2019-05-29 08:56:40 +01:00
|
|
|
// Copyright (C) 2019 The Syncthing Authors.
|
|
|
|
//
|
|
|
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
|
|
// You can obtain one at https://mozilla.org/MPL/2.0/.
|
|
|
|
|
|
|
|
package stun
|
|
|
|
|
|
|
|
import (
|
2019-11-21 08:41:15 +01:00
|
|
|
"context"
|
2019-05-29 08:56:40 +01:00
|
|
|
"net"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/ccding/go-stun/stun"
|
2019-07-09 11:40:30 +02:00
|
|
|
|
2019-05-29 08:56:40 +01:00
|
|
|
"github.com/syncthing/syncthing/lib/config"
|
2023-08-21 19:44:33 +02:00
|
|
|
"github.com/syncthing/syncthing/lib/svcutil"
|
2019-05-29 08:56:40 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
const stunRetryInterval = 5 * time.Minute
|
|
|
|
|
2023-08-21 15:25:52 +02:00
|
|
|
type (
|
|
|
|
Host = stun.Host
|
|
|
|
NATType = stun.NATType
|
|
|
|
)
|
2019-05-29 08:56:40 +01:00
|
|
|
|
|
|
|
// NAT types.
|
|
|
|
|
|
|
|
const (
|
|
|
|
NATError = stun.NATError
|
|
|
|
NATUnknown = stun.NATUnknown
|
|
|
|
NATNone = stun.NATNone
|
|
|
|
NATBlocked = stun.NATBlocked
|
|
|
|
NATFull = stun.NATFull
|
|
|
|
NATSymmetric = stun.NATSymmetric
|
|
|
|
NATRestricted = stun.NATRestricted
|
|
|
|
NATPortRestricted = stun.NATPortRestricted
|
|
|
|
NATSymmetricUDPFirewall = stun.NATSymmetricUDPFirewall
|
|
|
|
)
|
|
|
|
|
|
|
|
type Subscriber interface {
|
|
|
|
OnNATTypeChanged(natType NATType)
|
|
|
|
OnExternalAddressChanged(address *Host, via string)
|
|
|
|
}
|
|
|
|
|
|
|
|
type Service struct {
|
|
|
|
name string
|
|
|
|
cfg config.Wrapper
|
|
|
|
subscriber Subscriber
|
|
|
|
client *stun.Client
|
|
|
|
|
2023-08-21 15:25:52 +02:00
|
|
|
lastWriter LastWriter
|
2019-05-29 08:56:40 +01:00
|
|
|
|
|
|
|
natType NATType
|
|
|
|
addr *Host
|
|
|
|
}
|
|
|
|
|
2023-08-21 15:25:52 +02:00
|
|
|
type LastWriter interface {
|
|
|
|
LastWrite() time.Time
|
|
|
|
}
|
2019-05-29 08:56:40 +01:00
|
|
|
|
2023-08-21 15:25:52 +02:00
|
|
|
func New(cfg config.Wrapper, subscriber Subscriber, conn net.PacketConn, lastWriter LastWriter) *Service {
|
2019-05-29 08:56:40 +01:00
|
|
|
// Construct the client to use the stun conn
|
2023-08-21 15:25:52 +02:00
|
|
|
client := stun.NewClientWithConnection(conn)
|
2019-05-29 08:56:40 +01:00
|
|
|
client.SetSoftwareName("") // Explicitly unset this, seems to freak some servers out.
|
|
|
|
|
|
|
|
// Return the service and the other conn to the client
|
2021-08-05 01:04:22 +02:00
|
|
|
name := "Stun@"
|
|
|
|
if local := conn.LocalAddr(); local != nil {
|
|
|
|
name += local.Network() + "://" + local.String()
|
|
|
|
} else {
|
|
|
|
name += "unknown"
|
|
|
|
}
|
2019-07-09 11:40:30 +02:00
|
|
|
s := &Service{
|
2021-08-05 01:04:22 +02:00
|
|
|
name: name,
|
2019-05-29 08:56:40 +01:00
|
|
|
|
|
|
|
cfg: cfg,
|
|
|
|
subscriber: subscriber,
|
|
|
|
client: client,
|
|
|
|
|
2023-08-21 15:25:52 +02:00
|
|
|
lastWriter: lastWriter,
|
2019-05-29 08:56:40 +01:00
|
|
|
|
|
|
|
natType: NATUnknown,
|
|
|
|
addr: nil,
|
2019-07-09 11:40:30 +02:00
|
|
|
}
|
2023-08-21 15:25:52 +02:00
|
|
|
return s
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
2020-11-17 13:19:04 +01:00
|
|
|
func (s *Service) Serve(ctx context.Context) error {
|
2020-01-10 10:24:15 +01:00
|
|
|
defer func() {
|
2019-05-29 08:56:40 +01:00
|
|
|
s.setNATType(NATUnknown)
|
|
|
|
s.setExternalAddress(nil, "")
|
2020-01-10 10:24:15 +01:00
|
|
|
}()
|
|
|
|
|
|
|
|
timer := time.NewTimer(time.Millisecond)
|
|
|
|
|
|
|
|
for {
|
|
|
|
disabled:
|
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
2020-11-17 13:19:04 +01:00
|
|
|
return ctx.Err()
|
2020-01-10 10:24:15 +01:00
|
|
|
case <-timer.C:
|
|
|
|
}
|
2019-05-29 08:56:40 +01:00
|
|
|
|
|
|
|
if s.cfg.Options().IsStunDisabled() {
|
2020-01-10 10:24:15 +01:00
|
|
|
timer.Reset(time.Second)
|
|
|
|
continue
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
l.Debugf("Starting stun for %s", s)
|
|
|
|
|
2019-11-26 17:07:25 +01:00
|
|
|
for _, addr := range s.cfg.Options().StunServers() {
|
2019-05-29 08:56:40 +01:00
|
|
|
// This blocks until we hit an exit condition or there are issues with the STUN server.
|
|
|
|
// This returns a boolean signifying if a different STUN server should be tried (oppose to the whole thing
|
|
|
|
// shutting down and this winding itself down.
|
2020-01-10 10:24:15 +01:00
|
|
|
s.runStunForServer(ctx, addr)
|
|
|
|
|
|
|
|
// Have we been asked to stop?
|
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
2020-11-17 13:19:04 +01:00
|
|
|
return ctx.Err()
|
2020-01-10 10:24:15 +01:00
|
|
|
default:
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
2020-01-10 10:24:15 +01:00
|
|
|
// Are we disabled?
|
|
|
|
if s.cfg.Options().IsStunDisabled() {
|
|
|
|
l.Infoln("STUN disabled")
|
|
|
|
s.setNATType(NATUnknown)
|
|
|
|
s.setExternalAddress(nil, "")
|
|
|
|
goto disabled
|
|
|
|
}
|
|
|
|
|
|
|
|
// Unpunchable NAT? Chillout for some time.
|
|
|
|
if !s.isCurrentNATTypePunchable() {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
2019-05-29 08:56:40 +01:00
|
|
|
|
|
|
|
// We failed to contact all provided stun servers or the nat is not punchable.
|
|
|
|
// Chillout for a while.
|
2020-01-10 10:24:15 +01:00
|
|
|
timer.Reset(stunRetryInterval)
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-01-10 10:24:15 +01:00
|
|
|
func (s *Service) runStunForServer(ctx context.Context, addr string) {
|
2019-05-29 08:56:40 +01:00
|
|
|
l.Debugf("Running stun for %s via %s", s, addr)
|
|
|
|
|
|
|
|
// Resolve the address, so that in case the server advertises two
|
|
|
|
// IPs, we always hit the same one, as otherwise, the mapping might
|
|
|
|
// expire as we hit the other address, and cause us to flip flop
|
|
|
|
// between servers/external addresses, as a result flooding discovery
|
|
|
|
// servers.
|
|
|
|
udpAddr, err := net.ResolveUDPAddr("udp", addr)
|
|
|
|
if err != nil {
|
|
|
|
l.Debugf("%s stun addr resolution on %s: %s", s, addr, err)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
s.client.SetServerAddr(udpAddr.String())
|
|
|
|
|
2020-02-24 21:57:15 +01:00
|
|
|
var natType stun.NATType
|
|
|
|
var extAddr *stun.Host
|
2023-08-21 19:44:33 +02:00
|
|
|
err = svcutil.CallWithContext(ctx, func() error {
|
2020-02-24 21:57:15 +01:00
|
|
|
natType, extAddr, err = s.client.Discover()
|
|
|
|
return err
|
|
|
|
})
|
2019-05-29 08:56:40 +01:00
|
|
|
if err != nil || extAddr == nil {
|
|
|
|
l.Debugf("%s stun discovery on %s: %s", s, addr, err)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// The stun server is most likely borked, try another one.
|
|
|
|
if natType == NATError || natType == NATUnknown || natType == NATBlocked {
|
|
|
|
l.Debugf("%s stun discovery on %s resolved to %s", s, addr, natType)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
s.setNATType(natType)
|
|
|
|
l.Debugf("%s detected NAT type: %s via %s", s, natType, addr)
|
|
|
|
|
|
|
|
// We can't punch through this one, so no point doing keepalives
|
|
|
|
// and such, just let the caller check the nat type and work it out themselves.
|
|
|
|
if !s.isCurrentNATTypePunchable() {
|
|
|
|
l.Debugf("%s cannot punch %s, skipping", s, natType)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
2020-11-27 06:34:30 +00:00
|
|
|
s.setExternalAddress(extAddr, addr)
|
|
|
|
|
2020-01-10 10:24:15 +01:00
|
|
|
s.stunKeepAlive(ctx, addr, extAddr)
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
2020-01-10 10:24:15 +01:00
|
|
|
func (s *Service) stunKeepAlive(ctx context.Context, addr string, extAddr *Host) {
|
2019-05-29 08:56:40 +01:00
|
|
|
var err error
|
|
|
|
nextSleep := time.Duration(s.cfg.Options().StunKeepaliveStartS) * time.Second
|
|
|
|
|
|
|
|
l.Debugf("%s starting stun keepalive via %s, next sleep %s", s, addr, nextSleep)
|
|
|
|
|
2023-08-21 15:25:52 +02:00
|
|
|
var ourLastWrite time.Time
|
2019-05-29 08:56:40 +01:00
|
|
|
for {
|
|
|
|
if areDifferent(s.addr, extAddr) {
|
|
|
|
// If the port has changed (addresses are not equal but the hosts are equal),
|
|
|
|
// we're probably spending too much time between keepalives, reduce the sleep.
|
|
|
|
if s.addr != nil && extAddr != nil && s.addr.IP() == extAddr.IP() {
|
|
|
|
nextSleep /= 2
|
|
|
|
l.Debugf("%s stun port change (%s to %s), next sleep %s", s, s.addr.TransportAddr(), extAddr.TransportAddr(), nextSleep)
|
|
|
|
}
|
|
|
|
|
|
|
|
s.setExternalAddress(extAddr, addr)
|
|
|
|
|
|
|
|
// The stun server is probably stuffed, we've gone beyond min timeout, yet the address keeps changing.
|
|
|
|
minSleep := time.Duration(s.cfg.Options().StunKeepaliveMinS) * time.Second
|
|
|
|
if nextSleep < minSleep {
|
|
|
|
l.Debugf("%s keepalive aborting, sleep below min: %s < %s", s, nextSleep, minSleep)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Adjust the keepalives to fire only nextSleep after last write.
|
2023-08-21 15:25:52 +02:00
|
|
|
lastWrite := ourLastWrite
|
|
|
|
if quicLastWrite := s.lastWriter.LastWrite(); quicLastWrite.After(lastWrite) {
|
|
|
|
lastWrite = quicLastWrite
|
|
|
|
}
|
2019-05-29 08:56:40 +01:00
|
|
|
minSleep := time.Duration(s.cfg.Options().StunKeepaliveMinS) * time.Second
|
|
|
|
if nextSleep < minSleep {
|
|
|
|
nextSleep = minSleep
|
|
|
|
}
|
|
|
|
tryLater:
|
|
|
|
sleepFor := nextSleep
|
|
|
|
|
|
|
|
timeUntilNextKeepalive := time.Until(lastWrite.Add(sleepFor))
|
|
|
|
if timeUntilNextKeepalive > 0 {
|
|
|
|
sleepFor = timeUntilNextKeepalive
|
|
|
|
}
|
|
|
|
|
|
|
|
l.Debugf("%s stun sleeping for %s", s, sleepFor)
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-time.After(sleepFor):
|
2019-11-21 08:41:15 +01:00
|
|
|
case <-ctx.Done():
|
2019-05-29 08:56:40 +01:00
|
|
|
l.Debugf("%s stopping, aborting stun", s)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if s.cfg.Options().IsStunDisabled() {
|
|
|
|
// Disabled, give up
|
|
|
|
l.Debugf("%s disabled, aborting stun ", s)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// Check if any writes happened while we were sleeping, if they did, sleep again
|
2023-08-21 15:25:52 +02:00
|
|
|
lastWrite = s.lastWriter.LastWrite()
|
2019-05-29 08:56:40 +01:00
|
|
|
if gap := time.Since(lastWrite); gap < nextSleep {
|
|
|
|
l.Debugf("%s stun last write gap less than next sleep: %s < %s. Will try later", s, gap, nextSleep)
|
|
|
|
goto tryLater
|
|
|
|
}
|
|
|
|
|
|
|
|
l.Debugf("%s stun keepalive", s)
|
|
|
|
|
|
|
|
extAddr, err = s.client.Keepalive()
|
|
|
|
if err != nil {
|
|
|
|
l.Debugf("%s stun keepalive on %s: %s (%v)", s, addr, err, extAddr)
|
2020-01-10 10:24:15 +01:00
|
|
|
return
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
2023-08-21 15:25:52 +02:00
|
|
|
ourLastWrite = time.Now()
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Service) setNATType(natType NATType) {
|
|
|
|
if natType != s.natType {
|
|
|
|
l.Debugf("Notifying %s of NAT type change: %s", s.subscriber, natType)
|
|
|
|
s.subscriber.OnNATTypeChanged(natType)
|
|
|
|
}
|
|
|
|
s.natType = natType
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Service) setExternalAddress(addr *Host, via string) {
|
|
|
|
if areDifferent(s.addr, addr) {
|
|
|
|
l.Debugf("Notifying %s of address change: %s via %s", s.subscriber, addr, via)
|
|
|
|
s.subscriber.OnExternalAddressChanged(addr, via)
|
|
|
|
}
|
|
|
|
s.addr = addr
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Service) String() string {
|
|
|
|
return s.name
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Service) isCurrentNATTypePunchable() bool {
|
2019-08-06 13:26:02 +02:00
|
|
|
return s.natType == NATNone || s.natType == NATPortRestricted || s.natType == NATRestricted || s.natType == NATFull || s.natType == NATSymmetricUDPFirewall
|
2019-05-29 08:56:40 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func areDifferent(first, second *Host) bool {
|
|
|
|
if (first == nil) != (second == nil) {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
if first != nil {
|
|
|
|
return first.TransportAddr() != second.TransportAddr()
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|