Commit graph

1412 commits

Author SHA1 Message Date
WofWca
cb0fb02cd5
fix(proxy): not answering before client timeout
This is related to
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40230.

The initial MR that closed that issue,
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/391,
was not semantically correct, because `DataChannelTimeout`
starts after the client has already received the answer.

After
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/498#note_3156256
the code became not only semantically incorrect,
but also functionally incorrect because now if this timeout is hit
by the proxy, the client is guaranteed to be gone already.
This commit fixes it, by lowering the timeout.

This addresses a suggestion in
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40447.

This also closes
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40381
and supersedes
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/415.
2025-02-12 10:17:08 -05:00
Renovate Bot
cb30331aa2
chore(deps): update gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/ptutil digest to efaf4e0
Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2025-02-12 10:07:00 -05:00
Renovate Bot
5d97990096
chore(deps): update module github.com/aws/aws-sdk-go-v2/config to v1.29.6
Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2025-02-12 10:06:02 -05:00
Renovate Bot
d8838d1727
chore(deps): update module github.com/pion/ice/v4 to v4.0.6
Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2025-02-12 10:03:22 -05:00
Renovate Bot
971d88ca9d
chore(deps): update module golang.org/x/net to v0.35.0 2025-02-11 11:22:39 +00:00
Shelikhoo
33d00aea24
update golang testing setting in CI 2025-02-10 12:54:43 +00:00
Renovate Bot
2c2839fc7a
chore(deps): update module github.com/aws/aws-sdk-go-v2/credentials to v1.17.59 2025-02-06 13:51:27 +00:00
Renovate Bot
905002d146
chore(deps): update module github.com/aws/aws-sdk-go-v2/service/sqs to v1.37.14 2025-02-06 12:42:01 +00:00
Cecylia Bocovich
4a1e075ee0
Lower broker ClientTimeout to 5 seconds
Matches the observed timeout for CDN77, based on user reports.
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40446
2025-02-04 15:41:35 -05:00
meskio
35bc8ec7c3
Merge remote-tracking branches 'gitlab/mr/486' and 'gitlab/mr/487' 2025-02-04 18:56:11 +01:00
Renovate Bot
a390085d2a chore(deps): update module github.com/aws/aws-sdk-go-v2/config to v1.29.4 2025-01-31 20:12:47 +00:00
Renovate Bot
276bce42b5 chore(deps): update module github.com/miekg/dns to v1.1.63 2025-01-30 15:46:29 +00:00
onyinyang
26f7ee4b06
Remove utls library from snowflake and Use ptuil/utls 2025-01-29 13:01:33 -05:00
Renovate Bot
0dee9d68bd
chore(deps): update module github.com/aws/aws-sdk-go-v2/service/sqs to v1.37.9
Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2025-01-22 14:37:19 -05:00
Renovate Bot
d710216fb7
chore(deps): update module github.com/aws/aws-sdk-go-v2/config to v1.29.1
Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2025-01-22 14:33:45 -05:00
meskio
313e54befe
CI: use /etc/localtime instead of /etc/timezone
/etc/timezone is a legacy debian specific file. Let's use localtime.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038849

* Related: #40414
2025-01-22 17:38:49 +01:00
Renovate Bot
fa122efb61
chore(deps): update module github.com/xtaci/smux to v1.5.33 2025-01-21 15:41:23 +00:00
Renovate Bot
883e8238d1
chore(deps): update module github.com/pion/webrtc/v4 to v4.0.8 2025-01-21 14:08:17 +00:00
meskio
7938509b6f
Merge remote-tracking branches 'gitlab/mr/480' and 'gitlab/mr/485' 2025-01-20 17:42:38 +01:00
Renovate Bot
590735c838 chore(deps): update module github.com/aws/aws-sdk-go-v2 to v1.33.0 2025-01-16 21:16:35 +00:00
Renovate Bot
9ede2ca3da chore(deps): update module github.com/pion/sdp/v3 to v3.0.10 2025-01-16 21:16:21 +00:00
Cecylia Bocovich
eedac71a3a
Add self-signed ISRG Root X1 to cert pool
Replace the expired DST Root CA X3 signed ISRG Root X1 cert with the
self-signed cert.

Closes https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40440
2025-01-15 10:56:17 -05:00
meskio
fad8ddb840
Merge remote-tracking branches 'gitlab/mr/473' and 'gitlab/mr/474' 2025-01-14 10:29:10 +01:00
Renovate Bot
3ac3c177c2 chore(deps): update module golang.org/x/net to v0.34.0 2025-01-13 09:10:43 +00:00
Renovate Bot
2556b3cc7b chore(deps): update module github.com/aws/aws-sdk-go-v2 to v1.32.8 2025-01-13 09:10:15 +00:00
David Fifield
1895bb9d2c Comment typo. 2025-01-13 08:49:15 +00:00
Renovate Bot
e4c95fc242
chore(deps): update module golang.org/x/net to v0.33.0 [security]
Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2025-01-07 15:54:08 -05:00
meskio
cdbfc9612f
Merge remote-tracking branches 'gitlab/mr/464', 'gitlab/mr/467' and 'gitlab/mr/471' 2025-01-07 13:08:21 +01:00
WofWca
e038b68d79 refactor(proxy): simplify tokens.ret() on error 2025-01-04 19:31:44 +04:00
Renovate Bot
847c7c45a8 chore(deps): update module golang.org/x/crypto to v0.31.0 [security] 2024-12-23 16:38:11 +00:00
Renovate Bot
1d3772bb80 chore(deps): update module github.com/aws/aws-sdk-go-v2 to v1.32.7 2024-12-19 20:14:48 +00:00
Shelikhoo
e7a7f41c5b
seperate docker hub mirroring to a seperate stage 2024-12-16 13:28:30 +00:00
meskio
63549af07e
Merge remote-tracking branches 'gitlab/mr/459' and 'gitlab/mr/461' 2024-12-16 10:49:17 +01:00
Renovate Bot
0e793d6cb9 chore(deps): update module github.com/pion/webrtc/v4 to v4.0.6 2024-12-16 06:50:07 +00:00
WofWca
85a93c5303 docs: clarify -ports-range is for port forwarding 2024-12-13 17:06:13 +04:00
WofWca
92521b6679 improvement: warn if ports-range is too narrow
...and improve the docstring for the parameter.
2024-12-13 17:06:11 +04:00
WofWca
cb32d008ca docs: improve ephemeral-ports-range description
Clarify that the default range is wide.
2024-12-13 16:09:22 +04:00
Shelikhoo
6e7c177157
copy container tag to generate stable with crane to avoid flattening image 2024-12-12 13:33:52 +00:00
David Fifield
dbad475254 Finish incomplete comment for newEncapsulationPacketConn. 2024-12-12 06:40:57 +00:00
Renovate Bot
a0731443ff
chore(deps): update module golang.org/x/net to v0.32.0 2024-12-10 15:33:15 +00:00
Renovate Bot
ef0d391243
chore(deps): update module gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib to v1.6.0 2024-12-10 14:11:58 +00:00
WofWca
94b6647d33
feat(client): try restricted proxy if NAT unknown
Just once, to offload unrestricted proxies.
This is useful when our STUN servers are blocked or don't support
the NAT discovery feature, or if they're just slow.

Closes https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40178.
Partially addresses https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40376

Signed-off-by: Cecylia Bocovich <cohosh@torproject.org>
2024-12-05 10:34:08 -05:00
WofWca
f6767061e4
refactor: separate some Negotiate logic
As per https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/392#note_3096760
in preparation for further changes to `Negotiate`.
2024-12-05 10:27:36 -05:00
Cecylia Bocovich
75e73ce397
Fixup new STUN servers to include protocol 2024-12-04 12:02:18 -05:00
Cecylia Bocovich
cc644134ad
Added new RFC 5780 compatible STUN servers 2024-12-03 15:36:12 -05:00
Cecylia Bocovich
1607f9ce85
Remove nonfunctional STUN servers
Remove STUN servers that are offline, appear to be misconfigured, or do
not support NAT discovery
2024-12-03 15:21:07 -05:00
Cecylia Bocovich
6ecd5bf6d7
Remove log when offer is nil
After !414, we started returning a nil offer from pollOffer if the proxy
was not matched with a client. It's not longer an indication of failure,
so we should remove the "bad offer from broker" log message.
2024-12-03 15:05:44 -05:00
Cecylia Bocovich
5b479fdb13
Log EventOnCurrentNATTypeDetermined for proxy 2024-12-03 15:05:44 -05:00
Renovate Bot
dfbeee00de
chore(deps): update module github.com/aws/aws-sdk-go-v2 to v1.32.6 2024-12-03 13:25:04 +00:00
Renovate Bot
64995f391b
chore(deps): update golang docker tag to v1.23 2024-12-03 13:02:35 +00:00