Hacker News new | ask | show | jobs
by tvdw 3532 days ago
Hi. I wrote the post, happy to answer questions.

* yes, more modern versions of Go would likely mitigate some of the memory pain * yes, crypto/tls is fast now * no, crypto/tls still has insufficient functionality for implementing this. crypto/tls implicitly assumes you want to authenticate the channel through certificates, which Tor doesn't do * I was using go 1.4 * yes, I tried Rust
2 comments
wbl 3532 days ago
Did you consider a different concurrency strategy to avoid the deadlocks? With separate reader-writer threads you don't have the deadlock you mentioned.

Crypto/tls doesn't support renegotation, which Tor needs, but they are getting rid off.

link
tvdw 3532 days ago
There are separate reader/writer goroutines, I don't think splitting them up further would've helped much. The problem is that all connections may end up needing something from all other connections, and as soon as one of them slows down (slow network, etc) its channels start filling up, taking other connections with it :-)

This could've been mitigated by applying backpressure in a bunch of places, and is ultimately a problem of Tor and not Go, but the nature of Go makes it hard to build code to do that.

As for renegotiation: my work on the Go version of Tor had some nice side-effects, and indeed, renegotiation was finally removed :-) https://gitweb.torproject.org/tor.git/tree/ChangeLog?id=55c4...

link
hittaruki 3532 days ago
So you tried Rust. Then what happened? I am interested since I have been trying out rust myself.
link
tvdw 3532 days ago
Rust is awesome. It's likely a better fit than Go for applications like this, as it has more predictable performance[1], and more control over the scheduler (as you have to roll one yourself).

I attempted an implementation of Tor in Rust, but because I implemented it in Go a few weeks before that I got bored quickly. That said, some ideas I had for the Rust version have made it to Tor itself (or soon will), such as my ideas on transparently load-balancing Tor hidden services: https://gitweb.torproject.org/torspec.git/tree/proposals/255...

[1] note that in the land of Tor, unpredictable performance (for example because of GC pauses) could lead to user deanonymization.

link