Opened 3 years ago

Last modified 3 months ago

#21314 new defect

snowflake-client needs to stop using my network when I'm not giving it requests

Reported by: arma Owned by:
Priority: Medium Milestone:
Component: Circumvention/Snowflake Version:
Severity: Normal Keywords: tor-pt
Cc: cohosh, phw, dcf Actual Points:
Parent ID: #19001 Points: 2
Reviewer: Sponsor:

Description

I started my Tor Browser, and told it to use snowflake, and it did. Then I changed my mind and told it to stop using snowflake. Now, apparently there's a bug in Tor where Tor is supposed to kill snowflake-client when there are no more bridge lines in my torrc that want to use it. But ignoring that Tor bug, snowflake-client should also be defensive for me. Right now it is touching the broker every 10 seconds, looking for a snowflake, even though it is getting no requests. That can't be good for scalability or for the broker or for the users.

Child Tickets

Change History (15)

comment:1 Changed 3 years ago by arma

My first thought was that snowflake-client needs to go dormant when it hasn't received any requests in a while.

Yawning thinks it should be a more aggressive, and simpler, plan: it needs to be dormant when it is not right now having a request that it's supposed to handle.

(After all, Tor tries to maintain circuits to its guards, so it will have a persistent connection, and if Tor goes dormant because it doesn't expect to use the network for a while, then that's a great time for snowflake-client to notice that there is no network use, and go dormant too.)

I am fine with either approach, so long as pretty soon after I stop trying to talk to snowflake-client, it stops trying to use my network.

Last edited 3 years ago by arma (previous) (diff)

comment:2 in reply to:  description Changed 3 years ago by arma

Replying to arma:

Now, apparently there's a bug in Tor where Tor is supposed to kill snowflake-client when there are no more bridge lines in my torrc that want to use it

asn filed that bug today as #21967.

comment:3 Changed 17 months ago by gaba

Keywords: tor-pt snowflake added
Sponsor: Sponsor19

comment:4 Changed 13 months ago by gaba

Keywords: anti-censorship-roadmap-2019 added; snowflake removed

comment:5 Changed 13 months ago by gaba

Keywords: from-network-team-roadmap added

comment:6 Changed 12 months ago by gaba

Keywords: ex-sponsor19 added
Sponsor: Sponsor19

Remove sponsor 19 and add a keyword ex-sponsor19 to mark all the tickets that could have been in the scope of the sponsor.

comment:7 Changed 12 months ago by gaba

Keywords: anti-censorship-roadmap added; anti-censorship-roadmap-2019 removed

comment:8 Changed 5 months ago by cohosh

Points: 2

comment:9 Changed 5 months ago by gaba

Keywords: from-network-team-roadmap removed

comment:10 Changed 5 months ago by teor

Parent ID: #21967

We should fix #21314 and #21967 together.

comment:11 Changed 5 months ago by arma

Agreed, but I think this is a fundamentally separate bug from #21967. #21967 is a Tor bug where it needs to shut down its PTs when there is no longer a configure bridge that uses it. #21314 is a Snowflake bug where it needs to stop reaching out to Snowflakes when there are no connections to proxy, i.e. when Tor isn't trying to hold open any connections. So yes, we should fix both.

comment:12 Changed 4 months ago by dcf

I think the way to do this is to restructure the code so that the broker-polling loop (which keeps the client replenished with fresh proxies) happens inside the SOCKS handler, not outside.

That is, currently the code works like this, with the broker-polling loop being global and independent of any SOCKS connection:

func main() {
    snowflakes := sf.NewPeers() // etc.
    go ConnectLoop(snowflakes) // start the background broker-polling loop

    for conn in ln.AcceptSocks() {
        // pass a handle to the snowflake collector to the handler function
        go Handler(conn, snowflakes)
    }

    snowflakes.End()
}

func Handler(socks net.Conn, snowflakes SnowflakeCollector) {
    snowflake := snowflakes.Pop()
    copyLoop(socks, snowflake)
}

Instead, it should start a new browser-polling loop specific to each SOCKS connection (tor usually has 0 or 1 of these open at a time):

func main() {
    for conn in ln.AcceptSocks() {
        go Handler(conn)
    }
}

func Handler(socks net.Conn, snowflakes SnowflakeCollector) {
    snowflakes := sf.NewPeers() // etc.
    go ConnectLoop(snowflakes) // start the background broker-polling loop

    snowflake := snowflakes.Pop()
    copyLoop(socks, snowflake)

    snowflakes.End()
}

comment:13 Changed 3 months ago by cohosh

Cc: cohosh phw dcf added

comment:14 Changed 3 months ago by gaba

Keywords: ex-sponsor19 anti-censorship-roadmap removed

comment:15 Changed 3 months ago by cohosh

Parent ID: #21967#19001
Note: See TracTickets for help on using tickets.