extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-02-01 19:09:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: engine flow on ASNWER/OFFER

Browse Source
This commit is contained in:
braginini 2021-04-14 14:54:02 +02:00
parent d9b06bd417
commit 675358ce5c
2 changed files with 62 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
engine/agent.go
View File

@ -151,14 +151,6 @@ func (pa *PeerAgent) OpenConnection(initiator bool) (net.Conn, error) {
} }
pa.wgConn = wgConn pa.wgConn = wgConn
go func() {
pa.proxyToRemotePeer()
}()
go func() {
pa.proxyToLocalWireguard()
}()
return wgConn, nil return wgConn, nil
} }
@ -201,7 +193,6 @@ func (pa *PeerAgent) onCandidate() error {
// onConnectionStateChange listens on ice.Agent connection state change events and once connected checks a Candidate pair // onConnectionStateChange listens on ice.Agent connection state change events and once connected checks a Candidate pair
// the ice.Conn was established with // the ice.Conn was established with
// Mostly used for debugging purposes (e.g. connection time, etc)
func (pa *PeerAgent) onConnectionStateChange() error { func (pa *PeerAgent) onConnectionStateChange() error {
return pa.iceAgent.OnConnectionStateChange(func(state ice.ConnectionState) { return pa.iceAgent.OnConnectionStateChange(func(state ice.ConnectionState) {
log.Debugf("ICE Connection State has changed: %s", state.String()) log.Debugf("ICE Connection State has changed: %s", state.String())
@ -213,36 +204,35 @@ func (pa *PeerAgent) onConnectionStateChange() error {
return return
} }
log.Debugf("connected to peer %s via selected candidate pair %s", pa.RemoteKey, pair) log.Debugf("connected to peer %s via selected candidate pair %s", pa.RemoteKey, pair)
// start proxying data between local Wireguard and remote peer
go func() {
pa.proxyToRemotePeer()
}()
go func() {
pa.proxyToLocalWireguard()
}()
} }
}) })
} }
// authenticate sets the signal.Credential of the remote peer // authenticate sets the signal.Credential of the remote peer
// and sends local signal.Credential to teh remote peer via signal server // and returns local Credentials
func (pa *PeerAgent) Authenticate(credential *signal.Credential) error { func (pa *PeerAgent) Authenticate(credential *signal.Credential) (*signal.Credential, error) {
err := pa.iceAgent.SetRemoteCredentials(credential.UFrag, credential.Pwd) err := pa.iceAgent.SetRemoteCredentials(credential.UFrag, credential.Pwd)
if err != nil { if err != nil {
return err return nil, err
} }
localUFrag, localPwd, err := pa.iceAgent.GetLocalUserCredentials() localUFrag, localPwd, err := pa.iceAgent.GetLocalUserCredentials()
if err != nil { if err != nil {
return err return nil, err
} }
// notify the remote peer about our credentials return &signal.Credential{
answer := signal.MarshalCredential(pa.LocalKey, pa.RemoteKey, &signal.Credential{
UFrag: localUFrag, UFrag: localUFrag,
Pwd: localPwd, Pwd: localPwd}, nil
}, sProto.Message_ANSWER)
//notify the remote peer of our credentials
err = pa.signal.Send(answer)
if err != nil {
return err
}
return nil
} }

65
engine/engine.go
View File

@ -88,29 +88,30 @@ func (e *Engine) receiveSignal(localKey string) {
switch msg.Type { switch msg.Type {
case sProto.Message_OFFER: case sProto.Message_OFFER:
cred, err := e.handle(msg, peerAgent, initiator)
if err != nil {
return err
}
// notify the remote peer about our credentials
answer := signal.MarshalCredential(peerAgent.LocalKey, peerAgent.RemoteKey, &signal.Credential{
UFrag: cred.UFrag,
Pwd: cred.Pwd,
}, sProto.Message_ANSWER)
//notify the remote peer of our credentials
err = peerAgent.signal.Send(answer)
if err != nil {
return err
}
return nil
case sProto.Message_ANSWER: case sProto.Message_ANSWER:
remoteCred, err := signal.UnMarshalCredential(msg) _, err := e.handle(msg, peerAgent, initiator)
if err != nil { if err != nil {
return err return err
} }
err = peerAgent.Authenticate(remoteCred)
if err != nil {
log.Errorf("error authenticating remote peer %s", msg.Key)
return err
}
conn, err := peerAgent.OpenConnection(initiator)
if err != nil {
log.Errorf("error opening connection ot remote peer %s", msg.Key)
return err
}
err = iface.UpdatePeer(e.wgIface, peerAgent.RemoteKey, "0.0.0.0/0", 15*time.Second, conn.LocalAddr().String())
if err != nil {
log.Errorf("error while configuring Wireguard peer [%s] %s", peerAgent.RemoteKey, err.Error())
return err
}
case sProto.Message_CANDIDATE: case sProto.Message_CANDIDATE:
err := peerAgent.OnRemoteCandidate(msg) err := peerAgent.OnRemoteCandidate(msg)
if err != nil { if err != nil {
@ -124,3 +125,31 @@ func (e *Engine) receiveSignal(localKey string) {
e.signal.WaitConnected() e.signal.WaitConnected()
} }
func (e *Engine) handle(msg *sProto.Message, peerAgent *PeerAgent, initiator bool) (*signal.Credential, error) {
remoteCred, err := signal.UnMarshalCredential(msg)
if err != nil {
return nil, err
}
cred, err := peerAgent.Authenticate(remoteCred)
if err != nil {
log.Errorf("error authenticating remote peer %s", msg.Key)
return nil, err
}
go func() {
conn, err := peerAgent.OpenConnection(initiator)
if err != nil {
log.Errorf("error opening connection ot remote peer %s", msg.Key)
}
err = iface.UpdatePeer(e.wgIface, peerAgent.RemoteKey, "0.0.0.0/0", 15*time.Second, conn.LocalAddr().String())
if err != nil {
log.Errorf("error while configuring Wireguard peer [%s] %s", peerAgent.RemoteKey, err.Error())
}
}()
return cred, nil
}