Snowflake issueshttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues2020-06-27T13:40:10Zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34127npm publish as part of the release process2020-06-27T13:40:10ZArlo Breaultnpm publish as part of the release processConsider `npm publish`ing when a new release is made.
The patch here makes updating the package.json part of the release process,
https://github.com/arlolra/snowflake-webext/commit/7231928c56ad509419c20ed1bb9be5645373c86cConsider `npm publish`ing when a new release is made.
The patch here makes updating the package.json part of the release process,
https://github.com/arlolra/snowflake-webext/commit/7231928c56ad509419c20ed1bb9be5645373c86chttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34126Handle onicecandidate firing after connection closed2020-06-27T13:40:10ZArlo BreaultHandle onicecandidate firing after connection closedThis may just be an issue with node-webrtc, but `Broker.sendAnswer` fires when waiting on an offer times out.
https://github.com/arlolra/snowflake-webext/commit/529a789bfcb9539176288f6659e7f2a60c2d6271This may just be an issue with node-webrtc, but `Broker.sendAnswer` fires when waiting on an offer times out.
https://github.com/arlolra/snowflake-webext/commit/529a789bfcb9539176288f6659e7f2a60c2d6271https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34124snowflake funktioniert nicht2020-06-27T13:40:10Zcypherpunkssnowflake funktioniert nichtAnzeige: WebRTC-Fähigkeit nicht erkannt.
Was soll ich tun?Anzeige: WebRTC-Fähigkeit nicht erkannt.
Was soll ich tun?https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34092Snowflake no longer working on Google Chrome2020-06-30T15:49:08ZcypherpunksSnowflake no longer working on Google ChromeExtension icon disappeared and cannot enable Snowflake in Google Chrome.Extension icon disappeared and cannot enable Snowflake in Google Chrome.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34080Avoid double delays from ReconnectTimeout2022-07-09T04:20:16ZDavid Fifielddcf@torproject.orgAvoid double delays from ReconnectTimeout[ReconnectTimeout](https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/client/lib/snowflake.go?id=72cfb96edeb7c9a3c93d38539bc31a51e30dbe8d#n18) is used in 2 places:
* In [exchangeSDP](https://gitweb.torproject.org/plug...[ReconnectTimeout](https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/client/lib/snowflake.go?id=72cfb96edeb7c9a3c93d38539bc31a51e30dbe8d#n18) is used in 2 places:
* In [exchangeSDP](https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/client/lib/webrtc.go?id=72cfb96edeb7c9a3c93d38539bc31a51e30dbe8d#n223), where it is a delay inserted between calls to `broker.Negotiate` until one of them succeeds.
`Failed to retrieve answer. Retrying in 10s`
* In the main [ConnectLoop](https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/client/snowflake.go?id=72cfb96edeb7c9a3c93d38539bc31a51e30dbe8d#n27), where it is a delay inserted between every check for getting a new snowflake.
```
WebRTC: <errmsg> Retrying in 10s...
```
The broker itself also terminates requests after 10s when the chosen proxy doesn't respond: `BrokerChannel Response: 504 Gateway Timeout`.
This situation sometimes results in double delays. Here are two cases I've identified.
* The client requests a proxy, the broker responds immediately with an answer, but the proxy doesn't work. After waiting the `DataChannelTimeout` to decide that the proxy doesn't work, the client waits an _additional_ `ReconnectTimeout` in `ConnectLoop`.
Here, I've set `DataChannelTimeout` to 10s. Notice that between `DataChannel created` and `Collecting a new Snowflake` there are 20s (which is `DataChannelTimeout` + `ReconnectTimeout`), when it really should only be 10s.
```
2020/04/30 22:38:29 Received Answer.
2020/04/30 22:38:29 WebRTC: DataChannel created.
2020/04/30 22:38:39 establishDataChannel: timeout waiting for DataChannel.OnOpen
2020/04/30 22:38:39 WebRTC: closing PeerConnection
2020/04/30 22:38:39 WebRTC: Closing
2020/04/30 22:38:39 WebRTC: WebRTC: Could not establish DataChannel Retrying in 10s...
2020/04/30 22:38:49 WebRTC: Collecting a new Snowflake. Currently at [0/1]
```
* The client requests a proxy, and the broker waits for 10s to respond with a 504 Gateway Timeout (indicating that the chosen proxy did not return an answer to the broker in time). The client waits 10s for the broker to respond, then waits another `ReconnectTimeout` in exchangeSDP before trying the broker again.
```
2020/04/30 22:39:30 Negotiating via BrokerChannel...
2020/04/30 22:39:41 BrokerChannel Response: 504 Gateway Timeout
2020/04/30 22:39:41 BrokerChannel Error: Unexpected error, no answer.
2020/04/30 22:39:41 Failed to retrieve answer. Retrying in 10s
2020/04/30 22:39:51 Negotiating via BrokerChannel...
```
Both these cases can probably be fixed by running the timer in parallel with the periodic operation they are rate limiting. That is, instead of
```
for {
operation()
<-time.After(ReconnectTimeout)
}
```
it can be
```
for {
timer := time.After(ReconnectTimeout)
operation()
<-timer
}
```
That way, if the operation itself takes more than 10s, `ReconnectTimeout` doesn't impose any additional delay.Sponsor 28: Reliable Anonymous Communication Evading Censors and Repressors (RACECAR)Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34075Implement metrics to measure snowflake churn2023-07-18T18:57:33ZCecylia BocovichImplement metrics to measure snowflake churnAs discussed in the meeting this week, it would be useful to know how often snowflake proxy IP addresses actually change. We collect counts of unique IPs on any given day, but not how much variance we get in IP addresses over time.
This...As discussed in the meeting this week, it would be useful to know how often snowflake proxy IP addresses actually change. We collect counts of unique IPs on any given day, but not how much variance we get in IP addresses over time.
This relates to our ability to resist censorship, as snowflake relies in part on the claim that snowflakes are ephemeral, changing, and difficult to block exhaustively.
Let's implement some metrics to see how much snowflake IPs change.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetshelikhooshelikhoohttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34053Update version of wrtc packate for web proxies2020-06-27T13:40:11ZCecylia BocovichUpdate version of wrtc packate for web proxiesWe're currently using version `0.0.62`. I tried an update to the current version `0.4.4` and it works. Let's update to make these a bit more secure.We're currently using version `0.0.62`. I tried an update to the current version `0.4.4` and it works. Let's update to make these a bit more secure.Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34050Restore check for nil writePipe in WebRTCPeer.Close2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgRestore check for nil writePipe in WebRTCPeer.CloseI removed this check in [047d3214bfb46de07e5d9f223e4fb1ba24584c8a](https://gitweb.torproject.org/pluggable-transports/snowflake.git/commit/?id=047d3214bfb46de07e5d9f223e4fb1ba24584c8a) because `NewWebRTCPeer` always initializes `writePip...I removed this check in [047d3214bfb46de07e5d9f223e4fb1ba24584c8a](https://gitweb.torproject.org/pluggable-transports/snowflake.git/commit/?id=047d3214bfb46de07e5d9f223e4fb1ba24584c8a) because `NewWebRTCPeer` always initializes `writePipe`, and it is never reset to `nil`. However tests used `&WebRTCPeer{}` which bypasses `NewWebRTCPeer` and leaves `writePipe` set to `nil`.
From comment:3:ticket:34049.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34049Fix proxy calls to session description serialization utils2020-06-27T13:40:11ZCecylia BocovichFix proxy calls to session description serialization utilsWhoops, the proxy code wasn't updated after legacy/trac#33897Whoops, the proxy code wasn't updated after legacy/trac#33897Cecylia BocovichCecylia Bocovichhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34042Reduce DataChannelTimeout2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgReduce DataChannelTimeoutSince legacy/trac#33897 we have separate timeout controls for first establishing the data channel (`DataChannelTimeout`) and deciding a once-working data channel has died (`SnowflakeTimeout`). They are both currently set to 30 s. We can ...Since legacy/trac#33897 we have separate timeout controls for first establishing the data channel (`DataChannelTimeout`) and deciding a once-working data channel has died (`SnowflakeTimeout`). They are both currently set to 30 s. We can lower `DataChannelTimeout` to discard non-working proxies more quickly.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/34002Remove Snowflake interface, use *WebRTCPeer directly2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgRemove Snowflake interface, use *WebRTCPeer directlyThe other interfaces in client/lib/interfaces.go exist for the purpose of running tests, but not `Snowflake`. Existing code would not have worked with other types anyway, because it does unchecked `.(*WebRTCPeer)` conversions.The other interfaces in client/lib/interfaces.go exist for the purpose of running tests, but not `Snowflake`. Existing code would not have worked with other types anyway, because it does unchecked `.(*WebRTCPeer)` conversions.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33997Don't do a separate check for a short write2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgDon't do a separate check for a short writeMinor refactoring in the course of doing legacy/trac#33897.Minor refactoring in the course of doing legacy/trac#33897.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33996Simplify Peers.Pop2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgSimplify Peers.PopA minor refactoring that came up while working on legacy/trac#33897.A minor refactoring that came up while working on legacy/trac#33897.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33995Move pc.CreateOffer and pc.SetLocalDescription out of a goroutine2020-06-27T13:40:11ZDavid Fifielddcf@torproject.orgMove pc.CreateOffer and pc.SetLocalDescription out of a goroutineThis code was formerly the `OnNegotiationNeeded` handler before the switch on pion (comment:28:ticket:28942). We are blocking on `offerChannel` anyway, so we may as well run these operations synchronously and use a normal error return.This code was formerly the `OnNegotiationNeeded` handler before the switch on pion (comment:28:ticket:28942). We are blocking on `offerChannel` anyway, so we may as well run these operations synchronously and use a normal error return.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33994Remove now-unused Resetter interface2020-06-27T13:40:12ZDavid Fifielddcf@torproject.orgRemove now-unused Resetter interfaceThe `WaitForReset` method is unused since legacy/trac#33745 was merged.The `WaitForReset` method is unused since legacy/trac#33745 was merged.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33984Disable trickle ICE in client2020-06-27T13:40:12ZDavid Fifielddcf@torproject.orgDisable trickle ICE in clienthttps://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=no-trickle-ice&id=8bb114471572dea0c313d039626cc306a8b92cc8
As mentioned at
https://bugs.torproject.org/28942#comment:28
https://bugs.torproject.org/33157#comment:2https://gitweb.torproject.org/user/dcf/snowflake.git/commit/?h=no-trickle-ice&id=8bb114471572dea0c313d039626cc306a8b92cc8
As mentioned at
https://bugs.torproject.org/28942#comment:28
https://bugs.torproject.org/33157#comment:2David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33982Simplify and refactor BytesSyncLogger2020-06-27T13:40:12ZDavid Fifielddcf@torproject.orgSimplify and refactor BytesSyncLoggerhttps://gitweb.torproject.org/user/dcf/snowflake.git/log/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7710c200f87141
https://gitweb.torproject.org/user/dcf/snowflake.git/diff/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7...https://gitweb.torproject.org/user/dcf/snowflake.git/log/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7710c200f87141
https://gitweb.torproject.org/user/dcf/snowflake.git/diff/?h=refactor-byteslogger&id=73173cb6987dbf26fdb1036e4b7710c200f87141&id2=65ecb798ca8842a431214c2aa5133620e576c5f3
No longer needs a separate `go logger.Log()` in the caller.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33897Remove buffering from WebRTCPeer2022-11-14T14:28:29ZDavid Fifielddcf@torproject.orgRemove buffering from WebRTCPeer`WebRTCPeer` has a `buffer` that is used to hold bytes until the data channel is connected. We should remove it after the turbotunnel changes are merged (legacy/trac#33745). What ends up happening is the reliability layer ends up retrans...`WebRTCPeer` has a `buffer` that is used to hold bytes until the data channel is connected. We should remove it after the turbotunnel changes are merged (legacy/trac#33745). What ends up happening is the reliability layer ends up retransmitting packets as they sit in the buffer, and when the data channel is finally established, all those old useless packets get sent in a mass. It's better to just drop those packets on the floor before the data channel exists.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.orghttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33884Meek-Azure and SnowFlake are still broken2020-06-27T13:40:12ZTracMeek-Azure and SnowFlake are still brokenMeek-Azure and SnowFlake are still broken.
Will not connect.
This still has not been fixed
**Trac**:
**Username**: z1zMeek-Azure and SnowFlake are still broken.
Will not connect.
This still has not been fixed
**Trac**:
**Username**: z1zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/33800Remove uniuri dependency2021-08-17T03:50:46ZDavid Fifielddcf@torproject.orgRemove uniuri dependencyuniuri is only used in a minor way, to generate a random string for local identification of a snowflake client.uniuri is only used in a minor way, to generate a random string for local identification of a snowflake client.David Fifielddcf@torproject.orgDavid Fifielddcf@torproject.org