2022-01-10 18:43:13 +01:00
|
|
|
package peer
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2024-06-25 15:13:08 +02:00
|
|
|
"math/rand"
|
2022-01-10 18:43:13 +01:00
|
|
|
"net"
|
2024-06-26 15:25:32 +02:00
|
|
|
"os"
|
2023-12-18 11:46:58 +01:00
|
|
|
"runtime"
|
2022-06-04 20:15:41 +02:00
|
|
|
"strings"
|
2022-01-10 18:43:13 +01:00
|
|
|
"sync"
|
|
|
|
"time"
|
2022-02-16 20:00:21 +01:00
|
|
|
|
2024-07-11 14:37:22 +02:00
|
|
|
"github.com/cenkalti/backoff/v4"
|
2023-12-20 23:02:42 +01:00
|
|
|
"github.com/pion/ice/v3"
|
2022-02-16 20:00:21 +01:00
|
|
|
log "github.com/sirupsen/logrus"
|
2023-07-26 14:00:47 +02:00
|
|
|
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
2023-03-03 19:49:18 +01:00
|
|
|
|
2023-03-24 08:40:39 +01:00
|
|
|
"github.com/netbirdio/netbird/client/internal/stdnet"
|
2023-07-26 14:00:47 +02:00
|
|
|
"github.com/netbirdio/netbird/client/internal/wgproxy"
|
2023-03-03 19:49:18 +01:00
|
|
|
"github.com/netbirdio/netbird/iface"
|
2024-06-14 14:40:31 +02:00
|
|
|
relayClient "github.com/netbirdio/netbird/relay/client"
|
2024-06-03 17:31:37 +02:00
|
|
|
"github.com/netbirdio/netbird/route"
|
2024-04-08 18:56:52 +02:00
|
|
|
nbnet "github.com/netbirdio/netbird/util/net"
|
2022-01-10 18:43:13 +01:00
|
|
|
)
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
type ConnPriority int
|
2023-07-26 14:00:47 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
const (
|
2023-07-26 14:00:47 +02:00
|
|
|
defaultWgKeepAlive = 25 * time.Second
|
2024-06-17 17:52:22 +02:00
|
|
|
|
|
|
|
connPriorityRelay ConnPriority = 1
|
2024-06-25 15:13:08 +02:00
|
|
|
connPriorityICETurn ConnPriority = 1
|
|
|
|
connPriorityICEP2P ConnPriority = 2
|
2023-04-28 16:26:54 +02:00
|
|
|
)
|
|
|
|
|
2023-07-26 14:00:47 +02:00
|
|
|
type WgConfig struct {
|
|
|
|
WgListenPort int
|
|
|
|
RemoteKey string
|
2024-07-08 16:12:08 +02:00
|
|
|
WgInterface iface.IWGIface
|
2023-07-26 14:00:47 +02:00
|
|
|
AllowedIps string
|
|
|
|
PreSharedKey *wgtypes.Key
|
|
|
|
}
|
|
|
|
|
2022-01-10 18:43:13 +01:00
|
|
|
// ConnConfig is a peer Connection configuration
|
|
|
|
type ConnConfig struct {
|
|
|
|
// Key is a public key of a remote peer
|
|
|
|
Key string
|
|
|
|
// LocalKey is a public key of a local peer
|
|
|
|
LocalKey string
|
|
|
|
|
|
|
|
Timeout time.Duration
|
|
|
|
|
2023-07-26 14:00:47 +02:00
|
|
|
WgConfig WgConfig
|
2022-02-16 20:00:21 +01:00
|
|
|
|
2022-09-02 19:33:35 +02:00
|
|
|
LocalWgPort int
|
2022-11-23 08:42:12 +01:00
|
|
|
|
2024-01-08 12:25:35 +01:00
|
|
|
// RosenpassPubKey is this peer's Rosenpass public key
|
|
|
|
RosenpassPubKey []byte
|
|
|
|
// RosenpassPubKey is this peer's RosenpassAddr server address (IP:port)
|
|
|
|
RosenpassAddr string
|
2022-09-02 19:33:35 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
// ICEConfig ICE protocol configuration
|
|
|
|
ICEConfig ICEConfig
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
|
|
|
|
2024-06-19 11:52:40 +02:00
|
|
|
type WorkerCallbacks struct {
|
|
|
|
OnRelayReadyCallback func(info RelayConnInfo)
|
|
|
|
OnRelayStatusChanged func(ConnStatus)
|
|
|
|
|
|
|
|
OnICEConnReadyCallback func(ConnPriority, ICEConnInfo)
|
|
|
|
OnICEStatusChanged func(ConnStatus)
|
|
|
|
}
|
|
|
|
|
2022-01-10 18:43:13 +01:00
|
|
|
type Conn struct {
|
2024-06-17 17:52:22 +02:00
|
|
|
log *log.Entry
|
|
|
|
mu sync.Mutex
|
|
|
|
ctx context.Context
|
|
|
|
ctxCancel context.CancelFunc
|
|
|
|
config ConnConfig
|
2023-03-03 19:49:18 +01:00
|
|
|
statusRecorder *Status
|
2023-07-26 14:00:47 +02:00
|
|
|
wgProxyFactory *wgproxy.Factory
|
2024-06-20 18:17:30 +02:00
|
|
|
wgProxyICE wgproxy.Proxy
|
|
|
|
wgProxyRelay wgproxy.Proxy
|
2024-06-17 18:02:52 +02:00
|
|
|
signaler *Signaler
|
2024-06-25 15:13:08 +02:00
|
|
|
relayManager *relayClient.Manager
|
2024-06-17 17:52:22 +02:00
|
|
|
allowedIPsIP string
|
|
|
|
handshaker *Handshaker
|
|
|
|
|
|
|
|
onConnected func(remoteWireGuardKey string, remoteRosenpassPubKey []byte, wireGuardIP string, remoteRosenpassAddr string)
|
|
|
|
onDisconnected func(remotePeer string, wgIP string)
|
2023-07-26 14:00:47 +02:00
|
|
|
|
2024-06-21 19:13:41 +02:00
|
|
|
statusRelay ConnStatus
|
|
|
|
statusICE ConnStatus
|
|
|
|
currentConnType ConnPriority
|
2024-07-08 16:12:08 +02:00
|
|
|
opened bool // this flag is used to prevent close in case of not opened connection
|
2024-06-17 17:52:22 +02:00
|
|
|
|
2024-06-18 11:22:40 +02:00
|
|
|
workerICE *WorkerICE
|
|
|
|
workerRelay *WorkerRelay
|
2024-03-20 11:18:34 +01:00
|
|
|
|
2024-04-08 18:56:52 +02:00
|
|
|
connID nbnet.ConnectionID
|
2024-06-17 09:47:17 +02:00
|
|
|
beforeAddPeerHooks []nbnet.AddHookFunc
|
|
|
|
afterRemovePeerHooks []nbnet.RemoveHookFunc
|
2023-03-16 16:46:17 +01:00
|
|
|
|
2024-06-20 18:17:30 +02:00
|
|
|
endpointRelay *net.UDPAddr
|
2024-06-25 15:13:08 +02:00
|
|
|
|
2024-07-11 14:37:22 +02:00
|
|
|
// for reconnection operations
|
|
|
|
iCEDisconnected chan bool
|
|
|
|
relayDisconnected chan bool
|
2022-07-21 22:07:38 +02:00
|
|
|
}
|
|
|
|
|
2022-01-10 18:43:13 +01:00
|
|
|
// NewConn creates a new not opened Conn to the remote peer.
|
|
|
|
// To establish a connection run Conn.Open
|
2024-06-17 18:02:52 +02:00
|
|
|
func NewConn(engineCtx context.Context, config ConnConfig, statusRecorder *Status, wgProxyFactory *wgproxy.Factory, signaler *Signaler, iFaceDiscover stdnet.ExternalIFaceDiscover, relayManager *relayClient.Manager) (*Conn, error) {
|
2024-06-17 17:52:22 +02:00
|
|
|
_, allowedIPsIP, err := net.ParseCIDR(config.WgConfig.AllowedIps)
|
|
|
|
if err != nil {
|
|
|
|
log.Errorf("failed to parse allowedIPS: %v", err)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
ctx, ctxCancel := context.WithCancel(engineCtx)
|
2024-06-19 17:40:16 +02:00
|
|
|
connLog := log.WithField("peer", config.Key)
|
2024-06-17 17:52:22 +02:00
|
|
|
|
|
|
|
var conn = &Conn{
|
2024-06-25 15:13:08 +02:00
|
|
|
log: connLog,
|
|
|
|
ctx: ctx,
|
|
|
|
ctxCancel: ctxCancel,
|
|
|
|
config: config,
|
|
|
|
statusRecorder: statusRecorder,
|
|
|
|
wgProxyFactory: wgProxyFactory,
|
|
|
|
signaler: signaler,
|
|
|
|
relayManager: relayManager,
|
|
|
|
allowedIPsIP: allowedIPsIP.String(),
|
|
|
|
statusRelay: StatusDisconnected,
|
|
|
|
statusICE: StatusDisconnected,
|
2024-07-11 14:37:22 +02:00
|
|
|
iCEDisconnected: make(chan bool, 1),
|
|
|
|
relayDisconnected: make(chan bool, 1),
|
2024-06-17 17:52:22 +02:00
|
|
|
}
|
2024-06-19 11:52:40 +02:00
|
|
|
|
|
|
|
rFns := WorkerRelayCallbacks{
|
2024-06-25 15:13:08 +02:00
|
|
|
OnConnReady: conn.relayConnectionIsReady,
|
|
|
|
OnDisconnected: conn.onWorkerRelayStateDisconnected,
|
2024-06-19 11:52:40 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
wFns := WorkerICECallbacks{
|
|
|
|
OnConnReady: conn.iCEConnectionIsReady,
|
2024-06-25 15:13:08 +02:00
|
|
|
OnStatusChanged: conn.onWorkerICEStateDisconnected,
|
2024-06-19 11:52:40 +02:00
|
|
|
}
|
|
|
|
|
2024-06-21 15:35:15 +02:00
|
|
|
conn.workerRelay = NewWorkerRelay(ctx, connLog, config, relayManager, rFns)
|
2024-06-25 15:13:08 +02:00
|
|
|
|
|
|
|
relayIsSupportedLocally := conn.workerRelay.RelayIsSupportedLocally()
|
|
|
|
conn.workerICE, err = NewWorkerICE(ctx, connLog, config, config.ICEConfig, signaler, iFaceDiscover, statusRecorder, relayIsSupportedLocally, wFns)
|
2024-06-21 12:35:28 +02:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2024-06-21 15:35:15 +02:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
conn.handshaker = NewHandshaker(ctx, connLog, config, signaler, conn.workerICE, conn.workerRelay)
|
|
|
|
|
2024-06-21 15:35:15 +02:00
|
|
|
conn.handshaker.AddOnNewOfferListener(conn.workerRelay.OnNewOffer)
|
2024-06-26 15:25:32 +02:00
|
|
|
if os.Getenv("NB_FORCE_RELAY") != "true" {
|
|
|
|
conn.handshaker.AddOnNewOfferListener(conn.workerICE.OnNewOffer)
|
|
|
|
}
|
2024-06-21 15:35:15 +02:00
|
|
|
|
|
|
|
go conn.handshaker.Listen()
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
return conn, nil
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
// Open opens connection to the remote peer
|
|
|
|
// It will try to establish a connection using ICE and in parallel with relay. The higher priority connection type will
|
|
|
|
// be used.
|
|
|
|
func (conn *Conn) Open() {
|
2024-06-19 17:40:16 +02:00
|
|
|
conn.log.Debugf("open connection to peer")
|
2024-07-08 16:12:08 +02:00
|
|
|
conn.mu.Lock()
|
|
|
|
defer conn.mu.Unlock()
|
|
|
|
conn.opened = true
|
2024-06-14 14:40:31 +02:00
|
|
|
|
|
|
|
peerState := State{
|
|
|
|
PubKey: conn.config.Key,
|
|
|
|
IP: strings.Split(conn.config.WgConfig.AllowedIps, "/")[0],
|
|
|
|
ConnStatusUpdate: time.Now(),
|
2024-06-17 17:52:22 +02:00
|
|
|
ConnStatus: StatusDisconnected,
|
2024-06-14 14:40:31 +02:00
|
|
|
Mux: new(sync.RWMutex),
|
|
|
|
}
|
|
|
|
err := conn.statusRecorder.UpdatePeerState(peerState)
|
|
|
|
if err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Warnf("error while updating the state err: %v", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
|
2024-07-11 14:37:22 +02:00
|
|
|
conn.waitInitialRandomSleepTime()
|
2024-06-25 15:13:08 +02:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
err = conn.handshaker.sendOffer()
|
2024-06-25 15:13:08 +02:00
|
|
|
if err != nil {
|
|
|
|
conn.log.Errorf("failed to send offer: %v", err)
|
|
|
|
}
|
|
|
|
|
2024-07-11 14:37:22 +02:00
|
|
|
if conn.workerRelay.IsController() {
|
|
|
|
go conn.reconnectLoopWithRetry()
|
|
|
|
} else {
|
|
|
|
go conn.reconnectLoopForOnDisconnectedEvent()
|
|
|
|
}
|
2024-06-17 17:52:22 +02:00
|
|
|
}
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
// Close closes this peer Conn issuing a close event to the Conn closeCh
|
|
|
|
func (conn *Conn) Close() {
|
|
|
|
conn.mu.Lock()
|
2024-06-18 11:27:18 +02:00
|
|
|
defer conn.mu.Unlock()
|
2024-06-25 15:13:08 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.ctxCancel()
|
|
|
|
|
2024-07-08 16:12:08 +02:00
|
|
|
if !conn.opened {
|
|
|
|
log.Infof("IGNORE close connection to peer")
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-06-20 18:17:30 +02:00
|
|
|
if conn.wgProxyRelay != nil {
|
|
|
|
err := conn.wgProxyRelay.CloseConn()
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Errorf("failed to close wg proxy for relay: %v", err)
|
|
|
|
}
|
|
|
|
conn.wgProxyRelay = nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if conn.wgProxyICE != nil {
|
|
|
|
err := conn.wgProxyICE.CloseConn()
|
2024-06-17 17:52:22 +02:00
|
|
|
if err != nil {
|
2024-06-20 18:17:30 +02:00
|
|
|
conn.log.Errorf("failed to close wg proxy for ice: %v", err)
|
2024-06-17 17:52:22 +02:00
|
|
|
}
|
2024-06-20 18:17:30 +02:00
|
|
|
conn.wgProxyICE = nil
|
2024-06-17 17:52:22 +02:00
|
|
|
}
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
err := conn.config.WgConfig.WgInterface.RemovePeer(conn.config.WgConfig.RemoteKey)
|
2024-06-14 14:40:31 +02:00
|
|
|
if err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Errorf("failed to remove wg endpoint: %v", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
if conn.connID != "" {
|
|
|
|
for _, hook := range conn.afterRemovePeerHooks {
|
|
|
|
if err := hook(conn.connID); err != nil {
|
|
|
|
conn.log.Errorf("After remove peer hook failed: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
conn.connID = ""
|
|
|
|
}
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-18 17:40:37 +02:00
|
|
|
if conn.evalStatus() == StatusConnected && conn.onDisconnected != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.onDisconnected(conn.config.WgConfig.RemoteKey, conn.config.WgConfig.AllowedIps)
|
|
|
|
}
|
|
|
|
|
2024-06-18 17:40:37 +02:00
|
|
|
conn.statusRelay = StatusDisconnected
|
|
|
|
conn.statusICE = StatusDisconnected
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
peerState := State{
|
2024-06-14 14:40:31 +02:00
|
|
|
PubKey: conn.config.Key,
|
2024-06-18 17:40:37 +02:00
|
|
|
ConnStatus: StatusDisconnected,
|
2024-06-14 14:40:31 +02:00
|
|
|
ConnStatusUpdate: time.Now(),
|
|
|
|
Mux: new(sync.RWMutex),
|
|
|
|
}
|
|
|
|
err = conn.statusRecorder.UpdatePeerState(peerState)
|
|
|
|
if err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
// pretty common error because by that time Engine can already remove the peer and status won't be available.
|
|
|
|
// todo rethink status updates
|
|
|
|
conn.log.Debugf("error while updating peer's state, err: %v", err)
|
|
|
|
}
|
|
|
|
if err := conn.statusRecorder.UpdateWireGuardPeerState(conn.config.Key, iface.WGStats{}); err != nil {
|
|
|
|
conn.log.Debugf("failed to reset wireguard stats for peer: %s", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
2024-06-17 17:52:22 +02:00
|
|
|
}
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
// OnRemoteAnswer handles an offer from the remote peer and returns true if the message was accepted, false otherwise
|
|
|
|
// doesn't block, discards the message if connection wasn't ready
|
|
|
|
func (conn *Conn) OnRemoteAnswer(answer OfferAnswer) bool {
|
2024-06-18 17:40:37 +02:00
|
|
|
conn.log.Debugf("OnRemoteAnswer, status ICE: %s, status relay: %s", conn.statusICE, conn.statusRelay)
|
2024-06-17 17:52:22 +02:00
|
|
|
return conn.handshaker.OnRemoteAnswer(answer)
|
|
|
|
}
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
// OnRemoteCandidate Handles ICE connection Candidate provided by the remote peer.
|
|
|
|
func (conn *Conn) OnRemoteCandidate(candidate ice.Candidate, haRoutes route.HAMap) {
|
2024-06-18 11:22:40 +02:00
|
|
|
conn.workerICE.OnRemoteCandidate(candidate, haRoutes)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
|
2024-07-08 15:05:29 +02:00
|
|
|
func (conn *Conn) AddBeforeAddPeerHook(hook nbnet.AddHookFunc) {
|
2024-06-14 14:40:31 +02:00
|
|
|
conn.beforeAddPeerHooks = append(conn.beforeAddPeerHooks, hook)
|
|
|
|
}
|
2024-07-08 15:05:29 +02:00
|
|
|
func (conn *Conn) AddAfterRemovePeerHook(hook nbnet.RemoveHookFunc) {
|
2024-06-14 14:40:31 +02:00
|
|
|
conn.afterRemovePeerHooks = append(conn.afterRemovePeerHooks, hook)
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetOnConnected sets a handler function to be triggered by Conn when a new connection to a remote peer established
|
|
|
|
func (conn *Conn) SetOnConnected(handler func(remoteWireGuardKey string, remoteRosenpassPubKey []byte, wireGuardIP string, remoteRosenpassAddr string)) {
|
|
|
|
conn.onConnected = handler
|
|
|
|
}
|
|
|
|
|
|
|
|
// SetOnDisconnected sets a handler function to be triggered by Conn when a connection to a remote disconnected
|
|
|
|
func (conn *Conn) SetOnDisconnected(handler func(remotePeer string, wgIP string)) {
|
|
|
|
conn.onDisconnected = handler
|
|
|
|
}
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
func (conn *Conn) OnRemoteOffer(offer OfferAnswer) bool {
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.log.Debugf("OnRemoteOffer, on status ICE: %s, status Relay: %s", conn.statusICE, conn.statusRelay)
|
2024-06-17 17:52:22 +02:00
|
|
|
return conn.handshaker.OnRemoteOffer(offer)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
// WgConfig returns the WireGuard config
|
|
|
|
func (conn *Conn) WgConfig() WgConfig {
|
|
|
|
return conn.config.WgConfig
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Status returns current status of the Conn
|
|
|
|
func (conn *Conn) Status() ConnStatus {
|
|
|
|
conn.mu.Lock()
|
|
|
|
defer conn.mu.Unlock()
|
2024-06-18 17:40:37 +02:00
|
|
|
return conn.evalStatus()
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func (conn *Conn) GetKey() string {
|
|
|
|
return conn.config.Key
|
|
|
|
}
|
|
|
|
|
2024-07-11 14:37:22 +02:00
|
|
|
func (conn *Conn) reconnectLoopWithRetry() {
|
2024-07-11 15:37:34 +02:00
|
|
|
// give chance to the peer to establish the initial connection
|
2024-07-11 14:37:22 +02:00
|
|
|
select {
|
|
|
|
case <-conn.ctx.Done():
|
|
|
|
case <-time.After(3 * time.Second):
|
2024-06-25 15:13:08 +02:00
|
|
|
}
|
|
|
|
|
2024-07-18 14:21:32 +02:00
|
|
|
L:
|
2024-06-25 15:13:08 +02:00
|
|
|
for {
|
2024-07-16 11:02:32 +02:00
|
|
|
bo := backoff.WithContext(&backoff.ExponentialBackOff{
|
|
|
|
InitialInterval: 800 * time.Millisecond,
|
2024-07-17 16:26:41 +02:00
|
|
|
RandomizationFactor: 1,
|
2024-07-16 11:02:32 +02:00
|
|
|
Multiplier: 1.99,
|
|
|
|
MaxInterval: conn.config.Timeout * time.Second,
|
|
|
|
MaxElapsedTime: 0,
|
|
|
|
Stop: backoff.Stop,
|
|
|
|
Clock: backoff.SystemClock,
|
|
|
|
}, conn.ctx)
|
|
|
|
|
|
|
|
ticker := backoff.NewTicker(bo)
|
|
|
|
defer ticker.Stop()
|
|
|
|
|
|
|
|
<-ticker.C // consume the initial tick what is happening right after the ticker has been created
|
|
|
|
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case t := <-ticker.C:
|
|
|
|
if t.IsZero() {
|
|
|
|
// in case if the ticker has been canceled by context then avoid the temporary loop
|
|
|
|
return
|
|
|
|
}
|
|
|
|
// checks if there is peer connection is established via relay or ice and that it has a wireguard handshake and skip offer
|
|
|
|
// todo check wg handshake
|
2024-07-18 13:11:27 +02:00
|
|
|
conn.log.Tracef("ticker timedout, relay state: %s, ice state: %s", conn.statusRelay, conn.statusICE)
|
2024-07-16 11:02:32 +02:00
|
|
|
|
|
|
|
if conn.statusRelay == StatusConnected && conn.statusICE == StatusConnected {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
conn.log.Debugf("ticker timed out, retry to do handshake")
|
|
|
|
err := conn.handshaker.sendOffer()
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Errorf("failed to do handshake: %v", err)
|
|
|
|
}
|
|
|
|
case changed := <-conn.relayDisconnected:
|
|
|
|
if !changed {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
conn.log.Debugf("Relay state changed, reset reconnect timer")
|
|
|
|
ticker.Stop()
|
|
|
|
break L
|
|
|
|
case changed := <-conn.iCEDisconnected:
|
|
|
|
if !changed {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
conn.log.Debugf("ICE state changed, reset reconnect timer")
|
|
|
|
ticker.Stop()
|
|
|
|
break L
|
|
|
|
case <-conn.ctx.Done():
|
2024-07-11 15:46:07 +02:00
|
|
|
return
|
|
|
|
}
|
2024-07-11 14:37:22 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-07-11 15:37:07 +02:00
|
|
|
// reconnectLoopForOnDisconnectedEvent is used when the peer is not a controller and it should reconnect to the peer
|
|
|
|
// when the connection is lost. It will try to establish a connection only once time if before the connection was established
|
|
|
|
// It track separately the ice and relay connection status. Just because a lover priority connection reestablished it does not
|
|
|
|
// mean that to switch to it. We always force to use the higher priority connection.
|
2024-07-11 14:37:22 +02:00
|
|
|
func (conn *Conn) reconnectLoopForOnDisconnectedEvent() {
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case changed := <-conn.relayDisconnected:
|
|
|
|
if !changed {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
conn.log.Debugf("Relay state changed, try to send new offer")
|
|
|
|
case changed := <-conn.iCEDisconnected:
|
|
|
|
if !changed {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
conn.log.Debugf("ICE state changed, try to send new offer")
|
2024-06-25 15:13:08 +02:00
|
|
|
case <-conn.ctx.Done():
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
err := conn.handshaker.SendOffer()
|
2024-06-25 15:13:08 +02:00
|
|
|
if err != nil {
|
|
|
|
conn.log.Errorf("failed to do handshake: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// configureConnection starts proxying traffic from/to local Wireguard and sets connection status to StatusConnected
|
|
|
|
func (conn *Conn) iCEConnectionIsReady(priority ConnPriority, iceConnInfo ICEConnInfo) {
|
2024-06-18 17:40:37 +02:00
|
|
|
conn.mu.Lock()
|
|
|
|
defer conn.mu.Unlock()
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
if conn.ctx.Err() != nil {
|
2024-06-18 17:40:37 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.log.Debugf("ICE connection is ready")
|
|
|
|
|
|
|
|
conn.statusICE = StatusConnected
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
defer conn.updateIceState(iceConnInfo)
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
if conn.currentConnType > priority {
|
2024-06-18 17:40:37 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
if conn.currentConnType != 0 {
|
|
|
|
conn.log.Infof("update connection to ICE type")
|
|
|
|
} else {
|
|
|
|
conn.log.Infof("set ICE to active connection")
|
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
endpoint net.Addr
|
|
|
|
wgProxy wgproxy.Proxy
|
|
|
|
)
|
|
|
|
if iceConnInfo.RelayedOnLocal {
|
|
|
|
conn.log.Debugf("setup ice turn connection")
|
|
|
|
wgProxy = conn.wgProxyFactory.GetProxy(conn.ctx)
|
2024-07-10 16:51:38 +02:00
|
|
|
ep, err := wgProxy.AddTurnConn(iceConnInfo.RemoteConn)
|
2024-06-20 18:17:30 +02:00
|
|
|
if err != nil {
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.log.Errorf("failed to add turn net.Conn to local proxy: %v", err)
|
2024-07-10 16:51:38 +02:00
|
|
|
err = wgProxy.CloseConn()
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Warnf("failed to close turn proxy connection: %v", err)
|
|
|
|
}
|
2024-06-25 15:13:08 +02:00
|
|
|
return
|
2024-06-20 18:17:30 +02:00
|
|
|
}
|
2024-06-25 15:13:08 +02:00
|
|
|
endpoint = ep
|
|
|
|
} else {
|
|
|
|
endpoint = iceConnInfo.RemoteConn.RemoteAddr()
|
|
|
|
}
|
|
|
|
|
|
|
|
endpointUdpAddr, _ := net.ResolveUDPAddr(endpoint.Network(), endpoint.String())
|
|
|
|
conn.log.Debugf("Conn resolved IP is %s for endopint %s", endpoint, endpointUdpAddr.IP)
|
|
|
|
|
|
|
|
conn.connID = nbnet.GenerateConnID()
|
|
|
|
for _, hook := range conn.beforeAddPeerHooks {
|
|
|
|
if err := hook(conn.connID, endpointUdpAddr.IP); err != nil {
|
|
|
|
conn.log.Errorf("Before add peer hook failed: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
err := conn.config.WgConfig.WgInterface.UpdatePeer(conn.config.WgConfig.RemoteKey, conn.config.WgConfig.AllowedIps, defaultWgKeepAlive, endpointUdpAddr, conn.config.WgConfig.PreSharedKey)
|
|
|
|
if err != nil {
|
|
|
|
if wgProxy != nil {
|
|
|
|
if err := wgProxy.CloseConn(); err != nil {
|
|
|
|
conn.log.Warnf("Failed to close turn connection: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
conn.log.Warnf("Failed to update wg peer configuration: %v", err)
|
2024-06-20 18:17:30 +02:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
if conn.wgProxyICE != nil {
|
|
|
|
if err := conn.wgProxyICE.CloseConn(); err != nil {
|
|
|
|
conn.log.Warnf("failed to close depracated wg proxy conn: %v", err)
|
2024-06-18 17:40:37 +02:00
|
|
|
}
|
|
|
|
}
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.wgProxyICE = wgProxy
|
|
|
|
|
|
|
|
conn.currentConnType = priority
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
conn.doOnConnected(iceConnInfo.RosenpassPubKey, iceConnInfo.RosenpassAddr)
|
2024-06-18 17:40:37 +02:00
|
|
|
}
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
// todo review to make sense to handle connection and disconnected status also?
|
|
|
|
func (conn *Conn) onWorkerICEStateDisconnected(newState ConnStatus) {
|
2024-06-18 17:40:37 +02:00
|
|
|
conn.mu.Lock()
|
|
|
|
defer conn.mu.Unlock()
|
2024-06-25 15:13:08 +02:00
|
|
|
|
|
|
|
conn.log.Tracef("ICE connection state changed to %s", newState)
|
2024-06-18 17:40:37 +02:00
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
// switch back to relay connection
|
|
|
|
if conn.endpointRelay != nil {
|
|
|
|
conn.log.Debugf("ICE disconnected, set Relay to active connection")
|
|
|
|
err := conn.configureWGEndpoint(conn.endpointRelay)
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Errorf("failed to switch to relay conn: %v", err)
|
|
|
|
}
|
|
|
|
}
|
2024-06-20 18:17:30 +02:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
changed := conn.statusICE != newState && newState != StatusConnecting
|
|
|
|
conn.statusICE = newState
|
|
|
|
|
|
|
|
select {
|
|
|
|
case conn.iCEDisconnected <- changed:
|
|
|
|
default:
|
2024-06-18 17:40:37 +02:00
|
|
|
}
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
peerState := State{
|
|
|
|
PubKey: conn.config.Key,
|
|
|
|
ConnStatus: conn.evalStatus(),
|
2024-07-17 16:26:41 +02:00
|
|
|
Relayed: conn.isRelayed(),
|
2024-07-16 11:02:32 +02:00
|
|
|
ConnStatusUpdate: time.Now(),
|
2024-06-18 17:40:37 +02:00
|
|
|
}
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
err := conn.statusRecorder.UpdatePeerICEStateToDisconnected(peerState)
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Warnf("unable to save peer's state, got error: %v", err)
|
2024-06-18 17:40:37 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
func (conn *Conn) relayConnectionIsReady(rci RelayConnInfo) {
|
2022-01-10 18:43:13 +01:00
|
|
|
conn.mu.Lock()
|
|
|
|
defer conn.mu.Unlock()
|
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
if conn.ctx.Err() != nil {
|
|
|
|
return
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.log.Debugf("Relay connection is ready to use")
|
|
|
|
conn.statusRelay = StatusConnected
|
2024-06-19 17:40:16 +02:00
|
|
|
|
2024-06-17 17:52:22 +02:00
|
|
|
wgProxy := conn.wgProxyFactory.GetProxy(conn.ctx)
|
|
|
|
endpoint, err := wgProxy.AddTurnConn(rci.relayedConn)
|
2022-07-02 12:02:17 +02:00
|
|
|
if err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Errorf("failed to add relayed net.Conn to local proxy: %v", err)
|
|
|
|
return
|
2022-07-02 12:02:17 +02:00
|
|
|
}
|
|
|
|
|
2024-06-14 14:40:31 +02:00
|
|
|
endpointUdpAddr, _ := net.ResolveUDPAddr(endpoint.Network(), endpoint.String())
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.endpointRelay = endpointUdpAddr
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Debugf("conn resolved IP for %s: %s", endpoint, endpointUdpAddr.IP)
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
defer conn.updateRelayStatus(rci.relayedConn.RemoteAddr().String(), rci.rosenpassPubKey)
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
if conn.currentConnType > connPriorityRelay {
|
|
|
|
if conn.statusICE == StatusConnected {
|
|
|
|
log.Debugf("do not switch to relay because current priority is: %v", conn.currentConnType)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-06-14 14:40:31 +02:00
|
|
|
conn.connID = nbnet.GenerateConnID()
|
|
|
|
for _, hook := range conn.beforeAddPeerHooks {
|
|
|
|
if err := hook(conn.connID, endpointUdpAddr.IP); err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Errorf("Before add peer hook failed: %v", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
2024-06-14 14:40:31 +02:00
|
|
|
|
2024-06-20 18:17:30 +02:00
|
|
|
err = conn.configureWGEndpoint(endpointUdpAddr)
|
2022-01-10 18:43:13 +01:00
|
|
|
if err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
if err := wgProxy.CloseConn(); err != nil {
|
|
|
|
conn.log.Warnf("Failed to close relay connection: %v", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Errorf("Failed to update wg peer configuration: %v", err)
|
|
|
|
return
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
|
|
|
|
2024-06-20 18:17:30 +02:00
|
|
|
if conn.wgProxyRelay != nil {
|
|
|
|
if err := conn.wgProxyRelay.CloseConn(); err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Warnf("failed to close depracated wg proxy conn: %v", err)
|
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
2024-06-20 18:17:30 +02:00
|
|
|
conn.wgProxyRelay = wgProxy
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.currentConnType = connPriorityRelay
|
2023-04-13 17:00:01 +02:00
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
conn.log.Infof("start to communicate with peer via relay")
|
2024-07-16 11:02:32 +02:00
|
|
|
conn.doOnConnected(rci.rosenpassPubKey, rci.rosenpassAddr)
|
2024-04-08 18:56:52 +02:00
|
|
|
}
|
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
func (conn *Conn) onWorkerRelayStateDisconnected() {
|
2022-01-10 18:43:13 +01:00
|
|
|
conn.mu.Lock()
|
|
|
|
defer conn.mu.Unlock()
|
2024-04-03 11:11:46 +02:00
|
|
|
|
2024-06-25 15:13:08 +02:00
|
|
|
if conn.wgProxyRelay != nil {
|
|
|
|
conn.endpointRelay = nil
|
|
|
|
_ = conn.wgProxyRelay.CloseConn()
|
|
|
|
conn.wgProxyRelay = nil
|
2024-04-08 18:56:52 +02:00
|
|
|
}
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
changed := conn.statusRelay != StatusDisconnected
|
|
|
|
conn.statusRelay = StatusDisconnected
|
|
|
|
|
|
|
|
select {
|
|
|
|
case conn.relayDisconnected <- changed:
|
|
|
|
default:
|
2023-05-03 14:47:44 +02:00
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
peerState := State{
|
|
|
|
PubKey: conn.config.Key,
|
|
|
|
ConnStatus: conn.evalStatus(),
|
2024-07-17 16:26:41 +02:00
|
|
|
Relayed: conn.isRelayed(),
|
2024-07-16 11:02:32 +02:00
|
|
|
ConnStatusUpdate: time.Now(),
|
2024-04-08 18:56:52 +02:00
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
err := conn.statusRecorder.UpdatePeerRelayedStateToDisconnected(peerState)
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Warnf("unable to save peer's state, got error: %v", err)
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-06-20 18:17:30 +02:00
|
|
|
func (conn *Conn) configureWGEndpoint(addr *net.UDPAddr) error {
|
|
|
|
return conn.config.WgConfig.WgInterface.UpdatePeer(
|
|
|
|
conn.config.WgConfig.RemoteKey,
|
|
|
|
conn.config.WgConfig.AllowedIps,
|
|
|
|
defaultWgKeepAlive,
|
|
|
|
addr,
|
|
|
|
conn.config.WgConfig.PreSharedKey,
|
|
|
|
)
|
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
func (conn *Conn) updateRelayStatus(relayServerAddr string, rosenpassPubKey []byte) {
|
|
|
|
peerState := State{
|
|
|
|
PubKey: conn.config.Key,
|
|
|
|
ConnStatusUpdate: time.Now(),
|
2024-07-17 16:26:41 +02:00
|
|
|
ConnStatus: conn.evalStatus(),
|
|
|
|
Relayed: conn.isRelayed(),
|
2024-07-16 11:02:32 +02:00
|
|
|
RelayServerAddress: relayServerAddr,
|
|
|
|
RosenpassEnabled: isRosenpassEnabled(rosenpassPubKey),
|
|
|
|
}
|
|
|
|
|
|
|
|
err := conn.statusRecorder.UpdatePeerRelayedState(peerState)
|
2024-06-14 14:40:31 +02:00
|
|
|
if err != nil {
|
2024-06-17 17:52:22 +02:00
|
|
|
conn.log.Warnf("unable to save peer's state, got error: %v", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
2024-07-16 11:02:32 +02:00
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
func (conn *Conn) updateIceState(iceConnInfo ICEConnInfo) {
|
|
|
|
peerState := State{
|
|
|
|
PubKey: conn.config.Key,
|
|
|
|
ConnStatusUpdate: time.Now(),
|
|
|
|
ConnStatus: conn.evalStatus(),
|
2024-07-17 16:26:41 +02:00
|
|
|
Relayed: iceConnInfo.Relayed,
|
2024-07-16 11:02:32 +02:00
|
|
|
LocalIceCandidateType: iceConnInfo.LocalIceCandidateType,
|
|
|
|
RemoteIceCandidateType: iceConnInfo.RemoteIceCandidateType,
|
|
|
|
LocalIceCandidateEndpoint: iceConnInfo.LocalIceCandidateEndpoint,
|
|
|
|
RemoteIceCandidateEndpoint: iceConnInfo.RemoteIceCandidateEndpoint,
|
|
|
|
RosenpassEnabled: isRosenpassEnabled(iceConnInfo.RosenpassPubKey),
|
2022-01-10 18:43:13 +01:00
|
|
|
}
|
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
err := conn.statusRecorder.UpdatePeerICEState(peerState)
|
|
|
|
if err != nil {
|
|
|
|
conn.log.Warnf("unable to save peer's state, got error: %v", err)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
func (conn *Conn) doOnConnected(remoteRosenpassPubKey []byte, remoteRosenpassAddr string) {
|
|
|
|
if runtime.GOOS == "ios" {
|
|
|
|
runtime.GC()
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
2022-01-10 18:43:13 +01:00
|
|
|
|
2024-07-16 11:02:32 +02:00
|
|
|
if conn.onConnected != nil {
|
|
|
|
conn.onConnected(conn.config.Key, remoteRosenpassPubKey, conn.allowedIPsIP, remoteRosenpassAddr)
|
2024-06-14 14:40:31 +02:00
|
|
|
}
|
2023-03-16 16:46:17 +01:00
|
|
|
}
|
2024-06-03 17:31:37 +02:00
|
|
|
|
2024-07-11 14:37:22 +02:00
|
|
|
func (conn *Conn) waitInitialRandomSleepTime() {
|
2024-07-11 15:37:07 +02:00
|
|
|
minWait := 100
|
|
|
|
maxWait := 800
|
2024-06-25 15:13:08 +02:00
|
|
|
duration := time.Duration(rand.Intn(maxWait-minWait)+minWait) * time.Millisecond
|
|
|
|
|
|
|
|
timeout := time.NewTimer(duration)
|
|
|
|
defer timeout.Stop()
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-conn.ctx.Done():
|
|
|
|
case <-timeout.C:
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-07-17 16:26:41 +02:00
|
|
|
func (conn *Conn) isRelayed() bool {
|
|
|
|
if conn.statusRelay == StatusDisconnected && (conn.statusICE == StatusDisconnected || conn.statusICE == StatusConnecting) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
if conn.currentConnType == connPriorityICEP2P {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2024-06-18 17:40:37 +02:00
|
|
|
func (conn *Conn) evalStatus() ConnStatus {
|
|
|
|
if conn.statusRelay == StatusConnected || conn.statusICE == StatusConnected {
|
|
|
|
return StatusConnected
|
|
|
|
}
|
|
|
|
|
|
|
|
if conn.statusRelay == StatusConnecting || conn.statusICE == StatusConnecting {
|
|
|
|
return StatusConnecting
|
|
|
|
}
|
|
|
|
|
|
|
|
return StatusDisconnected
|
|
|
|
}
|
|
|
|
|
2024-06-14 14:40:31 +02:00
|
|
|
func isRosenpassEnabled(remoteRosenpassPubKey []byte) bool {
|
|
|
|
return remoteRosenpassPubKey != nil
|
|
|
|
}
|