Skip to content
This repository was archived by the owner on Nov 6, 2023. It is now read-only.

Better obs whitelisting#276

Merged
pde merged 20 commits intomasterfrom
better-obs-whitelisting
May 16, 2014
Merged

Better obs whitelisting#276
pde merged 20 commits intomasterfrom
better-obs-whitelisting

Conversation

@pde
Copy link
Copy Markdown
Contributor

@pde pde commented May 9, 2014

Hi Yan/Mike,

This is my code to fetch copies of the whitelist periodically from s.eff.org, rather than having every single client submit each new common cert as it is deployed.

Should massively reduce the dynamic workload on the observatory server, at the expense of a new static load at s.eff.org.

pde and others added 20 commits March 21, 2014 17:01
@pde
Bump verstion to 4.0dev16
4a3d206
@pde
Factorise read()ing
da001de
@pde
Export rulewriter access
9fd3acc
@pde
Experimental write() function [broken]
b3a1194
@pde
Fetch Observatory whitelists from EFF CDN [somewhat buggy]
aed5afe 
- Everything except the saving function seems to work, though
work in progress
2878602
@pde
Merge branch 'master' of https://git.torproject.org/https-everywhere
c669354 
…into better-obs-whitelisting
@pde
Fix filewriting bug.
cad783c
@pde
Re-fetch the cert whitelist every 1-3 days
6ba809b
@pde
Bugfix, and maybe update certlist before each observatory submission
2d8a305
@pde
Pick more sensible verbosity levels
db3c0c4
@pde
Remove the .js whitelist. We're using JSON now!
5182c27
@pde
compatJSON.encode is reportedly deprecated, -> JSON.stringify
b7b3125
@pde
Include the JSON whitelist!
74a0e89
@pde
Merge remote-tracking branch 'origin/master' into better-obs-whitelis…
b2aec0a 
…ting
@pde
Include a proper whitelist for a change!
a78b892
@pde
Neatening, and more informative messages
a54d0bb
@pde
One last verbosity reduction.
609abe3
@pde
Tidying & housekeeping
e950679
@pde
Merge branch 'master' of https://git.torproject.org/https-everywhere
5d0dd0b 
…into better-obs-whitelisting
diracdeltas
diracdeltas reviewed May 14, 2014
View reviewed changes
src/components/ssl-observatory.js
Copy link
Copy Markdown
Contributor

@diracdeltas diracdeltas May 14, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then it seems like we need https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsITimer ?

Copy link
Copy Markdown
Contributor Author

@pde pde May 16, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we need nsITimer. This code lazily updates the whitelist whenever an amount of time has expired and there's a new submission about to be made to the observatory. One silly thing is that the cert update is async in the background while the observatory submission continues. It might make sense to chain callbacks so that the submission logic waits for maybeUpdateCertWhitelist() to finish its async work so that the submission uses the very latest whitelist. However that is going to be a bit ugly...

Copy link
Copy Markdown
Contributor Author

@pde pde May 16, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK, the async version would look something like this, though that's untested. I'm inclined to just merge this branch without the async acrobatics for now.

pde pushed a commit that referenced this pull request May 16, 2014
Merge pull request #276 from EFForg/better-obs-whitelisting
e391f04 
Better obs whitelisting

The less ugly but also less async version
@pde pde merged commit e391f04 into master May 16, 2014
@pde pde mentioned this pull request Jan 15, 2015
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pde @diracdeltas