-broker messages as json in HTTP body
    
    Send the client poll request and response in a json-encoded format in
    the HTTP request body rather than sending the data in HTTP headers. This
    will pave the way for using domain-fronting alternatives for the
    Snowflake rendezvous.

commit ae7cc478fd345a1e588f8315ec980809c6806372
Author: David Fifield <david@bamsoftware.com>
Date:   Mon May 24 15:09:29 2021 -0600

    Release resources in client Transport.Dial on error.
    
    Make a stack of cleanup functions to run (as with defer), but clear the
    stack before returning if no error occurs.
    
    Uselessly pushing the stream.Close() cleanup just before clearing the
    stack is an intentional safeguard, for in case additional operations are
    added before the return in the future.
    
    Fixes #40042.

commit 01a96c7d95bfcc6ec5b6a770c8a56ef7da6605f4
Author: David Fifield <david@bamsoftware.com>
Date:   Mon May 24 14:36:24 2021 -0600

    Fix error handling around transport.Dial.
    
    The code checked for and displayed an error, but would then go on to
    call copyLoop on the nil Conn returned from transport.Dial. Add a return
    in that case, and put the cleanup operations in defer. Also remove an
    obsolete comment about an empty address. Obsolete because:
    https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/31#note_2733279

commit ef4d0a1da56e15327173923fa14a28d9ca40789c
Author: David Fifield <david@bamsoftware.com>
Date:   Wed May 19 13:03:23 2021 +0200

    Stop timers before expiration
    
    If we don't stop them explicitly, the timers will not get garbage collected
    until they timeout:
    https://medium.com/@oboturov/golang-time-after-is-not-garbage-collected-4cbc94740082
    
    Related to #40039

commit 7ef49272fa8c4169a5ec13988a71011dbe14bbfb
Author: Arlo Breault <abreault@wikimedia.org>
Date:   Thu May 20 15:36:08 2021 -0400

    Remove sync.Once from around logMetrics
    
    Follow up to 160ae2d
    
    Analysis by @dcf,
    
    > I don't think the sync.Once around logMetrics is necessary anymore.
    Its original purpose was to inhibit logging on later file handles of
    metrics.log, if there were more than one opened. See 171c55a9 and #29734
    (comment 2593039) "Making a singleton *Metrics variable causes problems
    with how Convey does tests. It shouldn't be called more than once, but
    for now I'm using sync.Once on the logging at least so it's explicit."
    Commit ba4fe1a7 changed it so that metrics.log is opened in main, used
    to create a *log.Logger, and that same instance of *log.Logger is passed
    to both NewMetrics and NewBrokerContext. It's safe to share the same
    *log.Logger across multiple BrokerContext.

commit 160ae2dd71879ab83226a3d4eb2b15cefdb570f4
Author: Arlo Breault <abreault@wikimedia.org>
Date:   Tue May 18 20:06:28 2021 -0400

    Make promMetrics not a global
    
    Doesn't seem like it needs to exist outside of the metrics struct.
    
    Also, the call to logMetrics is moved to the constructor.  A metrics
    instance is only created when a BrokerContext is created, which only
    happens at startup.  The sync of only doing that once is left for
    documentation purposes, since it doesn't hurt, but also seems redundant.

commit 0054cb2dec19e89e07b8c5a6d8b9d23589842deb
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed May 12 10:40:56 2021 -0400

    Update .gitlab-ci.yml after refactor of client

commit 7c9005bed3e353c4e108355abd1ed4b35099f2ea
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed May 12 09:32:07 2021 -0400

    Ensure turbotunnel read and write loop terminate
    
    Introduce a waitgroup and done channel to ensure that both the read and
    write gorouting for turbotunnel connections terminate when the
    connection is closed.

commit 11f0846264d4033e7a7dc7824febb6ad7140762f
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Sat Mar 20 18:24:00 2021 -0400

    Implement server as a v2.1 PT Go API

commit e87b9175dd7559fccd665cd7eb4b6edecc231950
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Sat Mar 20 12:36:33 2021 -0400

    Implement snowflake client lib as PTv2.1 Go API
    
    This implements a pluggable transports v2.1 compatible Go API in the
    Snowflake client library, and refactors how the main Snowflake program
    calls it. The Go API implements the two required client side functions:
    a constructor that returns a Transport, and a Dial function for the
    Transport that returns a net.Conn. See the PT specification for more
    information:
    https://github.com/Pluggable-Transports/Pluggable-Transports-spec/blob/master/releases/PTSpecV2.1/Pluggable%20Transport%20Specification%20v2.1%20-%20Go%20Transport%20API.pdf

commit af6e2c30e1a6aacc6e7adf9a31df0a387891cc37
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Apr 1 14:21:12 2021 -0400

    Replace default with custom prometheus registry
    
    The default prometheus registry exports data that may be useful for
    side-channel attacks. This removes all of the default metrics and makes
    sure we are only reporting snowflake metrics from the broker.

commit 2a310682b51b3da514d7e1927aafcdae9b9c8820
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Mar 31 17:22:31 2021 -0400

    Add new gauge to show currently available proxies

commit 92bd900bc57f1d56c21c5abf736deb6ce3a83837
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Mar 31 10:52:01 2021 -0400

    Implement binned counts for polling metrics

commit 83ef0b6f6de83e877caf455f17732acf8eb9b232
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Tue Mar 30 15:40:02 2021 -0400

    Export snowflake broker metrics for prometheus
    
    This change adds a prometheus exporter for our existing snowflake broker
    metrics. Current values for the metrics can be fetched by sending a GET
    request to /prometheus.

commit eff73c3016ec259918e117665833df04f1755e80
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Apr 1 11:29:52 2021 -0400

    Switch front domain and host to fastly

commit 196c230ac7e6e2d6be7c00d2c3f90e11d23b21b7
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Tue Feb 2 16:11:29 2021 -0500

    Update Go version for .gitlab-ci.yml

commit 087a037f82d7088c253936f5450c933867b10b2d
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Mar 18 23:08:05 2021 -0400

    Update webrtc library to v3.0.15
    
    This fixes a vulnerability in the library: CVE-2021-28681

commit c0b6e082f2f30cbeca962937ea5a777b98cf3ebb
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Mon Mar 8 22:16:33 2021 -0500

    Don't log errors from callng close on OR conns
    
    Snowflake copies data between the OR connection and the KCP stream,
    meaning that in most cases the copy loops will only terminate once the
    OR connection times out. In this case the OR connection is already
    closed and so calls to CloseRead and CloseWrite will generate errors.

commit 720d2b8eb7be9e2a41126624083054a66017d452
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Mon Mar 8 21:50:42 2021 -0500

    Don't log io.ErrClosedPipe in server
    
    These errors are triggered in three places when the OR connection times
    out. They don't tell us anything useful and are filling up our logs.

commit 850d2f0683ede3d24a2b907161b6d88b32bed24a
Author: David Fifield <david@bamsoftware.com>
Date:   Fri Mar 5 23:26:35 2021 -0700

    Update required Go version to 1.13 in README.

commit 7187f1009ef7aaae6aa557fe1f724aa1df718b24
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Mon Jan 25 13:01:37 2021 -0500

    Log a throughput summary for each connection
    
    This will increase transparency for people running standalone proxies
    and help us debug any potential issues with proxies behaving unreliably.

commit bae0bacbfdcd7d195e5ecff985bbff2361937170
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Fri Jan 15 11:50:56 2021 -0500

    Classify proxies with unknown NATs as restricted

commit 1b29ad7de14fb0a6d2bf88aea38353733682cd26
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Mon Jan 25 10:28:17 2021 -0500

    Bump version of pion/sdp
    
    Update our dependency on pion/sdp from v2 to v3, to match pion/webrtc
    v3. This requires some changes in how we parse out addresses from ice
    candidates. This will ease tor browser builds of snowflake since we are
    now only relying on one version of pion/sdp instead of two different
    ones.

commit 83c01565ef90a13b0cab390fd59d7d36da76ec1e
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Dec 17 12:25:11 2020 -0500

    Update webrtc library to v3.0.0
    
    This update required two main changes to how we use the library. First,
    we had to make sure we created the datachannel on the offering peer side
    before creating the offer. Second, we had to make sure we wait for the
    gathering of all candidates to complete since trickle-ice is enabled by
    default. See the release notes for more details:
    https://github.com/pion/webrtc/wiki/Release-WebRTC@v3.0.0.

commit f908576c604e812c70e4b4ef8d12b5ebd55f3166
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Dec 16 10:19:28 2020 -0500

    Increase the KCP maximum window size

commit 8ec8a7cb635f1eaf36eadff06c653e73fe553817
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Dec 16 10:52:19 2020 -0500

    Pass lock to socksAcceptLoop by reference
    
    This fixes a bug where we were passing the lock by value to
    socksAcceptLoop.

commit 3e8947bfc9af1b299bc202d0252245c03ba20f11
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Fri Dec 4 13:41:11 2020 -0500

    Avoid double delay in client from ReconnectTimeout
    
    Run the snowflake collection ReconnectTimeout timer in parallel to the
    negotiation with the broker. This way, if the broker takes a long time
    to respond the client doesn't have to wait the full timeout to respond.

commit effc6675448a3a6e62d2784557d67e2c46e376d5
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Fri Dec 4 10:50:00 2020 -0500

    Wait until all goroutines finish before shutdown

commit b9cc54b3b7dbd76d85613f0f478c95b193441564
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Oct 29 16:21:37 2020 -0400

    Send shutdown signal to shutdown open connections
    
    Normally all dangling goroutines are terminated when the main function
    exits. However, for projects that use a patched version of snowflake as
    a library, these goroutines continued running as long as the main function
    had not yet terminated. This commit has all open SOCKS connections close
    after receiving a shutdown signal.

commit 114df695ceff25d0213200a3368ed7a1bb1c7668
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Mon Nov 23 14:02:54 2020 -0500

    Create new smux session for each SOCKS connection
    
    Each SOCKS connection has its own set of snowflakes and broker poll
    loop. Since the session manager was tied to a single set of snowflakes,
    this resulted in a bug where RedialPacketConn would sometimes try to
    pull snowflakes from a previously melted pool. The fix is to maintain
    separate smux sessions for each SOCKS connection, tied to its own
    snowflake pool.

commit 5efcde518796e319231fd68c816e1ab74dd66129
Author: Philipp Winter <phw@nymity.ch>
Date:   Fri Nov 27 11:04:00 2020 -0800

    Sort snowflake-ips stats by country count.
    
    We currently don't sort the snowflake-ips metrics:
    
        snowflake-ips CA=1,DE=1,AR=1,NL=1,FR=1,GB=2,US=4,CH=1
    
    To facilitate eyeballing our metrics, this patch sorts snowflake-ips by
    value.  If the value is identical, we sort by string, i.e.:
    
        snowflake-ips US=4,GB=2,AR=1,CA=1,CH=1,DE=1,FR=1,NL=1
    
    This patch fixes tpo/anti-censorship/pluggable-transports/snowflake#40011

commit 665d76c5b04c4e470d85a826ea617a2404ed4a1d
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Fri Nov 13 15:08:00 2020 -0500

    Remove for loop around broker.Negotiate
    
    Instead of continuously polling the broker until the client receives a
    snowflake, fail back to the Connect() loop and try again to collect more
    peers after ReconnectTimeout.

commit ece43cbfcfc328bf0d45ee1ce5998ea295035af4
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Fri Nov 20 01:15:16 2020 -0500

    Note that isRestrictedFiltering is no longer used

commit 00f8f85f412878c2066fcb5d3f4739e50912a925
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Nov 18 16:18:35 2020 -0500

    Use remote probe to determine proxy NAT type
    
    Rather than having standalone proxies determine their NAT type by
    conducting the NAT behaviour checks in RFC 5780, use the remote probe
    service instead.

commit cf2eb5e6c0981831d713a38056226813b8ded623
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Nov 18 15:57:51 2020 -0500

    Add a stub sid to probetest answer
    
    This will prevent calls to DecodeAnswerRequest from returning an error
    even though the sid is not needed for the probetest.

commit 0bed9c48b7a3f59c7141e9934a44e73e03096faf
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Nov 18 15:40:32 2020 -0500

    Redefine only symmetric NATs as restricted

commit 61beb9d996527cd8cb9e4ca650f8cbf24df1503e
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Nov 5 19:28:20 2020 -0500

    Revert accidentally merged code
    
    Some temporary testing code for the proxy got accidentally merged into
    the latest changes. This commit undoes that mistake.

commit 4663599382e4db8167fcc23a1a890e24ebca517a
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Nov 5 16:48:00 2020 -0500

    Make probetest wait for a datachannel to open

commit b5ce2598586d729b0906d3936706dc48e82e1455
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Nov 5 12:34:24 2020 -0500

    Fixed a bug that forced datachannel timeout
    
    The probetest answer response was not being sent until the select call
    received a datachannel timeout causing all attempted connections to
    fail.

commit a4f10d9d6eaa8806adc5eefaf7ac46d4050340d1
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Oct 14 15:49:01 2020 -0400

    Add Dockerfile and README for deploying probetest
    
    The easiest way to set up the probe server behind a symmetric NAT is to
    deploy it as a Docker container and alter the iptables rules for the
    Docker network subnet that the container runs in.

commit f368c871095dae3aa990e7d46a1d6612af9909b9
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Tue Oct 13 17:18:50 2020 -0400

    Add a remote service to test NAT compatability
    
    Add a remote probetest service that will allow proxies to test their
    compatability with symmetric NATs.

commit 7a0428e3b11ba437f27d09b1a9ad0fa820e54d24
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Tue Oct 13 11:06:14 2020 -0400

    Refactor proxy to reuse signaling code
    
    Simplify proxy interactions with the broker signaling server and prepare
    for the introduction of an additional signaling server.

commit 912bcae24eb71bc52c6f28b908e3c7678781e1a2
Author: David Fifield <david@bamsoftware.com>
Date:   Thu Oct 22 23:01:45 2020 -0600

    Don't log io.ErrClosedPipe in proxy.
    
    We expect one of these at the end of just about every proxy session, as
    the Conns in both directions are closed as soon as the copy loop
    finishes in one direction.
    
    Closes #40016.

commit 6baa3c4d5f70fd50223dc41febf67576267d039b
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Oct 15 14:47:51 2020 -0400

    Add synchronization to prevent post-melt collects
    
    This fixes a race condition in which snowflakes.End() is called while
    snowflakes.Collect() is in progress resulting in a write to a closed
    channel. We now wait for all in-progress collections to finish and add
    an extra check before proceeding with a collection.

commit d7aa9b835645bc52c29ba13cdab461fe0d0e4e66
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Sep 30 10:10:29 2020 -0400

    Extract remote address from ICE candidates
    
    Parse the received ICE candidates as well as the Connection Data
    field for a non-local IP address to pass to the bridge. This fixes
    bug #33157.

commit 8467c01e9e88523fcdef22fed8efadbd07484966
Author: Peter Gerber <peter@arbitrary.ch>
Date:   Mon Sep 21 15:53:24 2020 +0000

    Consider more IPs to be local

commit 2d43dd26b15d83b47ba3fe1320e4ebe63808028c
Merge: 3c33175 cc55481
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Thu Aug 27 16:45:05 2020 -0400

    Merge branch 'issue/21314'

commit cc55481faf7bb886ef3cae99110800189abb0992
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Tue Aug 11 13:57:51 2020 -0400

    Set max number of snowflakes in the Tongue

commit 3c3317503eb8e83bbf5bebff411bbd722e60ee2f
Author: Cecylia Bocovich <cohosh@torproject.org>
Date:   Wed Aug 19 11:37:43 2020 -0400

    Update broker stats to include info on NAT types
    
    As we now partition proxies by NAT type, our stats are more useful if they
    capture how many proxies of each type we have, and information on
    whether we have enough proxies of the right NAT type for our clients.
    This change adds proxy counts by NAT type and binned counts of denied clients by NAT type.