Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • S Snowflake
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 89
    • Issues 89
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 9
    • Merge requests 9
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Anti-censorship
  • Pluggable Transports
  • Snowflake
  • Merge requests
  • !136

Proxy: add an option to bind to a specific address

  • Review changes

  • Download
  • Patches
  • Plain diff
Merged itchyonion requested to merge itchyonion/snowflake:proxy-bind-address into main Feb 27, 2023
  • Overview 10
  • Commits 2
  • Pipelines 0
  • Changes 3
  1. SetNAT1To1IPs can take multiple IPs. For #40108 (closed) specifically I think it makes sense to only accept one IP and single argument is much easier to work with flag. But I'm open to change if there are legit cases where one would want a priority IP group instead of a single priority IP.
  2. The library doesn't check whether the provided IP is authentic: it simply replaces the all host candidates (due to webrtc.ICECandidateTypeHost) of the SDP answer with the provided IP. This should be fine in most cases because we have srflx candidate to fall back on. (host candidates have higher priority than srflx candidates in most implementations)
  3. I didn't know a lot about probetest before working on this MR and the logging/comments in code didn't make the most sense to me. So I've modified quite a few places as I learn about how they work. Open to feedback.
  4. With my changes it's possible that we are logging too frequently (every SDP offer/answer pair) and too much (including attributes like fingerprint and ice-pwd in verbose mode. I think we are also logging them in broswer extension. I'm not sure how much it helps in debugging or if it's a security/privacy risk. Will do more reserach on it.
Edited Feb 27, 2023 by itchyonion
Assignee
Assign to
Reviewers
Request review from
Time tracking
Source branch: proxy-bind-address