We need to set up the pion/webrtc logger to write output to the
snowflake log, otherwise the warnings we are getting from the pion
library are being lost.
Note: this requires go version 1.13 and later in order to use the
`log.Writer()` function.
This commit fixes a small error introduced in a previous commit. Servers
given by command line options weren't being added to the configuration
because we were checking for `iceServers` to be nil instead of not nil.
Modified the snowflake client to use pion/webrtc as the webrtc library.
This involved a few small changes to match function signatures as well
as several larger ones:
- OnNegotiationNeeded is no longer supported, so CreateOffer and
SetLocalDescription have been moved to a go routine called after the
other peer connection callbacks are set
- We need our own deserialize/serialize functions
- We need to use a SettingEngine in order to access the
OnICEGatheringStateChange callback
The API is very similar, differences were mostly due to:
- closing peer connections and datachannels (no destroy/delete methods)
- different way to set datachannel/peer connection callbacks
- differences in whether functions take pointers or values
- no serialize/deserialize functions in the API
The safelog Write function can be called from multiple go routines, and
it was not thread safe. These locks in particular allow us to pass the
logscrubber's output io.Writer to other libraries, such as pion.
Many of our log messages were being used to generate metrics, but are
now being aggregated and logged to a separate metrics log file and so we
don't need them in the regular logs anymore.
This addresses the goal of ticket #30830, to remove unecessary messages
and keep broker logs for debugging purposes.
Added a folder to hold snowflake specifications. This folder starts with
a file containing a partial broker spec that focuses on the metrics
reporting spec for CollecTor at the moment.
The broker /debug page was displaying proxy IDs and roundtrip times. As
serna pointed out in bug #31460, the proxy IDs can be used to launch a
denial of service attack. As the metrics team pointed out on #21315, the
round trip time average can be potentially sensitive.
This change displays only proxy counts and uses ID lengths to
distinguish between standalone proxy-go instances and browser-based
snowflake proxies.
Note that getMessage in the badge depends on having a complete set of
translations, unlike the webextension, which will fallback to the
default for a string.
Because the timeout makes the pair inactive, we should check for this
state in onopen before connecting to the client. Updated tests to set
the proxy pair to active before testing onopen. Also removed a
redundant statement.
The former icon used fill="context-fill", which I believe doesn't work
except in Mozilla's own extensions. So I changed that one to
fill="black" and made a new one with fill="white".
https://bugs.torproject.org/31170#comment:8
I chose these icons for the "on" and "off" icons:
toolbar_icon_purple.svg → toolbar-on.svg
toolbar_icon_grey.svg → toolbar-off.svg
I then made toolbar-running.svg by copying toolbar-off.svg and changing
the stroke and fill from #4A4A4F to #40E0D0.
In Firefox, this requires version 67 for support for
prefers-color-scheme media queries.
https://hacks.mozilla.org/2019/05/firefox-67-dark-mode-css-webrender/
To force Firefox into dark mode, set ui.systemUsesDarkTheme=1 (and
optionally browser.in-content.dark-mode=true, to put pages such as
about:addons into dark mode as well) in about:config. You can check if
it's working at https://bugzilla.mozilla.org/, which has its own
dark-mode styling. Note that this kind of dark mode is *independent* of
the "Dark" theme that can be selected in about:addons.
Chrome requires version 76 for prefers-color-scheme. You can force it by
running with the --force-dark-mode command-line option.
This one was missing from the redesigned icons. I made it by making a
copy of status-on.svg and changing the fill from #8000D7 to #40E0D0.
I didn't make a separate dark-mode version of the icon.
This implements a handler at https://[snowflake-broker]/metrics for the
snowflake collecTor module to fetch stats from the broker. Logged
metrics are copied out to the response with a text/plain; charset=utf-8
content type. This implements bug #31376.
This is similar to the deadlock bug in the proxy-go instances. If the
proxy-pair sends an answer to the broker, it previously assumed that the
datachannel would be opened and the pair reused only once the
datachannel closed. However, sometimes the datachannel never opens due
to ICE errors or a misbehaving/buggy client causing the proxy to
infinitely loop and the proxy-pair to remain active.
This commit reuses the pair.running attribute to indicate whether or not
the datachannel has been opened and sets a timeout to close the
proxy-pair if it has not been opened by that time.
Make sure to set proxypair.active to false if createAnswer or
setLocalDescription fails. This should prevent one edge case the results
in an infinite loop described in ticket #31100.
