Add ICE establishment parameters tuning, better debugging and a standalone

testing tool.

Author: chripell

.gitignore

@@ -1 +1,3 @@
 *~
+nattester/nattester
+stun/stunclient/stunclient

nat.go

@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
 	"net"
 	"time"
 
@@ -13,7 +14,24 @@ import (
 
 type ExchangeCandidatesFun func([]byte) []byte
 
-func Connect(xchg ExchangeCandidatesFun, initiator bool) (net.Conn, error) {
+type Config struct {
+	ProbeTimeout  time.Duration
+	ProbeInterval time.Duration
+	DecisionTime  time.Duration
+	PeerDeadline  time.Duration
+	Verbose       bool
+}
+
+func DefaultConfig() *Config {
+	return &Config{
+		ProbeTimeout:  500 * time.Millisecond,
+		ProbeInterval: 100 * time.Millisecond,
+		DecisionTime:  2 * time.Second,
+		PeerDeadline:  5 * time.Second,
+	}
+}
+
+func ConnectOpt(xchg ExchangeCandidatesFun, initiator bool, cfg *Config) (net.Conn, error) {
 	sock, err := net.ListenUDP("udp", &net.UDPAddr{})
 	if err != nil {
 		return nil, err
@@ -22,7 +40,9 @@ func Connect(xchg ExchangeCandidatesFun, initiator bool) (net.Conn, error) {
 	engine := &attemptEngine{
 		xchg:      xchg,
 		sock:      sock,
-		initiator: initiator}
+		initiator: initiator,
+		cfg:       cfg,
+	}
 
 	conn, err := engine.run()
 	if err != nil {
@@ -32,6 +52,10 @@ func Connect(xchg ExchangeCandidatesFun, initiator bool) (net.Conn, error) {
 	return conn, nil
 }
 
+func Connect(xchg ExchangeCandidatesFun, initiator bool) (net.Conn, error) {
+	return ConnectOpt(xchg, initiator, DefaultConfig())
+}
+
 type attempt struct {
 	candidate
 	tid       []byte
@@ -48,15 +72,9 @@ type attemptEngine struct {
 	attempts  []attempt
 	decision  time.Time
 	p2pconn   net.Conn
+	cfg       *Config
 }
 
-const (
-	probeTimeout  = 500 * time.Millisecond
-	probeInterval = 100 * time.Millisecond
-	decisionTime  = 2 * time.Second
-	peerDeadline  = 5 * time.Second
-)
-
 func (e *attemptEngine) init() error {
 	candidates, err := GatherCandidates(e.sock)
 	if err != nil {
@@ -80,7 +98,7 @@ func (e *attemptEngine) init() error {
 	}
 
 	e.sock.SetWriteDeadline(time.Time{})
-	e.decision = time.Now().Add(decisionTime)
+	e.decision = time.Now().Add(e.cfg.DecisionTime)
 
 	return nil
 }
@@ -92,7 +110,7 @@ func (e *attemptEngine) xmit() (time.Time, error) {
 
 	for i := range e.attempts {
 		if e.attempts[i].timeout.Before(now) {
-			e.attempts[i].timeout = time.Now().Add(probeTimeout)
+			e.attempts[i].timeout = time.Now().Add(e.cfg.ProbeTimeout)
 			e.attempts[i].tid, err = stun.RandomTid()
 			if err != nil {
 				return time.Time{}, err
@@ -101,6 +119,9 @@ func (e *attemptEngine) xmit() (time.Time, error) {
 			if err != nil {
 				return time.Time{}, err
 			}
+			if e.cfg.Verbose {
+				log.Printf("TX probe %v to %v", e.attempts[i].tid, e.attempts[i].Addr)
+			}
 			e.sock.WriteToUDP(packet, e.attempts[i].Addr)
 		}
 		if ret.IsZero() || e.attempts[i].timeout.Before(ret) {
@@ -122,20 +143,32 @@ func (e *attemptEngine) read() error {
 
 	packet, err := stun.ParsePacket(buf[:n], nil)
 	if err != nil {
+		if e.cfg.Verbose {
+			log.Printf("Cannot parse packet from %v: %v", from, err)
+		}
 		return nil
 	}
 
 	if packet.Method != stun.MethodBinding {
+		if e.cfg.Verbose {
+			log.Printf("Packet from %v is not a binding request", from)
+		}
 		return nil
 	}
 
 	switch packet.Class {
 	case stun.ClassRequest:
 		response, err := stun.BindResponse(packet.Tid[:], from, nil, false)
 		if err != nil {
+			if e.cfg.Verbose {
+				log.Printf("Cannot bind response: %v", err)
+			}
 			return nil
 		}
 		e.sock.WriteToUDP(response, from)
+		if e.cfg.Verbose {
+			log.Printf("RX %v from %v use candidate %v, answering", packet.Tid[:], from, packet.UseCandidate)
+		}
 		if packet.UseCandidate {
 			for i := range e.attempts {
 				if from.String() != e.attempts[i].Addr.String() {
@@ -144,12 +177,18 @@ func (e *attemptEngine) read() error {
 				if !e.attempts[i].success {
 					return errors.New("Initiator told us to use bad link")
 				}
+				if e.cfg.Verbose {
+					log.Printf("Choose local %v remote %v", e.attempts[i].localaddr, e.attempts[i].Addr)
+				}
 				e.p2pconn = newConn(e.sock, e.attempts[i].localaddr, e.attempts[i].Addr)
 				return nil
 			}
 		}
 
 	case stun.ClassSuccess:
+		if e.cfg.Verbose {
+			log.Printf("RX %v from %v", packet.Tid[:], from)
+		}
 		for i := range e.attempts {
 			if !bytes.Equal(packet.Tid[:], e.attempts[i].tid) {
 				continue
@@ -158,44 +197,28 @@ func (e *attemptEngine) read() error {
 				return nil
 			}
 			if e.attempts[i].chosen {
+				if e.cfg.Verbose {
+					log.Printf("Choose local %v remote %v", e.attempts[i].localaddr, e.attempts[i].Addr)
+				}
 				e.p2pconn = newConn(e.sock, e.attempts[i].localaddr, e.attempts[i].Addr)
 				return nil
 			}
 			e.attempts[i].success = true
 			e.attempts[i].localaddr = packet.Addr
-			e.attempts[i].timeout = time.Now().Add(probeInterval)
+			e.attempts[i].timeout = time.Now().Add(e.cfg.ProbeInterval)
 			return nil
 		}
 	}
 
 	return nil
 }
 
-func (e *attemptEngine) debug() {
-	if e.initiator {
-		return
-	}
-	buf := new(bytes.Buffer)
-	fmt.Fprintf(buf, "%t\t", e.initiator)
-	for _, att := range e.attempts {
-		timeout := att.timeout.Sub(time.Now())
-		if timeout < 0 {
-			timeout = 0
-		}
-		fmt.Fprintf(buf, "%s/%s/%s/%t\t", att.Addr, att.localaddr, timeout, att.success)
-	}
-	if e.initiator {
-		buf.WriteString("\n")
-	}
-	fmt.Println(buf.String())
-}
-
 func (e *attemptEngine) run() (net.Conn, error) {
 	if err := e.init(); err != nil {
 		return nil, err
 	}
 
-	endTime := time.Now().Add(peerDeadline)
+	endTime := time.Now().Add(e.cfg.PeerDeadline)
 	for {
 		if e.initiator && !e.decision.IsZero() && time.Now().After(e.decision) {
 			e.decision = time.Time{}
@@ -204,15 +227,13 @@ func (e *attemptEngine) run() (net.Conn, error) {
 			}
 		}
 
-		e.debug()
-
 		timeout, err := e.xmit()
 		if err != nil {
 			return nil, err
 		}
 
 		if time.Now().After(timeout) {
-			timeout = time.Now().Add(peerDeadline)
+			timeout = time.Now().Add(e.cfg.PeerDeadline)
 		}
 
 		e.sock.SetReadDeadline(timeout)
@@ -225,7 +246,7 @@ func (e *attemptEngine) run() (net.Conn, error) {
 		}
 
 		if time.Now().After(endTime) {
-			return nil, fmt.Errorf("haven't heard from my peer after %v", peerDeadline)
+			return nil, fmt.Errorf("haven't heard from my peer after %v", e.cfg.PeerDeadline)
 		}
 	}
 

nattester/nattester.go

@@ -0,0 +1,105 @@
+// nattester is a tool to quickly test ICE traversal when you have ssh working:
+//
+// scp nattester do.not.leak.hostnames.google.com:
+// nattester --initiator=hostname.example.com
+
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"flag"
+	"fmt"
+	"io"
+	"log"
+	"os"
+	"os/exec"
+	"strings"
+	"time"
+
+	"github.com/danderson/nat"
+)
+
+var (
+	initiator  = flag.String("initiator", "", "Name of host to ssh to")
+	testString = flag.String("test_string",
+		"The quick UDP packet jumped over the lazy TCP stream",
+		"String to test echo on")
+	cmd *exec.Cmd
+)
+
+func xchangeCandidates(mine []byte) []byte {
+	var (
+		out io.Reader
+		err error
+	)
+	if *initiator == "" {
+		fmt.Printf("%s\n", string(mine))
+		out = os.Stdin
+	} else {
+		cmd = exec.Command("ssh", *initiator, "./nattester")
+		cmd.Stdin = strings.NewReader(fmt.Sprintf("%s\n", mine))
+		out, err = cmd.StdoutPipe()
+		if err != nil {
+			log.Fatal(err)
+		}
+		if cmd.Start() != nil {
+			log.Fatal(err)
+		}
+	}
+	scanner := bufio.NewScanner(out)
+	for scanner.Scan() {
+		ret := scanner.Bytes()
+		if *initiator != "" {
+			go func() {
+				for scanner.Scan() {
+					fmt.Printf("REMOTE: %s\n", string(scanner.Bytes()))
+				}
+			}()
+		}
+		return ret
+	}
+	if err := scanner.Err(); err != nil {
+		log.Fatal(err)
+	}
+	log.Fatal("Got no candidates")
+	return nil
+}
+
+func main() {
+	log.SetOutput(os.Stdout)
+	flag.Parse()
+	cfg := nat.DefaultConfig()
+	cfg.Verbose = true
+	conn, err := nat.ConnectOpt(xchangeCandidates, *initiator != "", cfg)
+	if err != nil {
+		log.Fatalf("NO CARRIER: %v\n", err)
+	}
+	log.Println("CONNECT 9600")
+	conn.SetDeadline(time.Now().Add(10 * time.Second))
+	if *initiator == "" {
+		// Poor man's echo sever
+		io.Copy(conn, conn)
+		return
+	}
+	ret := 1
+	for {
+		if _, err := conn.Write([]byte(*testString)); err != nil {
+			log.Printf("NO CARRIER: %v\n", err)
+			break
+		}
+		recv := make([]byte, len(*testString))
+		if _, err := conn.Read(recv); err != nil {
+			log.Printf("NO CARRIER: %v\n", err)
+			break
+		}
+		log.Printf("RX: %v\n", recv)
+		if bytes.Compare(recv, []byte(*testString)) == 0 {
+			log.Print("Success!\n")
+			ret = 0
+			break
+		}
+	}
+	cmd.Process.Kill()
+	os.Exit(ret)
+}