archives/snowflake
2
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git synced 2025-10-14 14:11:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
1428 commits 18 branches 42 tags 3.8 MiB
Commit graph

204 commits

Author SHA1 Message Date
Renovate Bot
8b1a48af8b chore(deps): update module golang.org/x/net to v0.18.0 2023-11-08 20:43:13 +00:00
Renovate Bot
c1715e0928 chore(deps): update module github.com/gorilla/websocket to v1.5.1 2023-11-05 03:39:42 +00:00
Renovate Bot
4fa43a8892
chore(deps): update module github.com/prometheus/client_golang to v1.17.0 2023-10-25 16:49:19 +01:00
Renovate Bot
2617d2341a
chore(deps): update module github.com/refraction-networking/utls to v1.5.4 2023-10-25 15:53:48 +01:00
Shelikhoo
8b46e60553
Add common proxy utilities 2023-10-24 17:42:46 +01:00
meskio
6b0421db0d
Merge remote-tracking branch 'gitlab/mr/195' 2023-10-24 12:50:27 +02:00
Renovate Bot
fc7053acd5 chore(deps): update module github.com/prometheus/client_model to v0.5.0 2023-10-23 13:10:46 +00:00
Renovate Bot
ef6f8dd500
chore(deps): update module golang.org/x/net to v0.17.0 [security] 2023-10-23 14:00:09 +01:00
Renovate Bot
251a151bf5 chore(deps): update module github.com/xtaci/kcp-go/v5 to v5.6.5 2023-10-20 15:40:01 +00:00
David Fifield
6393af6bab
Remove proxy churn measurements from broker. 
We've done the analysis we planned to do on these measurements.

A program to analyze the proxy churn and extract hour-by-hour
intersections is available at:
https://github.com/turfed/snowflake-paper/tree/main/figures/proxy-churn

Closes #40280.
 2023-10-09 16:16:05 +01:00
Shelikhoo
5cdf52c813
Update dependencies 2023-09-27 13:15:50 +01:00
Renovate Bot
1559963f75
chore(deps): update module github.com/xtaci/kcp-go/v5 to v5.6.3 2023-09-25 15:21:28 +01:00
Renovate Bot
e45e8e555b
chore(deps): update module github.com/smartystreets/goconvey to v1.8.1 2023-09-20 12:34:49 -04:00
Renovate Bot
f47ca18e64 chore(deps): update module gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib to v1.5.0 2023-09-19 16:06:59 +00:00
Renovate Bot
106da49c27 chore(deps): update module github.com/pion/webrtc/v3 to v3.2.20 2023-09-19 15:49:22 +00:00
Renovate Bot
f4e1ab90c8 chore(deps): update module golang.org/x/net to v0.15.0 2023-09-19 14:09:33 +00:00
Renovate Bot
caaff7004e Update module golang.org/x/sys to v0.12.0 2023-09-12 15:44:11 +00:00
Renovate Bot
a3bfc2802a
Update module golang.org/x/crypto to v0.12.0 2023-08-28 16:37:52 +01:00
Cecylia Bocovich
b632c7d49c
Workaround for shadow in lieu of AF_NETLINK support 
For details, see https://github.com/shadow/shadow/issues/2980
 2023-08-24 16:33:22 +01:00
Renovate Bot
0cb2975fd8
Update module golang.org/x/net to v0.13.0 [SECURITY] 2023-08-24 13:56:29 +01:00
meskio
aaeab3f415
Update dependencies 
So renovate doesn't create tons of merge requests.
 2023-07-03 19:52:57 +02:00
Cecylia Bocovich
08d1c6d655
Bump minimum required version of go 
The version of x/sys we're using requires go1.17 or later
 2023-06-20 14:52:09 -04:00
David Fifield
9edaee6547 Use IP_BIND_ADDRESS_NO_PORT when dialing the ORPort on Linux. 
When the orport-srcaddr option is set, we bind to a source IP address
before dialing the ORPort/ExtORPort. tor similarly binds to a source IP
address when OutboundBindAddress is set in torrc. Since tor 0.4.7.13,
tor sets IP_BIND_ADDRESS_NO_PORT, and because problems arise when some
programs use IP_BIND_ADDRESS_NO_PORT and some do not, we also have to
start using IP_BIND_ADDRESS_NO_PORT when we upgrade tor
(tpo/anti-censorship/pluggable-transports/snowflake#40270).

Related: tpo/anti-censorship/pluggable-transports/snowflake#40198
 2023-06-08 13:24:22 -06:00
meskio
82cc0f38f7
Move the development to gitlab 
Related: tpo/anti-censorship/team#86
 2023-05-31 10:01:47 +02:00
meskio
297ca91b1d
Use goptlib from gitlab.torproject.org 2023-04-19 17:15:35 +02:00
KokaKiwi
1ef43a0dde
Use latest Pion WebRTC libs version 
- webrtc and dtls libs got the "Skip Hello Verify" patches applied

Link: https://github.com/pion/dtls/pull/513
Link: https://github.com/pion/webrtc/pull/2433
 2023-03-22 12:19:03 +00:00
Shelikhoo
44c76ce3ad
Fix helloverify remove patch not applied 2023-01-18 14:36:18 +00:00
Shelikhoo
10fd000685
Apply Skip Hello Verify Migration 
Backported from https://gitlab.torproject.org/shelikhoo/snowflake/-/tree/dev-skiphelloverify-backup
 2023-01-17 12:47:32 +00:00
David Fifield
0780f2e809
Add a orport-srcaddr server transport option. 
The option controls what source address to use when dialing the
(Ext)ORPort. Using a source address other than 127.0.0.1, or a range of
addresses, can help with localhost ephemeral port exhaustion.

https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40198
 2022-11-16 19:41:42 +01:00
David Fifield
12e8de8b24 Update github.com/gorilla/websocket to v1.5.0. 2022-11-15 17:21:33 -07:00
Cecylia Bocovich
31b958302e Bump minimum go version to 1.15 2022-10-12 11:03:06 -04:00
Shelikhoo
211254fa98
Add distinct IP counter 2022-06-16 14:58:12 +01:00
Cecylia Bocovich
dd83b68efa
Bump version of pion/webrtc to v3.1.41 
This bumps the version of pion/dtls to v2.1.5 to fix three CVEs:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29189
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29190
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29222
 2022-05-24 11:45:47 -04:00
Cecylia Bocovich
b6875c6ae9
Bump webrtc library version 
go get github.com/pion/webrtc/v3@latest
go mod tidy
 2022-04-12 12:10:01 -04:00
itchyonion
e2838201ad
Scrub ptEvent logs 2022-04-12 11:52:21 -04:00
Cecylia Bocovich
aab806429f
Fix gitlab CI to work with multiple client .go files 2022-04-11 11:50:36 -04:00
Shelikhoo
006abdead4
Add utls roundtripper 2022-03-16 09:13:25 +00:00
Shelikhoo
bf3bd635f7
Fix build break in Go 1.16 for missing import 
See also:
https://gitlab.torproject.org/shelikhoo/snowflake/-/jobs/86751
 2022-01-26 13:39:12 +00:00
David Fifield
aeb0794d28 Use require rather than replace for dtls version. 
go mod edit -dropreplace=github.com/pion/dtls/v2
go get github.com/pion/dtls/v2@v2.0.12

This is an update to
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/66.
 2021-12-16 09:46:55 -07:00
Cecylia Bocovich
738bd464ea
Update version of DTLS library 
Make sure we use a version of the DTLS library that contains the
following fingerprinting fixes:

Only send supported_groups extension in ClientHello
Do not include IP addresses as SNI values

These changes have been merged upstream into pion/dtls.
 2021-12-10 10:39:44 -05:00
Cecylia Bocovich
ead5a960d7
Bump snowflake library imports and go.mod to v2 2021-11-11 10:14:49 -05:00
meskio
4396d505a3
Use tpo geoip library 
Now the geoip implmentation has being moved to it's own library to be
shared between projects.
 2021-10-04 12:24:55 +02:00
Cecylia Bocovich
e84bc81e31 Bump version of kcp and smux libraries 2021-06-23 19:41:03 -04:00
Cecylia Bocovich
92bd900bc5 Implement binned counts for polling metrics 2021-04-26 14:07:55 -04:00
Cecylia Bocovich
83ef0b6f6d Export snowflake broker metrics for prometheus 
This change adds a prometheus exporter for our existing snowflake broker
metrics. Current values for the metrics can be fetched by sending a GET
request to /prometheus.
 2021-04-22 10:39:35 -04:00
Cecylia Bocovich
087a037f82 Update webrtc library to v3.0.15 
This fixes a vulnerability in the library: CVE-2021-28681
 2021-03-18 23:08:05 -04:00
Cecylia Bocovich
1b29ad7de1 Bump version of pion/sdp 
Update our dependency on pion/sdp from v2 to v3, to match pion/webrtc
v3. This requires some changes in how we parse out addresses from ice
candidates. This will ease tor browser builds of snowflake since we are
now only relying on one version of pion/sdp instead of two different
ones.
 2021-01-25 10:28:17 -05:00
Cecylia Bocovich
83c01565ef Update webrtc library to v3.0.0 
This update required two main changes to how we use the library. First,
we had to make sure we created the datachannel on the offering peer side
before creating the offer. Second, we had to make sure we wait for the
gathering of all candidates to complete since trickle-ice is enabled by
default. See the release notes for more details:
https://github.com/pion/webrtc/wiki/Release-WebRTC@v3.0.0.
 2021-01-12 10:37:26 -05:00
Cecylia Bocovich
bf924445e3 Implement NAT discovery (RFC 5780) at the client 
Snowflake clients will now attempt NAT discovery using the provided STUN
servers and report their NAT type to the Snowflake broker for matching.
The three possibilities for NAT types are:
- unknown (the client was unable to determine their NAT type),
- restricted (the client has a restrictive NAT and can only be paired
with unrestricted NATs)
- unrestricted (the client can be paired with any other NAT).
 2020-07-06 13:16:03 -04:00
David Fifield
2f52217d2f Restore go 1.13 to go.mod, lost in the turbotunnel merge. 2020-04-23 17:08:49 -06:00