Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
The Tor Project
Anti-censorship
Pluggable Transports
Snowflake
Commits
e4c01f05
Commit
e4c01f05
authored
May 16, 2022
by
itchyonion
Browse files
Wrap client NAT log
parent
6310ca43
Pipeline
#40144
passed with stage
in 9 minutes and 21 seconds
Changes
2
Pipelines
2
Hide whitespace changes
Inline
Side-by-side
client/lib/snowflake.go
View file @
e4c01f05
...
...
@@ -237,7 +237,7 @@ func (conn *SnowflakeConn) Close() error {
}
// loop through all provided STUN servers until we exhaust the list or find
// one that is compat
a
ble with RFC 5780
// one that is compat
i
ble with RFC 5780
func
updateNATType
(
servers
[]
webrtc
.
ICEServer
,
broker
*
BrokerChannel
)
{
var
restrictedNAT
bool
...
...
@@ -245,7 +245,10 @@ func updateNATType(servers []webrtc.ICEServer, broker *BrokerChannel) {
for
_
,
server
:=
range
servers
{
addr
:=
strings
.
TrimPrefix
(
server
.
URLs
[
0
],
"stun:"
)
restrictedNAT
,
err
=
nat
.
CheckIfRestrictedNAT
(
addr
)
if
err
==
nil
{
if
err
!=
nil
{
log
.
Printf
(
"Warning: NAT checking failed for server at %s: %s"
,
addr
,
err
)
}
else
{
if
restrictedNAT
{
broker
.
SetNATType
(
nat
.
NATRestricted
)
}
else
{
...
...
common/nat/nat.go
View file @
e4c01f05
...
...
@@ -49,8 +49,7 @@ func isRestrictedMapping(addrStr string) (bool, error) {
mapTestConn
,
err
:=
connect
(
addrStr
)
if
err
!=
nil
{
log
.
Printf
(
"Error creating STUN connection: %s"
,
err
.
Error
())
return
false
,
err
return
false
,
fmt
.
Errorf
(
"Error creating STUN connection: %w"
,
err
)
}
defer
mapTestConn
.
Close
()
...
...
@@ -59,48 +58,34 @@ func isRestrictedMapping(addrStr string) (bool, error) {
message
:=
stun
.
MustBuild
(
stun
.
TransactionID
,
stun
.
BindingRequest
)
resp
,
err
:=
mapTestConn
.
RoundTrip
(
message
,
mapTestConn
.
PrimaryAddr
)
if
err
==
ErrTimedOut
{
log
.
Printf
(
"Error: no response from server"
)
return
false
,
err
}
if
err
!=
nil
{
log
.
Printf
(
"Error receiving response from server: %s"
,
err
.
Error
())
return
false
,
err
return
false
,
fmt
.
Errorf
(
"Error completing roundtrip map test: %w"
,
err
)
}
// Decoding XOR-MAPPED-ADDRESS attribute from message.
if
err
=
xorAddr1
.
GetFrom
(
resp
);
err
!=
nil
{
log
.
Printf
(
"Error retrieving XOR-MAPPED-ADDRESS resonse: %s"
,
err
.
Error
())
return
false
,
err
return
false
,
fmt
.
Errorf
(
"Error retrieving XOR-MAPPED-ADDRESS resonse: %w"
,
err
)
}
// Decoding OTHER-ADDRESS attribute from message.
var
otherAddr
stun
.
OtherAddress
if
err
=
otherAddr
.
GetFrom
(
resp
);
err
!=
nil
{
log
.
Println
(
"NAT discovery feature not supported by this server"
)
return
false
,
err
return
false
,
fmt
.
Errorf
(
"NAT discovery feature not supported: %w"
,
err
)
}
if
err
=
mapTestConn
.
AddOtherAddr
(
otherAddr
.
String
());
err
!=
nil
{
log
.
Printf
(
"Failed to resolve address %s
\t
"
,
otherAddr
.
String
())
return
false
,
err
return
false
,
fmt
.
Errorf
(
"Error resolving address %s: %w"
,
otherAddr
.
String
(),
err
)
}
// Test II: Send binding request to other address
resp
,
err
=
mapTestConn
.
RoundTrip
(
message
,
mapTestConn
.
OtherAddr
)
if
err
==
ErrTimedOut
{
log
.
Printf
(
"Error: no response from server"
)
return
false
,
err
}
if
err
!=
nil
{
log
.
Printf
(
"Error retrieving server response: %s"
,
err
.
Error
())
return
false
,
err
return
false
,
fmt
.
Errorf
(
"Error retrieveing server response: %w"
,
err
)
}
// Decoding XOR-MAPPED-ADDRESS attribute from message.
if
err
=
xorAddr2
.
GetFrom
(
resp
);
err
!=
nil
{
log
.
Printf
(
"Error retrieving XOR-MAPPED-ADDRESS resonse: %s"
,
err
.
Error
())
return
false
,
err
return
false
,
fmt
.
Errorf
(
"Error retrieving XOR-MAPPED-ADDRESS resonse: %w"
,
err
)
}
return
xorAddr1
.
String
()
!=
xorAddr2
.
String
(),
nil
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment