Whitelisting staging config URL

src/github.com/getlantern/balancer/balancer.go

@@ -104,13 +104,13 @@ func (b *Balancer) Dial(network, addr string) (net.Conn, error) {
 		d := heap.Pop(&dialers).(*dialer)
 		heap.Push(&dialers, d)
 		b.mu.Unlock()
-		log.Debugf("Dialing %s://%s with %s", network, addr, d.Label)
+		log.Tracef("Dialing %s://%s with %s", network, addr, d.Label)
 		conn, err := d.dial(network, addr)
 		if err != nil {
 			log.Errorf("Unable to dial via %v to %s://%s: %v on pass %v...continuing", d.Label, network, addr, err, i)
 			continue
 		}
-		log.Debugf("Successfully dialed via %v to %v://%v on pass %v", d.Label, network, addr, i)
+		log.Tracef("Successfully dialed via %v to %v://%v on pass %v", d.Label, network, addr, i)
 		return conn, nil
 	}
 	return nil, fmt.Errorf("Still unable to dial %s://%s after %d attempts", network, addr, dialAttempts)

src/github.com/getlantern/flashlight/config/config.go

@@ -3,15 +3,13 @@ package config
 import (
 	"crypto/x509"
 	"fmt"
-	"net/url"
 	"os"
 	"path/filepath"
 	"regexp"
 	"sort"
 	"time"
 
 	"github.com/getlantern/appdir"
-	"github.com/getlantern/detour"
 	"github.com/getlantern/fronted"
 	"github.com/getlantern/golog"
 	"github.com/getlantern/keyman"
@@ -53,14 +51,6 @@ type Config struct {
 
 // StartPolling starts the process of polling for new configuration files.
 func StartPolling() {
-	// Force detour to whitelist chained domain
-	u, err := url.Parse(defaultChainedCloudConfigURL)
-	if err != nil {
-		log.Fatalf("Unable to parse chained cloud config URL: %v", err)
-	}
-	log.Debugf("Polling at %v", defaultChainedCloudConfigURL)
-	detour.ForceWhitelist(u.Host)
-
 	// No-op if already started.
 	m.StartPolling()
 }

src/github.com/getlantern/flashlight/config/fetcher.go

@@ -7,9 +7,11 @@ import (
 	"math/rand"
 	"net/http"
 	"net/http/httputil"
+	"net/url"
 	"strconv"
 	"time"
 
+	"github.com/getlantern/detour"
 	"github.com/getlantern/yamlconf"
 
 	"code.google.com/p/go-uuid/uuid"
@@ -85,6 +87,15 @@ func NewFetcher(conf UserConfig, rt http.RoundTripper, flags map[string]interfac
 		}
 	}
 
+	log.Debugf("Will poll for config at %v (%v)", chained, fronted)
+
+	// Force detour to whitelist chained domain
+	u, err := url.Parse(chained)
+	if err != nil {
+		log.Fatalf("Unable to parse chained cloud config URL: %v", err)
+	}
+	detour.ForceWhitelist(u.Host)
+
 	return &fetcher{
 		lastCloudConfigETag: map[string]string{},
 		user:                conf,

src/github.com/getlantern/fronted/direct.go

@@ -44,7 +44,7 @@ type direct struct {
 }
 
 func Configure(pool *x509.CertPool, masquerades map[string][]*Masquerade, cacheFile string) {
-	log.Debug("Configuring fronted")
+	log.Trace("Configuring fronted")
 	if masquerades == nil || len(masquerades) == 0 {
 		log.Errorf("No masquerades!!")
 		return
@@ -103,7 +103,7 @@ func (d *direct) loadCandidates(initial map[string][]*Masquerade) {
 }
 
 func (d *direct) vetInitial(numberToVet int) {
-	log.Debugf("Vetting %d initial candidates in parallel", numberToVet)
+	log.Tracef("Vetting %d initial candidates in parallel", numberToVet)
 	for i := 0; i < numberToVet; i++ {
 		go d.vetOne()
 	}
@@ -194,26 +194,26 @@ func (d *direct) dialWith(in chan *Masquerade, network string) (net.Conn, bool,
 			}
 		}
 
-		log.Debugf("Dialing to %v", m)
+		log.Tracef("Dialing to %v", m)
 
 		// We do the full TLS connection here because in practice the domains at a given IP
 		// address can change frequently on CDNs, so the certificate may not match what
 		// we expect.
 		if conn, err := d.dialServerWith(m); err != nil {
-			log.Debugf("Could not dial to %v, %v", m.IpAddress, err)
+			log.Tracef("Could not dial to %v, %v", m.IpAddress, err)
 			// Don't re-add this candidate if it's any certificate error, as that
 			// will just keep failing and will waste connections. We can't access the underlying
 			// error at this point so just look for "certificate" and "handshake".
 			if strings.Contains(err.Error(), "certificate") || strings.Contains(err.Error(), "handshake") {
-				log.Debugf("Not re-adding candidate that failed on error '%v'", err.Error())
+				log.Tracef("Not re-adding candidate that failed on error '%v'", err.Error())
 			} else {
-				log.Debugf("Unexpected error dialing, keeping masquerade: %v", err)
+				log.Tracef("Unexpected error dialing, keeping masquerade: %v", err)
 				retryLater = append(retryLater, m)
 			}
 		} else {
-			log.Debugf("Got successful connection to: %v", m)
+			log.Tracef("Got successful connection to: %v", m)
 			if err := d.headCheck(m); err != nil {
-				log.Debugf("Could not perform successful head request: %v", err)
+				log.Tracef("Could not perform successful head request: %v", err)
 			} else {
 				// Requeue the working connection to masquerades
 				d.masquerades <- m
@@ -226,14 +226,14 @@ func (d *direct) dialWith(in chan *Masquerade, network string) (net.Conn, bool,
 				}
 				idleTimeout := 70 * time.Second
 
-				log.Debug("Wrapping connecting in idletiming connection")
+				log.Trace("Wrapping connecting in idletiming connection")
 				conn = idletiming.Conn(conn, idleTimeout, func() {
-					log.Debugf("Connection to %v idle for %v, closing", conn.RemoteAddr(), idleTimeout)
+					log.Tracef("Connection to %v idle for %v, closing", conn.RemoteAddr(), idleTimeout)
 					if err := conn.Close(); err != nil {
-						log.Debugf("Unable to close connection: %v", err)
+						log.Tracef("Unable to close connection: %v", err)
 					}
 				})
-				log.Debug("Returning connection")
+				log.Trace("Returning connection")
 				return conn, true, nil
 			}
 		}
@@ -305,7 +305,7 @@ func (d *direct) headCheck(m *Masquerade) error {
 	if 200 != resp.StatusCode {
 		return fmt.Errorf("Unexpected response status: %v, %v", resp.StatusCode, resp.Status)
 	}
-	log.Debugf("Successfully passed HEAD request through: %v", m)
+	log.Tracef("Successfully passed HEAD request through: %v", m)
 	return nil
 }