Skip to content
This repository was archived by the owner on Aug 30, 2024. It is now read-only.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit f889e54

Browse files
kylecarbskylecarbs
committedApr 22, 2021
feat: Use internal TURN server for proxying
1 parent 980b331 commit f889e54

File tree

4 files changed

+28
-16
lines changed

4 files changed

+28
-16
lines changed
 

‎agent/stream.go

+5-1
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,11 @@ func (s *stream) processMessage(msg proto.Message) {
8383
}
8484

8585
if msg.Offer != nil {
86-
rtc, err := xwebrtc.NewPeerConnection()
86+
if msg.Servers == nil {
87+
s.fatal(fmt.Errorf("servers must be sent with offer"))
88+
return
89+
}
90+
rtc, err := xwebrtc.NewPeerConnection(msg.Servers)
8791
if err != nil {
8892
s.fatal(fmt.Errorf("create connection: %w", err))
8993
return

‎internal/cmd/tunnel.go

+20-9
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import (
66
"fmt"
77
"io"
88
"net"
9+
"net/url"
910
"os"
1011
"strconv"
1112
"time"
@@ -57,7 +58,7 @@ coder tunnel my-dev 3000 3000
5758
}
5859
baseURL := sdk.BaseURL()
5960

60-
envs, err := sdk.Environments(ctx)
61+
envs, err := getEnvs(ctx, sdk, coder.Me)
6162
if err != nil {
6263
return err
6364
}
@@ -79,8 +80,8 @@ coder tunnel my-dev 3000 3000
7980
localPort: uint16(localPort),
8081
remotePort: uint16(remotePort),
8182
ctx: context.Background(),
82-
logger: log,
83-
brokerAddr: baseURL.String(),
83+
logger: log.Leveled(slog.LevelDebug),
84+
brokerAddr: baseURL,
8485
token: sdk.Token(),
8586
}
8687

@@ -98,7 +99,7 @@ coder tunnel my-dev 3000 3000
9899

99100
type client struct {
100101
ctx context.Context
101-
brokerAddr string
102+
brokerAddr url.URL
102103
token string
103104
logger slog.Logger
104105
id string
@@ -108,8 +109,9 @@ type client struct {
108109
}
109110

110111
func (c *client) start() error {
111-
url := fmt.Sprintf("%s%s%s%s%s", c.brokerAddr, "/api/private/envagent/", c.id, "/connect?session_token=", c.token)
112-
c.logger.Info(c.ctx, "connecting to broker", slog.F("url", url))
112+
url := fmt.Sprintf("%s%s%s%s%s", c.brokerAddr.String(), "/api/private/envagent/", c.id, "/connect?session_token=", c.token)
113+
tcpProxy := fmt.Sprintf("turn:%s:5349?transport=tcp", c.brokerAddr.Host)
114+
c.logger.Info(c.ctx, "connecting to broker", slog.F("url", url), slog.F("tcp-proxy", tcpProxy))
113115

114116
conn, resp, err := websocket.Dial(c.ctx, url, nil)
115117
if err != nil && resp == nil {
@@ -122,7 +124,15 @@ func (c *client) start() error {
122124
}
123125
nconn := websocket.NetConn(context.Background(), conn, websocket.MessageBinary)
124126

125-
rtc, err := xwebrtc.NewPeerConnection()
127+
// Only enabled under a private feature flag for now,
128+
// so insecure connections are entirely fine to allow.
129+
servers := []webrtc.ICEServer{{
130+
URLs: []string{tcpProxy},
131+
Username: "insecure",
132+
Credential: "pass",
133+
CredentialType: webrtc.ICECredentialTypePassword,
134+
}}
135+
rtc, err := xwebrtc.NewPeerConnection(servers)
126136
if err != nil {
127137
return fmt.Errorf("create connection: %w", err)
128138
}
@@ -150,16 +160,17 @@ func (c *client) start() error {
150160
if err != nil {
151161
return fmt.Errorf("set local desc: %w", err)
152162
}
153-
flushCandidates()
154163

155164
c.logger.Debug(context.Background(), "writing offer")
156165
b, _ := json.Marshal(&proto.Message{
157-
Offer: &localDesc,
166+
Offer: &localDesc,
167+
Servers: servers,
158168
})
159169
_, err = nconn.Write(b)
160170
if err != nil {
161171
return fmt.Errorf("write offer: %w", err)
162172
}
173+
flushCandidates()
163174

164175
go func() {
165176
err = xwebrtc.WaitForDataChannelOpen(context.Background(), channel)

‎internal/x/xwebrtc/conn.go

+2-6
Original file line numberDiff line numberDiff line change
@@ -4,16 +4,12 @@ import "github.com/pion/webrtc/v3"
44

55
// NewPeerConnection creates a new peer connection.
66
// It uses the Google stun server by default.
7-
func NewPeerConnection() (*webrtc.PeerConnection, error) {
7+
func NewPeerConnection(servers []webrtc.ICEServer) (*webrtc.PeerConnection, error) {
88
se := webrtc.SettingEngine{}
99
se.DetachDataChannels()
1010
api := webrtc.NewAPI(webrtc.WithSettingEngine(se))
1111

1212
return api.NewPeerConnection(webrtc.Configuration{
13-
ICEServers: []webrtc.ICEServer{
14-
{
15-
URLs: []string{"stun:stun.l.google.com:19302"},
16-
},
17-
},
13+
ICEServers: servers,
1814
})
1915
}

‎pkg/proto/message.go

+1
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ type Message struct {
1313
Error string `json:"error"`
1414
Candidate string `json:"candidate"`
1515
Offer *webrtc.SessionDescription `json:"offer"`
16+
Servers []webrtc.ICEServer `json:"servers"`
1617
Answer *webrtc.SessionDescription `json:"answer"`
1718
}
1819

0 commit comments

Comments
 (0)
Failed to load comments.