mirror of
https://github.com/netbirdio/netbird.git
synced 2025-01-07 06:29:06 +01:00
Use permanent credentials
This commit is contained in:
Zoltán Papp
parent
4a08f1a1e9
commit
4d67d72785
@ -19,8 +19,6 @@ var (
|
|||||||
ErrSignalIsNotReady = errors.New("signal is not ready")
|
ErrSignalIsNotReady = errors.New("signal is not ready")
|
||||||
)
|
)
|
||||||
|
|
||||||
type DoHandshake func() (*OfferAnswer, error)
|
|
||||||
|
|
||||||
// IceCredentials ICE protocol credentials struct
|
// IceCredentials ICE protocol credentials struct
|
||||||
type IceCredentials struct {
|
type IceCredentials struct {
|
||||||
UFrag string
|
UFrag string
|
||||||
@ -54,20 +52,6 @@ type HandshakeArgs struct {
|
|||||||
RelayAddr string
|
RelayAddr string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a HandshakeArgs) Equal(args HandshakeArgs) bool {
|
|
||||||
if a.IceUFrag != args.IceUFrag {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
if a.IcePwd != args.IcePwd {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
if a.RelayAddr != args.RelayAddr {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
type Handshaker struct {
|
type Handshaker struct {
|
||||||
mu sync.Mutex
|
mu sync.Mutex
|
||||||
ctx context.Context
|
ctx context.Context
|
||||||
@ -84,7 +68,6 @@ type Handshaker struct {
|
|||||||
remoteOfferAnswer *OfferAnswer
|
remoteOfferAnswer *OfferAnswer
|
||||||
remoteOfferAnswerCreated time.Time
|
remoteOfferAnswerCreated time.Time
|
||||||
|
|
||||||
lastSentOffer time.Time
|
|
||||||
lastOfferArgs HandshakeArgs
|
lastOfferArgs HandshakeArgs
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -105,6 +88,7 @@ func (h *Handshaker) Listen() {
|
|||||||
remoteOfferAnswer, err := h.waitForRemoteOfferConfirmation()
|
remoteOfferAnswer, err := h.waitForRemoteOfferConfirmation()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(*ConnectionClosedError); ok {
|
if _, ok := err.(*ConnectionClosedError); ok {
|
||||||
|
log.Tracef("stop handshaker")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
log.Errorf("failed to received remote offer confirmation: %s", err)
|
log.Errorf("failed to received remote offer confirmation: %s", err)
|
||||||
@ -120,17 +104,12 @@ func (h *Handshaker) SendOffer(args HandshakeArgs) error {
|
|||||||
h.mu.Lock()
|
h.mu.Lock()
|
||||||
defer h.mu.Unlock()
|
defer h.mu.Unlock()
|
||||||
|
|
||||||
if h.lastOfferArgs.Equal(args) && h.lastSentOffer.After(time.Now().Add(-time.Second)) {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
err := h.sendOffer(args)
|
err := h.sendOffer(args)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
h.lastOfferArgs = args
|
h.lastOfferArgs = args
|
||||||
h.lastSentOffer = time.Now()
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -187,6 +166,7 @@ func (h *Handshaker) waitForRemoteOfferConfirmation() (*OfferAnswer, error) {
|
|||||||
|
|
||||||
// sendOffer prepares local user credentials and signals them to the remote peer
|
// sendOffer prepares local user credentials and signals them to the remote peer
|
||||||
func (h *Handshaker) sendOffer(args HandshakeArgs) error {
|
func (h *Handshaker) sendOffer(args HandshakeArgs) error {
|
||||||
|
log.Debugf("SEND OFFER: %s", args.IceUFrag)
|
||||||
offer := OfferAnswer{
|
offer := OfferAnswer{
|
||||||
IceCredentials: IceCredentials{args.IceUFrag, args.IcePwd},
|
IceCredentials: IceCredentials{args.IceUFrag, args.IcePwd},
|
||||||
WgListenPort: h.config.LocalWgPort,
|
WgListenPort: h.config.LocalWgPort,
|
||||||
@ -201,6 +181,7 @@ func (h *Handshaker) sendOffer(args HandshakeArgs) error {
|
|||||||
|
|
||||||
func (h *Handshaker) sendAnswer() error {
|
func (h *Handshaker) sendAnswer() error {
|
||||||
h.log.Debugf("sending answer")
|
h.log.Debugf("sending answer")
|
||||||
|
log.Debugf("SEND ANSWER: %s", h.lastOfferArgs.IceUFrag)
|
||||||
answer := OfferAnswer{
|
answer := OfferAnswer{
|
||||||
IceCredentials: IceCredentials{h.lastOfferArgs.IceUFrag, h.lastOfferArgs.IcePwd},
|
IceCredentials: IceCredentials{h.lastOfferArgs.IceUFrag, h.lastOfferArgs.IcePwd},
|
||||||
WgListenPort: h.config.LocalWgPort,
|
WgListenPort: h.config.LocalWgPort,
|
||||||
|
|||||||
@ -94,8 +94,6 @@ type WorkerICE struct {
|
|||||||
localPwd string
|
localPwd string
|
||||||
creadantialHasUsed bool
|
creadantialHasUsed bool
|
||||||
hasRelayOnLocally bool
|
hasRelayOnLocally bool
|
||||||
onDisconnected context.CancelFunc
|
|
||||||
onOfferReceived context.CancelFunc
|
|
||||||
tickerCancel context.CancelFunc
|
tickerCancel context.CancelFunc
|
||||||
ticker *time.Ticker
|
ticker *time.Ticker
|
||||||
}
|
}
|
||||||
@ -274,7 +272,6 @@ func (w *WorkerICE) GetLocalUserCredentials() (frag string, pwd string) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (w *WorkerICE) reCreateAgent(agentCancel context.CancelFunc, relaySupport []ice.CandidateType) (*ice.Agent, error) {
|
func (w *WorkerICE) reCreateAgent(agentCancel context.CancelFunc, relaySupport []ice.CandidateType) (*ice.Agent, error) {
|
||||||
log.Debugf("--RECREATE AGENT-----")
|
|
||||||
transportNet, err := w.newStdNet()
|
transportNet, err := w.newStdNet()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
w.log.Errorf("failed to create pion's stdnet: %s", err)
|
w.log.Errorf("failed to create pion's stdnet: %s", err)
|
||||||
@ -287,7 +284,7 @@ func (w *WorkerICE) reCreateAgent(agentCancel context.CancelFunc, relaySupport [
|
|||||||
agentConfig := &ice.AgentConfig{
|
agentConfig := &ice.AgentConfig{
|
||||||
MulticastDNSMode: ice.MulticastDNSModeDisabled,
|
MulticastDNSMode: ice.MulticastDNSModeDisabled,
|
||||||
NetworkTypes: []ice.NetworkType{ice.NetworkTypeUDP4, ice.NetworkTypeUDP6},
|
NetworkTypes: []ice.NetworkType{ice.NetworkTypeUDP4, ice.NetworkTypeUDP6},
|
||||||
//Urls: w.configICE.StunTurn.Load().([]*stun.URI),
|
Urls: w.configICE.StunTurn.Load().([]*stun.URI),
|
||||||
CandidateTypes: relaySupport,
|
CandidateTypes: relaySupport,
|
||||||
InterfaceFilter: stdnet.InterfaceFilter(w.configICE.InterfaceBlackList),
|
InterfaceFilter: stdnet.InterfaceFilter(w.configICE.InterfaceBlackList),
|
||||||
UDPMux: w.configICE.UDPMux,
|
UDPMux: w.configICE.UDPMux,
|
||||||
@ -327,14 +324,6 @@ func (w *WorkerICE) reCreateAgent(agentCancel context.CancelFunc, relaySupport [
|
|||||||
_ = agent.Close()
|
_ = agent.Close()
|
||||||
w.agent = nil
|
w.agent = nil
|
||||||
|
|
||||||
// generate credentials for the next agent creation loop
|
|
||||||
localUfrag, localPwd, err := generateICECredentials()
|
|
||||||
if err != nil {
|
|
||||||
log.Errorf("failed to generate new ICE credentials: %s", err)
|
|
||||||
}
|
|
||||||
w.localUfrag = localUfrag
|
|
||||||
w.localPwd = localPwd
|
|
||||||
|
|
||||||
w.muxAgent.Unlock()
|
w.muxAgent.Unlock()
|
||||||
go w.sendOffer()
|
go w.sendOffer()
|
||||||
}
|
}
|
||||||
@ -510,7 +499,7 @@ func candidateTypes() []ice.CandidateType {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func candidateTypesP2P() []ice.CandidateType {
|
func candidateTypesP2P() []ice.CandidateType {
|
||||||
return []ice.CandidateType{ice.CandidateTypeHost}
|
return []ice.CandidateType{ice.CandidateTypeHost, ice.CandidateTypeServerReflexive}
|
||||||
}
|
}
|
||||||
|
|
||||||
func isRelayCandidate(candidate ice.Candidate) bool {
|
func isRelayCandidate(candidate ice.Candidate) bool {
|
||||||
@ -525,7 +514,6 @@ func isRelayed(pair *ice.CandidatePair) bool {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func generateICECredentials() (string, string, error) {
|
func generateICECredentials() (string, string, error) {
|
||||||
log.Debugf("-----GENERATE CREDENTIALS------")
|
|
||||||
ufrag, err := randutil.GenerateCryptoRandomString(lenUFrag, runesAlpha)
|
ufrag, err := randutil.GenerateCryptoRandomString(lenUFrag, runesAlpha)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", "", err
|
return "", "", err
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user