Anti-censorship issueshttps://gitlab.torproject.org/groups/tpo/anti-censorship/-/issues2020-06-27T13:40:11Zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34049Fix proxy calls to session description serialization utils2020-06-27T13:40:11ZCecylia BocovichFix proxy calls to session description serialization utilsWhoops, the proxy code wasn't updated after legacy/trac#33897Whoops, the proxy code wasn't updated after legacy/trac#33897Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34042Reduce DataChannelTimeout2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgReduce DataChannelTimeoutSince legacy/trac#33897 we have separate timeout controls for first establishing the data channel (`DataChannelTimeout`) and deciding a once-working data channel has died (`SnowflakeTimeout`). They are both currently set to 30 s. We can ...Since legacy/trac#33897 we have separate timeout controls for first establishing the data channel (`DataChannelTimeout`) and deciding a once-working data channel has died (`SnowflakeTimeout`). They are both currently set to 30 s. We can lower `DataChannelTimeout` to discard non-working proxies more quickly.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34002Remove Snowflake interface, use *WebRTCPeer directly2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgRemove Snowflake interface, use *WebRTCPeer directlyThe other interfaces in client/lib/interfaces.go exist for the purpose of running tests, but not `Snowflake`. Existing code would not have worked with other types anyway, because it does unchecked `.(*WebRTCPeer)` conversions.The other interfaces in client/lib/interfaces.go exist for the purpose of running tests, but not `Snowflake`. Existing code would not have worked with other types anyway, because it does unchecked `.(*WebRTCPeer)` conversions.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33997Don't do a separate check for a short write2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgDon't do a separate check for a short writeMinor refactoring in the course of doing legacy/trac#33897.Minor refactoring in the course of doing legacy/trac#33897.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33996Simplify Peers.Pop2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgSimplify Peers.PopA minor refactoring that came up while working on legacy/trac#33897.A minor refactoring that came up while working on legacy/trac#33897.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33995Move pc.CreateOffer and pc.SetLocalDescription out of a goroutine2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgMove pc.CreateOffer and pc.SetLocalDescription out of a goroutineThis code was formerly the `OnNegotiationNeeded` handler before the switch on pion (comment:28:ticket:28942). We are blocking on `offerChannel` anyway, so we may as well run these operations synchronously and use a normal error return.This code was formerly the `OnNegotiationNeeded` handler before the switch on pion (comment:28:ticket:28942). We are blocking on `offerChannel` anyway, so we may as well run these operations synchronously and use a normal error return.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33994Remove now-unused Resetter interface2020-06-27T13:40:12ZDavid Fifielddcf@torproject.orgRemove now-unused Resetter interfaceThe `WaitForReset` method is unused since legacy/trac#33745 was merged.The `WaitForReset` method is unused since legacy/trac#33745 was merged.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33984Disable trickle ICE in client2020-06-27T13:40:12ZDavid Fifielddcf@torproject.orgDisable trickle ICE in clienthttps://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=no-trickle-ice&id=8bb114471572dea0c313d039626cc306a8b92cc8
As mentioned at
https://bugs.torproject.org/28942#comment:28
https://bugs.torproject.org/33157#comment:2https://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=no-trickle-ice&id=8bb114471572dea0c313d039626cc306a8b92cc8
As mentioned at
https://bugs.torproject.org/28942#comment:28
https://bugs.torproject.org/33157#comment:2David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33982Simplify and refactor BytesSyncLogger2020-06-27T13:40:12ZDavid Fifielddcf@torproject.orgSimplify and refactor BytesSyncLoggerhttps://gitweb.torproject.org/user/dcf/snowflake.git/log/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7710c200f87141
https://gitweb.torproject.org/user/dcf/snowflake.git/diff/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7...https://gitweb.torproject.org/user/dcf/snowflake.git/log/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7710c200f87141
https://gitweb.torproject.org/user/dcf/snowflake.git/diff/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7710c200f87141&id2=65ecb798ca8842a431214c2aa5133620e576c5f3
No longer needs a separate `go logger.Log()` in the caller.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33884Meek-Azure and SnowFlake are still broken2020-06-27T13:40:12ZTracMeek-Azure and SnowFlake are still brokenMeek-Azure and SnowFlake are still broken.
Will not connect.
This still has not been fixed
**Trac**:
**Username**: z1zMeek-Azure and SnowFlake are still broken.
Will not connect.
This still has not been fixed
**Trac**:
**Username**: z1zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33665Add command-line options for unsafe logging2020-06-27T13:40:13ZDavid Fifielddcf@torproject.orgAdd command-line options for unsafe loggingMoved from comment:4:ticket:33157
>>> Something like that patch was useful when working on legacy/trac#19026 so would you consider merging, https://github.com/keroserene/snowflake/commit/dbd733e4b1430c046ec11e8052efdbac6010e58a
>>>
>> I...Moved from comment:4:ticket:33157
>>> Something like that patch was useful when working on legacy/trac#19026 so would you consider merging, https://github.com/keroserene/snowflake/commit/dbd733e4b1430c046ec11e8052efdbac6010e58a
>>>
>> It's okay with me but I would call the option --unsafe-logging instead of --unsafeLogging to match the style of the other options.
>>
> In `broker/broker.go`, yes, dashes are used (ex. `disable-tls`, `acme-email`, etc), however, in `client/snowflake.go` we have camel casing (ex. `logToStateDir`, `keepLocalAddresses`, etc)
>
> We should probably consolidate this now. I imagine your preference is for the former?Arlo BreaultArlo Breaulthttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33644Upgrade tor on Snowflake bridge for TROVE-2020-0022020-06-27T13:40:13ZDavid Fifielddcf@torproject.orgUpgrade tor on Snowflake bridge for TROVE-2020-002[New stable Tor releases: 0.3.5.10, 0.4.1.9, and 0.4.2.7](https://lists.torproject.org/pipermail/tor-announce/2020-March/000196.html)
> These releases fix a couple of denial-of-service vulnerabilities. Everybody running an older version ...[New stable Tor releases: 0.3.5.10, 0.4.1.9, and 0.4.2.7](https://lists.torproject.org/pipermail/tor-announce/2020-March/000196.html)
> These releases fix a couple of denial-of-service vulnerabilities. Everybody running an older version should upgrade as packages become available.
Upgrading tor may require an [OS upgrade](https://www.debian.org/releases/buster/amd64/release-notes/ch-upgrading.en.html) from Debian stretch (oldstable) to buster (stable), and/or a switch to the [torproject.org package repository](https://support.torproject.org/apt/tor-deb-repo/). Currently the bridge is on stretch, whose available version is [0.2.9.16-1](https://packages.debian.org/stretch/tor).David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33638Refactor (De)SerializeSessionDescription as common utils2020-06-27T13:40:13ZArlo BreaultRefactor (De)SerializeSessionDescription as common utilshttps://github.com/keroserene/snowflake/commit/7b761d4c8d0e56b9148f106eb01667a7ec5c0424
from https://trac.torproject.org/projects/tor/ticket/33636#comment:12https://github.com/keroserene/snowflake/commit/7b761d4c8d0e56b9148f106eb01667a7ec5c0424
from https://trac.torproject.org/projects/tor/ticket/33636#comment:12https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33637Update license for Snowflake2020-06-27T13:40:13ZCecylia BocovichUpdate license for SnowflakeWorking on packaging Snowflake for debian, and perhaps our license needs an update? We should make sure we have all our ducks in a row here because Debian will care.Working on packaging Snowflake for debian, and perhaps our license needs an update? We should make sure we have all our ducks in a row here because Debian will care.Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33636Remove go-webrtc dependency from snowflake2020-06-27T13:40:13ZCecylia BocovichRemove go-webrtc dependency from snowflakeWe still depend on go-webrtc because of the testing code in server-webrtc. Let's migrate this to pion or get rid of this testing code. go-webrtc is now officially unmaintained, and this will make it easier for us to package Snowflake for...We still depend on go-webrtc because of the testing code in server-webrtc. Let's migrate this to pion or get rid of this testing code. go-webrtc is now officially unmaintained, and this will make it easier for us to package Snowflake for legacy/trac#19409Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33593Create versions and changelogs for Snowflake pieces2020-06-27T13:40:13ZCecylia BocovichCreate versions and changelogs for Snowflake piecesThis is a prerequisite for packaging Snowflake for Debian (legacy/trac#19409).
We already have versions for the snowflake browser proxy. It could make sense to version different pieces of snowflake (client, browser proxy, proxy-go) sepa...This is a prerequisite for packaging Snowflake for Debian (legacy/trac#19409).
We already have versions for the snowflake browser proxy. It could make sense to version different pieces of snowflake (client, browser proxy, proxy-go) separately since these pieces are largely distinct. That would be more work though. I'm ok with having one version/changelog for all the pieces and then just bumping the version number whenever it's convenient.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33532Snowflake website does not display all available languages2020-06-27T13:40:14ZCecylia BocovichSnowflake website does not display all available languagesI just updated the snowflake website with new translations and noticed that some locales are not displayed (such as ru) even though the translations for this locale are available.
I think this is due to how `index.js` pulls languages fr...I just updated the snowflake website with new translations and noticed that some locales are not displayed (such as ru) even though the translations for this locale are available.
I think this is due to how `index.js` pulls languages from `availableLangs`. Should be a quick fix.Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33429Decommission the snowflake-reg-test.appspot.com reflector2020-06-27T13:40:14ZDavid Fifielddcf@torproject.orgDecommission the snowflake-reg-test.appspot.com reflectorsnowflake-reg-test.appspot.com is a frontend for snowflake-broker.bamsoftware.com, briefly used with a Google domain front. It never actually worked, because this was around the time that Google stopped domain fronting.
* 2018-04-15 [Ch...snowflake-reg-test.appspot.com is a frontend for snowflake-broker.bamsoftware.com, briefly used with a Google domain front. It never actually worked, because this was around the time that Google stopped domain fronting.
* 2018-04-15 [Change to standalone broker.](https://gitweb.torproject.org/pluggable-transports/snowflake.git/commit/?id=947636ae817fdb393b4fcb2901bf52bca36cef65)
* 2018-04-30 [Switch to an Azure domain front.](https://gitweb.torproject.org/pluggable-transports/snowflake.git/commit/?id=88ea7a50835008debcc9e37886a604aa4210b9f2)
On 2020-02-05, arlolra and I got an email saying that we needed to [upgrade the deployment to the Go 1.11 runtime](https://cloud.google.com/appengine/docs/standard/go111/go-differences) by 2020-05-01. I tried doing that today, but got the error
```
ERROR: (gcloud.app.deploy) Error Response: [7] Access Not Configured.
Cloud Build has not been used in project snowflake-reg-test before or
it is disabled. Enable it by visiting
https://console.developers.google.com/apis/api/cloudbuild.googleapis.com/overview?project=snowflake-reg-test
then retry. If you enabled this API recently, wait a few minutes for the
action to propagate to our systems and retry.
```
I tried doing that, but apparently [there is no truly free tier anymore](https://techtudor.blogspot.com/2019/11/google-app-engine-gae-will-no-longer.html) and you can't deploy or redeploy apps without setting up a billing account. Rather than go through with that, I propose that we just disable the unused service.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33405Bug in interaction between uMatrix and Snowflake (snowflake-webextension)2020-06-27T13:40:14ZcypherpunksBug in interaction between uMatrix and Snowflake (snowflake-webextension)Error in Snowflake debug console, caused by a line in vapi-background.js in uMatrix:
`Unchecked lastError value: Error: First-Party Isolation is enabled, but the required 'firstPartyDomain' attribute was not set.`
The uMatrix setting c...Error in Snowflake debug console, caused by a line in vapi-background.js in uMatrix:
`Unchecked lastError value: Error: First-Party Isolation is enabled, but the required 'firstPartyDomain' attribute was not set.`
The uMatrix setting causing this error is:
`Spoof HTTP referrer string of third-party requests`, when set to true.
This is a bug either in Snowflake, or uMatrix.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33364Could not connect to the bridge.2020-06-27T13:40:15ZcypherpunksCould not connect to the bridge.Console error message:
Firefox can’t establish a connection to the server at wss://snowflake.freehaven.net/.
Relevant code at: snowflake.js:867:9
A ping from the command prompt to this subdomain succeeds. It's just Firefox that can't ...Console error message:
Firefox can’t establish a connection to the server at wss://snowflake.freehaven.net/.
Relevant code at: snowflake.js:867:9
A ping from the command prompt to this subdomain succeeds. It's just Firefox that can't connect.Cecylia BocovichCecylia Bocovich