Changes in version v2.11.0 - 2025-03-18 - Fix data race warnings for tokens_t - Fix race condition in proxy connection count stats - Make NATPolicy thread-safe - Fix race conditions with error scope - Fix race condition with proxy isClosing variable - Issue 40454: Update broker metrics to count matches, denials, and timeouts - Add proxy event and metrics for failed connections - Issue 40377: Create CI artifact if shadow fails - Issue 40438: Copy base client config for each SOCKS connection - Fix minor data race in Snowflake broker metrics - Issue 40363: Process and read broker SQS messages more quickly - Issue 40419: delay before calling dc.Close() to improve NAT test on proxy - Add country stats to proxy prometheus metrics - Issue 40381: Avoid snowflake client dependency in proxy - Issue 40446: Lower broker ClientTimeout to 5 seconds in line with CDN77 defaults - Refactor out utls library into ptutil/utls - Issue 40414: Use /etc/localtime for CI - Issue 40440: Add LE self-signed ISRG Root X1 to cert pool - Proxy refactor to simplify tokens.ret() on error - Clarify ephemeral-ports-range proxy option - Issue 40417: Fixes and updates to CI containers - Issue 40178: Handle unknown client type better - Issue 40304: Update STUN server list - Issue 40210: Remove proxy log when offer is nil - Issue 40413: Log EventOnCurrentNATTypeDetermined for proxy - Use named return for some functions to improve readability - Issue 40271: Use pion SetIPFilter rather than our own StripLocalAddress - Issue 40413: Suppress logs of proxy events by default - Add IsLinkLocalUnicast in IsLocal - Fix comments - Bump versions of dependencies Changes in version v2.10.1 - 2024-11-11 - Issue 40406: Update version string Changes in version v2.10.0 - 2024-11-07 - Issue 40402: Add proxy event for when client has connected - Issue 40405: Prevent panic for duplicate SnowflakeConn.Close() calls - Enable local time for proxy logging - Have proxy summary statistics log average transfer rate - Issue 40210: Remove duplicate poll interval loop in proxy - Issue 40371: Prevent broker and proxy from rejecting clients without ICE candidates - Issue 40392: Allow the proxy and probetest to set multiple STUN URLs - Issue 40387: Fix error in probetest NAT check - Fix proxy panic on invalid relayURL - Set empty pattern if broker bridge-list is empty - Improve documentation of Ephemeral[Min,Max]Port - Fix resource leak and NAT check in probetest - Fix memory leak from failed NAT check - Improve NAT check logging - Issue 40230: Send answer even if ICE gathering is not complete - Improve broker error message on unknown bridge fingerprint - Don't proxy private IP addresses - Only accept ws:// and wss:// relay addresses - Issue 40373: Add cli flag and SnowflakeProxy field to modify proxy poll interval - Use %w not $v in fmt.Errorf - Updates to documentation - Adjust copy buffer size to improve proxy performance - Improve descriptions of cli flags - Cosmetic changes for code readability - Issue 40367: Deduplicate prometheus metrics names - Report the version of snowflake to the tor process - Issue 40365: Indicate whether the repo was modified in the version string - Simplify NAT checking logic - Issue 40354: Use ptutil library for safelog and prometheus metrics - Add cli flag to set a listen address for proxy prometheus metrics - Issue 40345: Integrate docker image with release process - Bump versions of dependencies Changes in version v2.9.2 - 2024-03-18 - Issue 40288: Add integration testing with Shadow - Issue 40345: Automatically build and push containers to our registry - Issue 40339: Fix client ID reuse bug in SQS rendezvous - Issue 40341: Modify SQS rendezvous arguments to use b64 encoded parameters - Issue 40330: Add new metrics at the broker for per-country rendezvous stats - Issue 40345: Update docker container tags - Bump versions of dependencies Changes in version v2.9.1 - 2024-02-27 - Issue 40335: Fix release job - Change deprecated io/ioutil package to io package - Bump versions of dependencies Changes in version v2.9.0 - 2024-02-05 - Issue 40285: Add vcs revision to version string - Issue 40294: Update recommended torrc options in client README - Issue 40306: Scrub space-separated IP addresses - Add proxy commandline option for probe server URL - Use SetNet setting in probest to ignore net.Interfaces error - Add probetest commandline option for STUN URL - Issue 26151: Implement SQS rendezvous in client and broker - Add broker metrics to track rendezvous method - Cosmetic code quality fixes - Bump versions of dependencies Changes in version v2.8.1 - 2023-12-21 - Issue 40276: Reduce allocations in encapsulation.ReadData - Issue 40310: Remove excessive logging for closed proxy connections - Issue 40278: Add network fix for old version of android to proxy - Bump versions of dependencies Changes in version v2.8.0 - 2023-11-20 - Issue 40069: Add outbound proxy support - Issue 40301: Fix for a bug in domain fronting configurations - Issue 40302: Remove throughput summary from proxy logger - Issue 40302: Change proxy stats logging to only log stats for traffic that occurred in the summary interval - Update renovate bot configuration to use Go 1.21 - Bump versions of dependencies Changes in version v2.7.0 - 2023-10-16 7142fa3 fix(proxy): Correctly close connection pipe when dealing with error 6393af6 Remove proxy churn measurements from broker. a615e8b fix(proxy): remove _potential_ deadlock d434549 Maintain backward compatability with old clients 9fdfb3d Randomly select front domain from comma-separated list 5cdf52c Update dependencies 1559963 chore(deps): update module github.com/xtaci/kcp-go/v5 to v5.6.3 60e66be Remove Golang 1.20 from CI Testing 1d069ca Update CI targets to test android from golang 1.21 3a050c6 Use ShouldBeNil to check for nil values e45e8e5 chore(deps): update module github.com/smartystreets/goconvey to v1.8.1 f47ca18 chore(deps): update module gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib to v1.5.0 106da49 chore(deps): update module github.com/pion/webrtc/v3 to v3.2.20 2844ac6 Update CI targets to include only Go 1.20 and 1.21 f4e1ab9 chore(deps): update module golang.org/x/net to v0.15.0 caaff70 Update module golang.org/x/sys to v0.12.0 Changes in version v2.6.1 - 2023-09-11 - a3bfc28 Update module golang.org/x/crypto to v0.12.0 - e37e15a Update golang Docker tag to v1.21 - b632c7d Workaround for shadow in lieu of AF_NETLINK support - 0cb2975 Update module golang.org/x/net to v0.13.0 [SECURITY] - f73fe6e Keep the 'v' from the tag on the released .tar.gz - 8104732 Change DefaultRelayURL back to wss://snowflake.torproject.net/. - d932cb2 feat: add option to expose the stats by using metrics - af73ab7 Add renovate config - aaeab3f Update dependencies - 58c3121 Close temporary UDPSession in TestQueuePacketConnWriteToKCP. - 80980a3 Fix a comment left over from turbotunnel-quic. - 08d1c6d Bump minimum required version of go Changes in version v2.6.0 - 2023-06-19 - Issue 40243: Implement datachannel flow control at proxy - Issue 40087: Append Let's Encrypt ISRG Root X1 to cert pool - Issue 40198: Use IP_BIND_ADDRESS_NO_PORT when dialing the ORPort on linux - Move from gitweb to gitlab - Add warning log at broker when proxy does not connect with client - Fix unit tests after SDP validation - Soften non-critical log from error to warning - Issue 40231: Validate SDP offers and answers - Add scanner error check to ClusterCounter.Count - Fix server benchmark tests - Issue 40260: Use a sync.Pool to reuse QueuePacketConn buffers - Issue 40043: Restore ListenAndServe error in server - Update pion webrtc library versions - Issue 40108: Add outbound address config option to proxy - Issue 40260: Fix a data race in the Snowflake server - Issue 40216: Add utls-imitate, utls-nosni documentation to the README - Fix up/down traffic stats in standalone proxy - Issue 40226: Filter out ICE servers that are not STUN - Issue 40226: Update README to reflect the type of ICE servers we support - Issue 40226: Parse ICE servers using the pion/ice library function - Bring client torrc up to date with Tor Browser Changes in version v2.5.1 - 2023-01-18 - Issue 40249: Fix issue with Skip Hello Verify patch Changes in version v2.5.0 - 2023-01-18 - Issue 40249: Apply Skip Hello Verify Migration Changes in version v2.4.3 - 2023-01-16 - Fix version number in version.go Changes in version v2.4.2 - 2023-01-13 - Issue 40208: Enhance help info for capacity flag - Issue 40232: Update README and fix help output - Issue 40173: Increase clientIDAddrMapCapacity - Issue 40177: Manually unlock mutex in ClientMap.SendQueue - Issue 40177: Have SnowflakeClientConn implement io.WriterTo - Issue 40179: Reduce turbotunnel queueSize from 2048 to 512 - Issue 40187/40199: Take ownership of buffer in QueuePacketConn QueueIncoming/WriteTo - Add more tests for URL encoded IPs (safelog) - Fix server flag name - Issue 40200: Use multiple parallel KCP state machines in the server - Add a num-turbotunnel server transport option - Issue: 40241: Switch default proxy STUN server to stun.l.google.com Changes in version v2.4.1 - 2022-12-01 - Issue 40224: Bug fix in utls roundtripper Changes in version v2.4.0 - 2022-11-29 - Fix proxy command line help output - Issue 40123: Reduce multicast DNS candidates - Add ICE ephemeral ports range setting - Reformat using Go 1.19 - Update CI tests to include latest and minimum Go versions - Issue 40184: Use fixed unit for bandwidth logging - Update gorilla/websocket to v1.5.0 - Issue 40175: Server performance improvements - Issue 40183: Change snowflake proxy log verbosity - Issue 40117: Display proxy NAT type in logs - Issue 40198: Add a `orport-srcaddr` server transport option - Add gofmt output to CI test - Issue 40185: Change bandwidth type from int to int64 to prevent overflow - Add version output support to snowflake - Issue 40229: Change regexes for ipv6 addresses to catch url-encoded addresses - Issue 40220: Close stale connections in standalone proxy Changes in version v2.3.0 - 2022-06-23 - Issue 40146: Avoid performing two NAT probe tests at startup - Issue 40134: Log messages from client NAT check failures are confusing - Issue 34075: Implement metrics to measure snowflake churn - Issue 28651: Prepare all pieces of the snowflake pipeline for a second snowflake bridge - Issue 40129: Distributed Snowflake Server Support Changes in version v2.2.0 - 2022-05-25 - Issue 40099: Initialize SnowflakeListener.closed - Add connection failure events for proxy timeouts - Issue 40103: Fix proxy logging verb tense - Fix up and downstream metrics output for proxy - Issue 40054: uTLS for broker negotiation - Forward bridge fingerprint from client to broker (WIP, Issue 28651) - Issue 40104: Make it easier to configure proxy type - Remove version from ClientPollRequest - Issue 40124: Move tor-specific code out of library - Issue 40115: Scrub pt event logs - Issue 40127: Bump webrtc and dtls library versions - Bump version of webrtc and dtls to fix dtls CVEs - Issue 40141: Ensure library calls of events can be scrubbed Changes in version v2.1.0 - 2022-02-08 - Issue 40098: Remove support for legacy one shot mode - Issue 40079: Make connection summary at proxy privacy preserving - Issue 40076: Add snowflake event API for notifications of connection events - Issue 40084: Increase capacity of client address map at the server - Issue 40060: Further clean up snowflake server logs - Issue 40089: Validate proxy and client supplied strings at broker - Issue 40014: Update version of DTLS library to include fingerprinting fixes - Issue 40075: Support recurring NAT type check in standalone proxy Changes in version v2.0.0 - 2021-11-04 - Turn the standalone snowflake proxy code into a library - Clean up and reworked the snowflake client and server library code - Unify broker/bridge domains to *.torproject.net - Updates to the snowflake library documentation - New package functions to define and set a rendezvous method with the broker - Factor out the broker geoip code into its own external library - Bug fix to check error calls in preparePeerConnection - Bug fixes in snowflake tests - Issue 40059: add the ability to pass in snowflake arguments through SOCKS - Increase buffer sizes for sending and receiving snowflake data - Issue 25985: rendezvous with the broker using AMP cache - Issue 40055: wait for the full poll interval between proxy polls Changes in version v1.1.0 - 2021-07-13 - Refactors of the Snowflake broker code - Refactors of the Snowflake proxy code - Issue 40048: assign proxies based on self-reported client load - Issue 40052: fixed a memory leak in the server accept loop - Version bump of kcp and smux libraries - Bug fix to pass the correct client address to the Snowflake bridge metrics counter - Bug fixes to prevent race conditions in the Snowflake client Changes in version v1.0.0 - 2021-06-07 - Initial release.