Implement NAT discover for go standalone proxies

2025-10-13 20:11:19 -04:00 · 2020-06-16 17:10:56 -04:00 · 2020-06-16 17:10:56 -04:00 · f6cf9a453b
commit f6cf9a453b
parent bf924445e3
4 changed files with 77 additions and 17 deletions
--- a/broker/broker.go
+++ b/broker/broker.go
@ -170,7 +170,7 @@ func proxyPolls(ctx *BrokerContext, w http.ResponseWriter, r *http.Request) {
 		return
 	}
-	sid, proxyType, err := messages.DecodePollRequest(body)
+	sid, proxyType, _, err := messages.DecodePollRequest(body)
 	if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		return
--- a/common/messages/proxy.go
+++ b/common/messages/proxy.go
@ -9,15 +9,16 @@ import (
 	"strings"
 )
-const version = "1.1"
+const version = "1.2"
-/* Version 1.1 specification:
+/* Version 1.2 specification:
 == ProxyPollRequest ==
 {
  Sid: [generated session id of proxy],
-  Version: 1.1,
+  Version: 1.2,
  Type: ["badge"|"webext"|"standalone"]
  NAT: ["unknown"|"restricted"|"unrestricted"]
 }
 == ProxyPollResponse ==
@ -44,7 +45,7 @@ HTTP 400 BadRequest
 == ProxyAnswerRequest ==
 {
  Sid: [generated session id of proxy],
-  Version: 1.1,
+  Version: 1.2,
  Answer:
  {
    type: answer,
@ -76,37 +77,44 @@ type ProxyPollRequest struct {
 	Sid     string
 	Version string
 	Type    string
 	NAT     string
 }
-func EncodePollRequest(sid string, proxyType string) ([]byte, error) {
+func EncodePollRequest(sid string, proxyType string, natType string) ([]byte, error) {
 	return json.Marshal(ProxyPollRequest{
 		Sid:     sid,
 		Version: version,
 		Type:    proxyType,
 		NAT:     natType,
 	})
 }
 // Decodes a poll message from a snowflake proxy and returns the
 // sid and proxy type of the proxy on success and an error if it failed
-func DecodePollRequest(data []byte) (string, string, error) {
+func DecodePollRequest(data []byte) (string, string, string, error) {
 	var message ProxyPollRequest
 	err := json.Unmarshal(data, &message)
 	if err != nil {
-		return "", "", err
+		return "", "", "", err
 	}
 	majorVersion := strings.Split(message.Version, ".")[0]
 	if majorVersion != "1" {
-		return "", "", fmt.Errorf("using unknown version")
+		return "", "", "", fmt.Errorf("using unknown version")
 	}
 	// Version 1.x requires an Sid
 	if message.Sid == "" {
-		return "", "", fmt.Errorf("no supplied session id")
+		return "", "", "", fmt.Errorf("no supplied session id")
 	}
-	return message.Sid, message.Type, nil
+	natType := message.NAT
 	if natType == "" {
 		natType = "unknown"
 	}
 	return message.Sid, message.Type, natType, nil
 }
 type ProxyPollResponse struct {
@ -159,7 +167,7 @@ type ProxyAnswerRequest struct {
 func EncodeAnswerRequest(answer string, sid string) ([]byte, error) {
 	return json.Marshal(ProxyAnswerRequest{
-		Version: "1.1",
+		Version: version,
 		Sid:     sid,
 		Answer:  answer,
 	})
--- a/common/messages/proxy_test.go
+++ b/common/messages/proxy_test.go
@ -13,6 +13,7 @@ func TestDecodeProxyPollRequest(t *testing.T) {
 		for _, test := range []struct {
 			sid       string
 			proxyType string
 			natType   string
 			data      string
 			err       error
 		}{
@ -20,6 +21,7 @@ func TestDecodeProxyPollRequest(t *testing.T) {
 				//Version 1.0 proxy message
 				"ymbcCMto7KHNGYlp",
 				"",
 				"unknown",
 				`{"Sid":"ymbcCMto7KHNGYlp","Version":"1.0"}`,
 				nil,
 			},
@ -27,44 +29,59 @@ func TestDecodeProxyPollRequest(t *testing.T) {
 				//Version 1.1 proxy message
 				"ymbcCMto7KHNGYlp",
 				"standalone",
 				"unknown",
 				`{"Sid":"ymbcCMto7KHNGYlp","Version":"1.1","Type":"standalone"}`,
 				nil,
 			},
 			{
 				//Version 1.2 proxy message
 				"ymbcCMto7KHNGYlp",
 				"standalone",
 				"restricted",
 				`{"Sid":"ymbcCMto7KHNGYlp","Version":"1.2","Type":"standalone", "NAT":"restricted"}`,
 				nil,
 			},
 			{
 				//Version 0.X proxy message:
 				"",
 				"",
-				"ymbcCMto7KHNGYlp",
+				"",
 				"",
 				&json.SyntaxError{},
 			},
 			{
 				"",
 				"",
 				"",
 				`{"Sid":"ymbcCMto7KHNGYlp"}`,
 				fmt.Errorf(""),
 			},
 			{
 				"",
 				"",
 				"",
 				"{}",
 				fmt.Errorf(""),
 			},
 			{
 				"",
 				"",
 				"",
 				`{"Version":"1.0"}`,
 				fmt.Errorf(""),
 			},
 			{
 				"",
 				"",
 				"",
 				`{"Version":"2.0"}`,
 				fmt.Errorf(""),
 			},
 		} {
-			sid, proxyType, err := DecodePollRequest([]byte(test.data))
+			sid, proxyType, natType, err := DecodePollRequest([]byte(test.data))
 			So(sid, ShouldResemble, test.sid)
 			So(proxyType, ShouldResemble, test.proxyType)
 			So(natType, ShouldResemble, test.natType)
 			So(err, ShouldHaveSameTypeAs, test.err)
 		}
@ -73,11 +90,12 @@ func TestDecodeProxyPollRequest(t *testing.T) {
 func TestEncodeProxyPollRequests(t *testing.T) {
 	Convey("Context", t, func() {
-		b, err := EncodePollRequest("ymbcCMto7KHNGYlp", "standalone")
+		b, err := EncodePollRequest("ymbcCMto7KHNGYlp", "standalone", "unknown")
 		So(err, ShouldEqual, nil)
-		sid, proxyType, err := DecodePollRequest(b)
+		sid, proxyType, natType, err := DecodePollRequest(b)
 		So(sid, ShouldEqual, "ymbcCMto7KHNGYlp")
 		So(proxyType, ShouldEqual, "standalone")
 		So(natType, ShouldEqual, "unknown")
 		So(err, ShouldEqual, nil)
 	})
 }
--- a/proxy/snowflake.go
+++ b/proxy/snowflake.go
@ -19,6 +19,7 @@ import (
 	"time"
 	"git.torproject.org/pluggable-transports/snowflake.git/common/messages"
 	"git.torproject.org/pluggable-transports/snowflake.git/common/nat"
 	"git.torproject.org/pluggable-transports/snowflake.git/common/safelog"
 	"git.torproject.org/pluggable-transports/snowflake.git/common/util"
 	"git.torproject.org/pluggable-transports/snowflake.git/common/websocketconn"
@ -30,6 +31,11 @@ const defaultBrokerURL = "https://snowflake-broker.bamsoftware.com/"
 const defaultRelayURL = "wss://snowflake.bamsoftware.com/"
 const defaultSTUNURL = "stun:stun.l.google.com:19302"
 const pollInterval = 5 * time.Second
 const (
 	NATUnknown      = "unknown"
 	NATRestricted   = "restricted"
 	NATUnrestricted = "unrestricted"
 )
 //amount of time after sending an SDP answer before the proxy assumes the
 //client is not going to connect
@ -40,6 +46,8 @@ const readLimit = 100000 //Maximum number of bytes to be read from an HTTP reque
 var broker *Broker
 var relayURL string
 var currentNATType = NATUnknown
 const (
 	sessionIDLength = 16
 )
@ -174,7 +182,7 @@ func (b *Broker) pollOffer(sid string) *webrtc.SessionDescription {
 			timeOfNextPoll = now
 		}
-		body, err := messages.EncodePollRequest(sid, "standalone")
+		body, err := messages.EncodePollRequest(sid, "standalone", currentNATType)
 		if err != nil {
 			log.Printf("Error encoding poll message: %s", err.Error())
 			return nil
@ -485,9 +493,35 @@ func main() {
 		tokens <- true
 	}
 	// determine NAT type before polling
 	updateNATType(config.ICEServers)
 	log.Printf("NAT type: %s", currentNATType)
 	for {
 		getToken()
 		sessionID := genSessionID()
 		runSession(sessionID)
 	}
 }
 // use provided STUN server(s) to determine NAT type
 func updateNATType(servers []webrtc.ICEServer) {
 	var restrictedNAT bool
 	var err error
 	for _, server := range servers {
 		addr := strings.TrimPrefix(server.URLs[0], "stun:")
 		restrictedNAT, err = nat.CheckIfRestrictedNAT(addr)
 		if err == nil {
 			if restrictedNAT {
 				currentNATType = NATRestricted
 			} else {
 				currentNATType = NATUnrestricted
 			}
 			break
 		}
 	}
 	if err != nil {
 		currentNATType = NATUnknown
 	}
 }