Many of our log messages were being used to generate metrics, but are
now being aggregated and logged to a separate metrics log file and so we
don't need them in the regular logs anymore.
This addresses the goal of ticket #30830, to remove unecessary messages
and keep broker logs for debugging purposes.
The broker /debug page was displaying proxy IDs and roundtrip times. As
serna pointed out in bug #31460, the proxy IDs can be used to launch a
denial of service attack. As the metrics team pointed out on #21315, the
round trip time average can be potentially sensitive.
This change displays only proxy counts and uses ID lengths to
distinguish between standalone proxy-go instances and browser-based
snowflake proxies.
This implements a handler at https://[snowflake-broker]/metrics for the
snowflake collecTor module to fetch stats from the broker. Logged
metrics are copied out to the response with a text/plain; charset=utf-8
content type. This implements bug #31376.
Added three new metrics:
- proxyIdleCount counts the number of times a proxy polls and receives
no snowflakes
- clientDeniedCount counts the number of times a client requested a
snowflake but none were available
- clientProxyMatchCount counts the number of times a client successfully
received a snowflake
So far, we request a certificate each time we start the broker. Let's
Encrypt maintains several rate limiters and if we exceed one of them, we
won't get a certificate. Worse, since we don't store certificates, we
won't even be able to use an old one.
This patch uses autocert's DirCache structure to cache certificates on
disk.
This patch fixes <https://bugs.torproject.org/30512>.
MaxBytesReader is only documented for server side reads, so we're using
a local limitedRead function instead that uses an io.LimitedReader.
Declared limits in a commented constant
Previously the metrics log file was hardcoded and the broker wasn't
behaving properly if it was unable to open the file for logging.
Added a commandline option to specify the logfile that defaults to
Stdout.
Fixed up some documentation and log output formatting
