So far, we request a certificate each time we start the broker. Let's
Encrypt maintains several rate limiters and if we exceed one of them, we
won't get a certificate. Worse, since we don't store certificates, we
won't even be able to use an old one.
This patch uses autocert's DirCache structure to cache certificates on
disk.
This patch fixes <https://bugs.torproject.org/30512>.
MaxBytesReader is only documented for server side reads, so we're using
a local limitedRead function instead that uses an io.LimitedReader.
Declared limits in a commented constant
Otherwise, this is set on the prototype and shared across instances :/
Note the change to the test that highlights this bug. A proxy pair was
already created when an earlier test called `beginWebRTC()` but a new
Snowflake instance should start with an empty array.
Previously the metrics log file was hardcoded and the broker wasn't
behaving properly if it was unable to open the file for logging.
Added a commandline option to specify the logfile that defaults to
Stdout.
Fixed up some documentation and log output formatting
Our log scrubber was a bit over-zealous and was scrubbing timestamps as
well. While we're still over-scrubbing, we're now more precise and
ensure that compressed IPv6 addresses have "::"
This is related to the proxy-go deadlock bug #25688. If a client doesn't
do anything with the SDP answer, a token will get lost. Added a timeout
after a minute that checks the PeerConnection state and destroys the
peer connection and returns a token if did not yet succeed
This is a fix for the proxy-go deadlock bug (ticket #25688). The
assumption that OnIceComplete is always followed by a successful
connection where OnDataChannel has been called turns out not to occur in
practice. OnICEComplete looks like it is being deprecated in other
libraries anyway, so it's safer to just remove it.
