archives/snowflake
2
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git synced 2025-10-14 05:11:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use Pion's Setting Engine to reduce Multicast DNS noise

Browse source 
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40123

The purpose of the patch is to prevent Pion from opening the mDNS port,
thus preventing snowflake from directly leaking .local candidates.

What this doesn't prevent is the resolution of .local candidates
once they are passed on to the system DNS.
This commit is contained in:
Tommaso Gragnato 2022-08-14 14:34:57 +02:00 committed by itchyonion
parent a8829d49b7
commit 9ce1de4eee
2 changed files with 14 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
client/lib/webrtc.go
View file

@ -10,6 +10,7 @@ import (
"time"
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/event"
"github.com/pion/ice/v2"
"github.com/pion/webrtc/v3"
)
@ -189,7 +190,10 @@ func (c *WebRTCPeer) connect(config *webrtc.Configuration, broker *BrokerChannel
// after ICE candidate gathering is complete..
func (c *WebRTCPeer) preparePeerConnection(config *webrtc.Configuration) error {
var err error
c.pc, err = webrtc.NewPeerConnection(*config)
s := webrtc.SettingEngine{}
s.SetICEMulticastDNSMode(ice.MulticastDNSModeDisabled)
api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
c.pc, err = api.NewPeerConnection(*config)
if err != nil {
log.Printf("NewPeerConnection ERROR: %s", err)
return err

11
proxy/lib/snowflake.go
View file

@ -47,6 +47,7 @@ import (
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/util"
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/websocketconn"
"github.com/gorilla/websocket"
"github.com/pion/ice/v2"
"github.com/pion/webrtc/v3"
)
@ -355,7 +356,10 @@ func (sf *SnowflakeProxy) makePeerConnectionFromOffer(sdp *webrtc.SessionDescrip
dataChan chan struct{},
handler func(conn *webRTCConn, remoteAddr net.Addr)) (*webrtc.PeerConnection, error) {
pc, err := webrtc.NewPeerConnection(config)
s := webrtc.SettingEngine{}
s.SetICEMulticastDNSMode(ice.MulticastDNSModeDisabled)
api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
pc, err := api.NewPeerConnection(config)
if err != nil {
return nil, fmt.Errorf("accept: NewPeerConnection: %s", err)
}
@ -442,7 +446,10 @@ func (sf *SnowflakeProxy) makePeerConnectionFromOffer(sdp *webrtc.SessionDescrip
func (sf *SnowflakeProxy) makeNewPeerConnection(config webrtc.Configuration,
dataChan chan struct{}) (*webrtc.PeerConnection, error) {
pc, err := webrtc.NewPeerConnection(config)
s := webrtc.SettingEngine{}
s.SetICEMulticastDNSMode(ice.MulticastDNSModeDisabled)
api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
pc, err := api.NewPeerConnection(config)
if err != nil {
return nil, fmt.Errorf("accept: NewPeerConnection: %s", err)
}