unnecessary (proxy) connections are being opened

Bug #487313 reported by Hendrik T on 2009-11-23
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
telepathy-gabble
Fix Released
Wishlist
telepathy-gabble (Ubuntu)
Medium
Unassigned
Karmic
Medium
Unassigned

Bug Description

Binary package hint: telepathy-gabble

I'm maintaining a Jabber server "Openfire 3.6.4". Since a user started running the messenger 'Empathy' I noticed many server to server connections being opened on my server. Those connections where closed after the user logged off and immediately opened when he logged on. So I tried it myself under Ubuntu 9.10 with the latest updates installed and got the same behavior.

Here you can see a screenshot from the admin panel of Openfire which shows open server connections:
http://666kb.com/i/bec5ym5gu7gyab012.gif

Normally just GMX, GMail and JabJab connections should be open, as I don't have that much users.

For further investigation I checked the source code of telepathy-gabble and found the additional proxy servers hard-coded in "connection.h":

/* List of public SOCKS5 proxies:
 * http://coccinella.im/servers/servers_by_proxy_bytestreams.html */
#define GABBLE_PARAMS_DEFAULT_SOCKS5_PROXIES \
    { "proxy.jabber.org", "proxy.jabberfr.org",\
      "proxy65.rooyee.biz", "proxy.jabbim.cz",\
      "proxy.911910.cn",\
      "proxy.downtempo.de",\
      "proxy.im.flosoft.biz",\
      "proxy.jabber.bluendo.com", "proxy.jabber.dk", "proxy.jabber.freenet.de",\
      "proxy.fsinf.at", "proxy.jabber.minus273.org",\
      "proxy.jabber.planetteamspeak.com", "proxy.jabber.tf-network.de",\
      "proxy.jabjab.de", "proxy.jabster.pl",\
      "proxy.schokokeks.org",\
      "proxy.ubuntu-jabber.de", "proxy.ubuntu-jabber.net",\
      "proxy65.unstable.nl", "proxy.verdammung.org", "proxy.vke.ru",\
      "proxy.vodka-pomme.net", "proxy.jabbernet.eu",\
      NULL }

/* These proxies appeared to be the same as proxy.jabbernet.eu
    "proxy.jabberchat.eu", "proxy.shady.nl", "proxy.nedbsd.be",\
    "proxy.nedbsd.eu", "proxy.nedbsd.nl", "proxy.4business.nl"\
*/

I can't say why those servers have to be hardcoded, but at least telepathy should not open unnecessary connections to those servers. I'd expect it to open those connections when needed.

Another user noticed this problem so far and reported it on the Openfire forums:
http://www.igniterealtime.org/community/thread/40410?tstart=0

Gabble master queries now 5 proxies at the same time. I don't close the bug now as we could still improve this by sending queries only when we are going to need them.

Changing severity and retitling.

Hendrik T (hthole-gmx) wrote :

Binary package hint: telepathy-gabble

I'm maintaining a Jabber server "Openfire 3.6.4". Since a user started running the messenger 'Empathy' I noticed many server to server connections being opened on my server. Those connections where closed after the user logged off and immediately opened when he logged on. So I tried it myself under Ubuntu 9.10 with the latest updates installed and got the same behavior.

Here you can see a screenshot from the admin panel of Openfire which shows open server connections:
http://666kb.com/i/bec5ym5gu7gyab012.gif

Normally just GMX, GMail and JabJab connections should be open, as I don't have that much users.

For further investigation I checked the source code of telepathy-gabble and found the additional proxy servers hard-coded in "connection.h":

/* List of public SOCKS5 proxies:
 * http://coccinella.im/servers/servers_by_proxy_bytestreams.html */
#define GABBLE_PARAMS_DEFAULT_SOCKS5_PROXIES \
    { "proxy.jabber.org", "proxy.jabberfr.org",\
      "proxy65.rooyee.biz", "proxy.jabbim.cz",\
      "proxy.911910.cn",\
      "proxy.downtempo.de",\
      "proxy.im.flosoft.biz",\
      "proxy.jabber.bluendo.com", "proxy.jabber.dk", "proxy.jabber.freenet.de",\
      "proxy.fsinf.at", "proxy.jabber.minus273.org",\
      "proxy.jabber.planetteamspeak.com", "proxy.jabber.tf-network.de",\
      "proxy.jabjab.de", "proxy.jabster.pl",\
      "proxy.schokokeks.org",\
      "proxy.ubuntu-jabber.de", "proxy.ubuntu-jabber.net",\
      "proxy65.unstable.nl", "proxy.verdammung.org", "proxy.vke.ru",\
      "proxy.vodka-pomme.net", "proxy.jabbernet.eu",\
      NULL }

/* These proxies appeared to be the same as proxy.jabbernet.eu
    "proxy.jabberchat.eu", "proxy.shady.nl", "proxy.nedbsd.be",\
    "proxy.nedbsd.eu", "proxy.nedbsd.nl", "proxy.4business.nl"\
*/

I can't say why those servers have to be hardcoded, but at least telepathy should not open unnecessary connections to those servers. I'd expect it to open those connections when needed.

Another user noticed this problem so far and reported it on the Openfire forums:
http://www.igniterealtime.org/community/thread/40410?tstart=0

Brian Curtis (bcurtiswx) wrote :

Thanks for your bug report and helping to make Ubuntu better. It would be best to report this bug to the developers of the software themselves. This can be done at https://bugs.freedesktop.org .

Changed in telepathy-gabble (Ubuntu):
importance: Undecided → Medium
status: New → Incomplete

*** Bug 25279 has been marked as a duplicate of this bug. ***

Hendrik T (hthole-gmx) wrote :

Thank you, I reported it under this link:
https://bugs.freedesktop.org/show_bug.cgi?id=25279

Brian Curtis (bcurtiswx) wrote :

Thanks for reporting the bug upstream. marking as triaged.

Changed in telepathy-gabble (Ubuntu):
status: Incomplete → Triaged
Hendrik T (hthole-gmx) wrote :

My bug report has been marked as duplicate of another bug report opened in April 2009:
https://bugs.freedesktop.org/show_bug.cgi?id=21151

http://git.collabora.co.uk/?p=user/cassidy/telepathy-gabble;a=shortlog;h=refs/heads/proxy

This branch fixes 2 things:

A) Remove all the hardcoded proxies and use proxy.telepathy.im instead (our future DNS round robin proxy).

B) Stop querying fallback proxies when connected. Instead query them when:
- requesting a FT channel
- requesting a 1-1 D-Bus tube channel
- receiving an incoming Stream tube channel
Proxy discovered on the connection (so provided by your server) are still queried right away.

There are still room for improvements:

C) gabble_bytestream_socks5_initiate should become async, so we'll be able to wait until we receive replies from server if we don't have any proxy yet.

D) the bytestream factory could query more than once the same server. That will give us a chance to get different proxies from the DNS round robin server.

I think we could consider merging this branch as it as that's already a big improvement comparing to the current situation.
Current code could lead to some "regressions" (if trying to send the SOCKS5 stanza before receiving the proxy replies) but in the worst case we should fallback to IBB (assuming the other side is running Gabble as well).

Furthemore, the SOCKS stanza is not sent before we receive the reply from the SI request from the other peer (involving a network round trip and user UI interactions) so that shouldn't be too bad.

http://git.collabora.co.uk/?p=user/cassidy/telepathy-gabble;a=commitdiff;h=2775d305c67fb

I'd prefer the style "fd.o#21151: Don't query SOCKS5 proxies when we are connected" in future. Otherwise, review+ from me.

Does it backport readily to 0.8? We need this on both branches.

review+ from me too, but two queries before we merge given that we obviously end up querying the same streamhost repeatedly:
1. What happens when this has happened >5 times? Do we discard the oldest 6th, or do we end up with an ever-growing list of streamhosts?
2. In the likely case our server has remained connected to the same proxy, do we remove duplicates from the answers, or do we possibly end up sending the same stream host 5 times in a S5B initiation?

(In reply to comment #5)
> http://git.collabora.co.uk/?p=user/cassidy/telepathy-gabble;a=commitdiff;h=2775d305c67fb
>
> I'd prefer the style "fd.o#21151: Don't query SOCKS5 proxies when we are
> connected" in future. Otherwise, review+ from me.

I rebased on top of the new master and fixed the commit msg.

> Does it backport readily to 0.8? We need this on both branches.

Didn't check yet but hopefully that should be fine.

 (In reply to comment #6)
> review+ from me too, but two queries before we merge given that we obviously
> end up querying the same streamhost repeatedly:
> 1. What happens when this has happened >5 times? Do we discard the oldest 6th,
> or do we end up with an ever-growing list of streamhosts?
> 2. In the likely case our server has remained connected to the same proxy, do
> we remove duplicates from the answers, or do we possibly end up sending the
> same stream host 5 times in a S5B initiation?

Actually, with current code, we'll query the proxy.telepathy.im only once (proxy is removed from the socks5_potential_proxies list once we went the query).

D) will fix that by improving the bytestream factory to work better with the DNS round robin server:
- don't remove proxy from the list once the query has been sent
- be sure to not add twice the same (jid, host, port) to our list of discovered proxies
- remove old proxies from the list after we disocevered $N newer proxies

(In reply to comment #7)
> D) will fix that by improving the bytestream factory to work better with the
> DNS round robin server:
> - don't remove proxy from the list once the query has been sent
> - be sure to not add twice the same (jid, host, port) to our list of discovered
> proxies
> - remove old proxies from the list after we disocevered $N newer proxies

I'd consider that a merge blocker then - otherwise we'll be very unreliable at dealing with servers coming and going from the proxy pool. Shouldn't be too hard to fix?

I merged the patches improving the general proxy mgt (only query when needed). Closing this bug as that was the main issue. I'll open other bugs about the improved we discussed.

Changed in telepathy-gabble (Ubuntu Karmic):
importance: Undecided → Medium
status: New → Fix Committed
Changed in telepathy-gabble (Ubuntu):
status: Triaged → Fix Committed

(In reply to comment #9)
> I merged the patches improving the general proxy mgt (only query when needed).

These patches have been merged to master and 0.8 btw.

Changed in telepathy-gabble:
status: Unknown → Fix Released

Accepted telepathy-gabble into karmic-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
Hendrik T (hthole-gmx) wrote :

Looks fine to me now.

Martin Pitt (pitti) on 2009-12-14
tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package telepathy-gabble - 0.8.7-1ubuntu1

---------------
telepathy-gabble (0.8.7-1ubuntu1) karmic-proposed; urgency=low

  * debian/patches/git_change_proxy_server_update.patch:
    - removes 2 servers from the proxy list and drastically reduce the number
       of queries sent, thank Guillaume Desmottes (lp: #488709, #487313)
 -- Sebastien Bacher <email address hidden> Thu, 26 Nov 2009 13:05:37 +0100

Changed in telepathy-gabble (Ubuntu Karmic):
status: Fix Committed → Fix Released
Martin Pitt (pitti) wrote :

copied karmic-proposed to lucid.

Changed in telepathy-gabble (Ubuntu):
status: Fix Committed → Fix Released
Changed in telepathy-gabble:
importance: Unknown → Wishlist
Changed in telepathy-gabble:
importance: Wishlist → Unknown
Changed in telepathy-gabble:
importance: Unknown → Wishlist
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.