EdgeVPNio
/
evio
mirror of https://github.com/EdgeVPNio/evio.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Implement DTLS bypass

pull/6/head
Ken 2020-10-01 21:15:41 -04:00
parent 0969d2303b
commit 77d83b83d2
6 changed files with 41 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
tincan/trunk/include/tincan_control.h
View File

@ -83,6 +83,7 @@ const array<const char*, 3> ControlTypeStrings = { {"TincanRequest", "TincanResp
static const Json::StaticString CreateCtrlRespLink;
static const Json::StaticString CreateTunnel;
static const Json::StaticString Data;
static const Json::StaticString DisableDtls;
static const Json::StaticString Echo;
static const Json::StaticString EncryptionEnabled;
static const Json::StaticString FPR;

7
tincan/trunk/include/virtual_link.h
View File

@ -53,7 +53,7 @@ using webrtc::SdpType;
struct VlinkDescriptor
{
bool dtls_enabled;
bool dtls_enabled = true;
string uid;
vector<string> stun_servers;
vector<TurnDescriptor> turn_descs;
@ -76,7 +76,7 @@ public:
void Initialize(
BasicNetworkManager & network_manager,
unique_ptr<SSLIdentity>sslid,
SSLFingerprint const & local_fingerprint,
unique_ptr<SSLFingerprint> local_fingerprint,
cricket::IceRole ice_role);
PeerDescriptor& PeerInfo()
@ -150,7 +150,8 @@ private:
const string & candidates);
void SetupICE(
SSLFingerprint const & local_fingerprint);
unique_ptr<SSLIdentity> sslid,
unique_ptr<SSLFingerprint> local_fingerprint);
void OnReadPacket(
PacketTransportInternal* transport,

3
tincan/trunk/src/basic_tunnel.cc
View File

@ -92,7 +92,8 @@ BasicTunnel::CreateVlink(
unique_ptr<VirtualLink> vl = make_unique<VirtualLink>(
move(vlink_desc), move(peer_desc), sig_worker_, net_worker_);
unique_ptr<SSLIdentity> sslid_copy(sslid_->Clone());
vl->Initialize(net_manager_, move(sslid_copy), *local_fingerprint_.get(),
vl->Initialize(net_manager_, move(sslid_copy),
make_unique<rtc::SSLFingerprint>(*local_fingerprint_.get()),
ice_role);
vl->SignalMessageReceived.connect(this, &BasicTunnel::VlinkReadComplete);
vl->SignalLinkUp.connect(this, &BasicTunnel::VLinkUp);

4
tincan/trunk/src/tincan.cc
View File

@ -121,7 +121,8 @@ Tincan::CreateVlink(
peer_desc->mac_address =
link_desc[TincanControl::PeerInfo][TincanControl::MAC].asString();
vl_desc->dtls_enabled = true;
vl_desc->dtls_enabled = !link_desc[TincanControl::DisableDtls].asBool();
BasicTunnel & tnl = TunnelFromId(tnl_id);
shared_ptr<VirtualLink> vlink =
@ -307,6 +308,7 @@ Tincan::Run()
ctrl_dispatch->SetDispatchToTincanInf(this);
ctrl_listener_ = make_shared<ControlListener>(move(ctrl_dispatch));
ctrl_listener_->Run();
cout << "Control Listener now running\n";
exit_event_.Wait(Event::kForever);
}

1
tincan/trunk/src/tincan_control.cc
View File

@ -34,6 +34,7 @@ const Json::StaticString TincanControl::Controlling("Controlling");
const Json::StaticString TincanControl::CreateCtrlRespLink("CreateCtrlRespLink");
const Json::StaticString TincanControl::CreateTunnel("CreateTunnel");
const Json::StaticString TincanControl::Data("Data");
const Json::StaticString TincanControl::DisableDtls("DisableDtls");
const Json::StaticString TincanControl::Echo("Echo");
const Json::StaticString TincanControl::EncryptionEnabled("EncryptionEnabled");
const Json::StaticString TincanControl::FPR("FPR");

33
tincan/trunk/src/virtual_link.cc
View File

@ -48,6 +48,10 @@ VirtualLink::VirtualLink(
local_description_ = make_unique<cricket::SessionDescription>();
remote_description_ = make_unique<cricket::SessionDescription>();
ice_transport_factory_ = make_unique<webrtc::DefaultIceTransportFactory>();
config_.transport_observer = this;
config_.rtcp_handler = [](const rtc::CopyOnWriteBuffer& packet,
int64_t packet_time_us) { RTC_NOTREACHED(); };
config_.ice_transport_factory = ice_transport_factory_.get();
}
VirtualLink::~VirtualLink()
@ -62,17 +66,11 @@ void
VirtualLink::Initialize(
BasicNetworkManager & network_manager,
unique_ptr<SSLIdentity> sslid,
SSLFingerprint const & local_fingerprint,
unique_ptr<SSLFingerprint> local_fingerprint,
cricket::IceRole ice_role)
{
ice_role_ = ice_role;
port_allocator_.reset(new cricket::BasicPortAllocator(&network_manager));
config_.transport_observer = this;
config_.rtcp_handler = [](const rtc::CopyOnWriteBuffer& packet,
int64_t packet_time_us) { RTC_NOTREACHED(); };
config_.ice_transport_factory = ice_transport_factory_.get();
port_allocator_->SetConfiguration(
SetupSTUN(vlink_desc_->stun_servers),
SetupTURN(vlink_desc_->turn_descs),
@ -83,8 +81,7 @@ VirtualLink::Initialize(
port_allocator_.get(),
/*async_resolver_factory*/ nullptr,
config_);
transport_ctlr_->SetLocalCertificate(RTCCertificate::Create(move(sslid)));
SetupICE(local_fingerprint);
SetupICE(move(sslid), move(local_fingerprint));
dtls_transport_ = transport_ctlr_->GetDtlsTransport(content_name_);
RegisterLinkEventHandlers();
@ -274,8 +271,14 @@ VirtualLink::GetStats(Json::Value & stats)
void
VirtualLink::SetupICE(
SSLFingerprint const & local_fingerprint)
unique_ptr<SSLIdentity> sslid,
unique_ptr<SSLFingerprint> local_fingerprint)
{
SSLFingerprint const* local_fprnt = nullptr;
if (vlink_desc_->dtls_enabled)
{
transport_ctlr_->SetLocalCertificate(RTCCertificate::Create(move(sslid)));
size_t pos = peer_desc_->fingerprint.find(' ');
string alg, fp;
if(pos != string::npos)
@ -285,8 +288,16 @@ VirtualLink::SetupICE(
remote_fingerprint_.reset(
rtc::SSLFingerprint::CreateFromRfc4572(alg, fp));
}
}
else
{
local_fingerprint.release();
RTC_LOG(LS_INFO) << "Not using DTLS on vlink " << content_name_ << "\n";
}
cricket::IceConfig ic;
ic.continual_gathering_policy = cricket::GATHER_ONCE;
//ic.ice_check_interval_strong_connectivity = ?;
transport_ctlr_->SetIceConfig(ic);
cricket::ConnectionRole remote_conn_role = cricket::CONNECTIONROLE_ACTIVE;
conn_role_ = cricket::CONNECTIONROLE_ACTPASS;
@ -297,7 +308,7 @@ VirtualLink::SetupICE(
cricket::TransportDescription local_transport_desc(
vector<string>(), tp.kIceUfrag, tp.kIcePwd,
cricket::ICEMODE_FULL, conn_role_, &local_fingerprint);
cricket::ICEMODE_FULL, conn_role_, local_fingerprint.get());
cricket::TransportDescription remote_transport_desc(
vector<string>(), tp.kIceUfrag, tp.kIcePwd,