archives/snowflake
2
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git synced 2025-10-13 11:11:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: potential race conditions with non-local err

Browse source 
Some of the changes do not appear to have a potential race condition,
so there it is purely a refactor,
while in others (e.g. in broker.go and in proxy/lib/snowflake.go)
we do use the same variable from multiple threads / functions.
This commit is contained in:
WofWca 2025-03-02 15:24:39 +04:00
parent 01819eee32
commit 1923803124
5 changed files with 13 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

9
broker/broker.go
View file

@ -224,7 +224,6 @@ func main() {
flag.BoolVar(&unsafeLogging, "unsafe-logging", false, "prevent logs from being scrubbed") flag.BoolVar(&unsafeLogging, "unsafe-logging", false, "prevent logs from being scrubbed")
flag.Parse() flag.Parse()
var err error
var metricsFile io.Writer var metricsFile io.Writer
var logOutput io.Writer = os.Stderr var logOutput io.Writer = os.Stderr
if unsafeLogging { if unsafeLogging {
@ -237,6 +236,7 @@ func main() {
log.SetFlags(log.LstdFlags | log.LUTC) log.SetFlags(log.LstdFlags | log.LUTC)
if metricsFilename != "" { if metricsFilename != "" {
var err error
metricsFile, err = os.OpenFile(metricsFilename, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) metricsFile, err = os.OpenFile(metricsFilename, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil { if err != nil {
@ -262,7 +262,7 @@ func main() {
} }
if !disableGeoip { if !disableGeoip {
err = ctx.metrics.LoadGeoipDatabases(geoipDatabase, geoip6Database) err := ctx.metrics.LoadGeoipDatabases(geoipDatabase, geoip6Database)
if err != nil { if err != nil {
log.Fatal(err.Error()) log.Fatal(err.Error())
} }
@ -313,7 +313,7 @@ func main() {
for { for {
signal := <-sigChan signal := <-sigChan
log.Printf("Received signal: %s. Reloading geoip databases.", signal) log.Printf("Received signal: %s. Reloading geoip databases.", signal)
if err = ctx.metrics.LoadGeoipDatabases(geoipDatabase, geoip6Database); err != nil { if err := ctx.metrics.LoadGeoipDatabases(geoipDatabase, geoip6Database); err != nil {
log.Fatalf("reload of Geo IP databases on signal %s returned error: %v", signal, err) log.Fatalf("reload of Geo IP databases on signal %s returned error: %v", signal, err)
} }
} }
@ -326,12 +326,13 @@ func main() {
// --disable-tls // --disable-tls
// The outputs of this block of code are the disableTLS, // The outputs of this block of code are the disableTLS,
// needHTTP01Listener, certManager, and getCertificate variables. // needHTTP01Listener, certManager, and getCertificate variables.
var err error
if acmeHostnamesCommas != "" { if acmeHostnamesCommas != "" {
acmeHostnames := strings.Split(acmeHostnamesCommas, ",") acmeHostnames := strings.Split(acmeHostnamesCommas, ",")
log.Printf("ACME hostnames: %q", acmeHostnames) log.Printf("ACME hostnames: %q", acmeHostnames)
var cache autocert.Cache var cache autocert.Cache
if err = os.MkdirAll(acmeCertCacheDir, 0700); err != nil { if err := os.MkdirAll(acmeCertCacheDir, 0700); err != nil {
log.Printf("Warning: Couldn't create cache directory %q (reason: %s) so we're *not* using our certificate cache.", acmeCertCacheDir, err) log.Printf("Warning: Couldn't create cache directory %q (reason: %s) so we're *not* using our certificate cache.", acmeCertCacheDir, err)
} else { } else {
cache = autocert.DirCache(acmeCertCacheDir) cache = autocert.DirCache(acmeCertCacheDir)

6
client/lib/webrtc.go
View file

@ -241,7 +241,7 @@ func (c *WebRTCPeer) connect(
} }
case <-time.After(DataChannelTimeout): case <-time.After(DataChannelTimeout):
c.transport.Close() c.transport.Close()
err = errors.New("timeout waiting for DataChannel.OnOpen") err := errors.New("timeout waiting for DataChannel.OnOpen")
if natPolicy != nil { if natPolicy != nil {
natPolicy.Failure(actualNatType, natTypeToSend) natPolicy.Failure(actualNatType, natTypeToSend)
} }
@ -259,7 +259,6 @@ func (c *WebRTCPeer) preparePeerConnection(
config *webrtc.Configuration, config *webrtc.Configuration,
keepLocalAddresses bool, keepLocalAddresses bool,
) error { ) error {
var err error
s := webrtc.SettingEngine{} s := webrtc.SettingEngine{}
if !keepLocalAddresses { if !keepLocalAddresses {
@ -282,7 +281,7 @@ func (c *WebRTCPeer) preparePeerConnection(
vnet, _ = stdnet.NewNet() vnet, _ = stdnet.NewNet()
if c.proxy != nil { if c.proxy != nil {
if err = proxy.CheckProxyProtocolSupport(c.proxy); err != nil { if err := proxy.CheckProxyProtocolSupport(c.proxy); err != nil {
return err return err
} }
socksClient := proxy.NewSocks5UDPClient(c.proxy) socksClient := proxy.NewSocks5UDPClient(c.proxy)
@ -291,6 +290,7 @@ func (c *WebRTCPeer) preparePeerConnection(
s.SetNet(vnet) s.SetNet(vnet)
api := webrtc.NewAPI(webrtc.WithSettingEngine(s)) api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
var err error
c.pc, err = api.NewPeerConnection(*config) c.pc, err = api.NewPeerConnection(*config)
if err != nil { if err != nil {
log.Printf("NewPeerConnection ERROR: %s", err) log.Printf("NewPeerConnection ERROR: %s", err)

4
common/amp/armor_encoder.go
View file

@ -144,7 +144,7 @@ func (enc *elementEncoder) Write(p []byte) (n int, err error) {
if enc.chunkCounter >= bytesPerChunk { if enc.chunkCounter >= bytesPerChunk {
enc.chunkCounter = 0 enc.chunkCounter = 0
enc.elementCounter += 1 enc.elementCounter += 1
nn, err = enc.w.Write([]byte("\n")) nn, err := enc.w.Write([]byte("\n"))
if err != nil { if err != nil {
return total, err return total, err
} }
@ -153,7 +153,7 @@ func (enc *elementEncoder) Write(p []byte) (n int, err error) {
if enc.elementCounter >= chunksPerElement { if enc.elementCounter >= chunksPerElement {
enc.elementCounter = 0 enc.elementCounter = 0
nn, err = enc.w.Write([]byte("</pre>\n")) nn, err := enc.w.Write([]byte("</pre>\n"))
if err != nil { if err != nil {
return total, err return total, err
} }

3
proxy/lib/snowflake.go
View file

@ -504,8 +504,7 @@ func (sf *SnowflakeProxy) makePeerConnectionFromOffer(
pw.Close() pw.Close()
}) })
dc.OnMessage(func(msg webrtc.DataChannelMessage) { dc.OnMessage(func(msg webrtc.DataChannelMessage) {
var n int n, err := pw.Write(msg.Data)
n, err = pw.Write(msg.Data)
if err != nil { if err != nil {
if inErr := pw.CloseWithError(err); inErr != nil { if inErr := pw.CloseWithError(err); inErr != nil {
log.Printf("close with error generated an error: %v", inErr) log.Printf("close with error generated an error: %v", inErr)

5
server/server.go
View file

@ -189,8 +189,7 @@ func main() {
log.Printf("ACME hostnames: %q", acmeHostnames) log.Printf("ACME hostnames: %q", acmeHostnames)
var cache autocert.Cache var cache autocert.Cache
var cacheDir string cacheDir, err := getCertificateCacheDir()
cacheDir, err = getCertificateCacheDir()
if err == nil { if err == nil {
log.Printf("caching ACME certificates in directory %q", cacheDir) log.Printf("caching ACME certificates in directory %q", cacheDir)
cache = autocert.DirCache(cacheDir) cache = autocert.DirCache(cacheDir)
@ -224,7 +223,7 @@ func main() {
addr.Port = 80 addr.Port = 80
log.Printf("Starting HTTP-01 ACME listener") log.Printf("Starting HTTP-01 ACME listener")
var lnHTTP01 *net.TCPListener var lnHTTP01 *net.TCPListener
lnHTTP01, err = net.ListenTCP("tcp", &addr) lnHTTP01, err := net.ListenTCP("tcp", &addr)
if err != nil { if err != nil {
log.Printf("error opening HTTP-01 ACME listener: %s", err) log.Printf("error opening HTTP-01 ACME listener: %s", err)
pt.SmethodError(bindaddr.MethodName, "HTTP-01 ACME listener: "+err.Error()) pt.SmethodError(bindaddr.MethodName, "HTTP-01 ACME listener: "+err.Error())