-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
163 lines (149 loc) · 4.03 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
package main
import (
"fmt"
"net"
"net/http"
_ "net/http/pprof"
"strings"
"github.com/gortc/stun"
"github.com/pkg/errors"
log "github.com/sirupsen/logrus"
)
// Server is RFC 5389 basic server implementation.
//
// Current implementation is UDP only and not utilizes FINGERPRINT mechanism,
// nor ALTERNATE-SERVER, nor credentials mechanisms. It does not support
// backwards compatibility with RFC 3489.
//
// The STUN server MUST support the Binding method. It SHOULD NOT
// utilize the short-term or long-term credential mechanism. This is
// because the work involved in authenticating the request is more than
// the work in simply processing it. It SHOULD NOT utilize the
// ALTERNATE-SERVER mechanism for the same reason. It MUST support UDP
// and TCP. It MAY support STUN over TCP/TLS; however, TLS provides
// minimal security benefits in this basic mode of operation. It MAY
// utilize the FINGERPRINT mechanism but MUST NOT require it. Since the
// stand-alone server only runs STUN, FINGERPRINT provides no benefit.
// Requiring it would break compatibility with RFC 3489, and such
// compatibility is desirable in a stand-alone server. Stand-alone STUN
// servers SHOULD support backwards compatibility with [RFC3489]
// clients, as described in Section 12.
//
// It is RECOMMENDED that administrators of STUN servers provide DNS
// entries for those servers as described in Section 9.
//
// A basic STUN server is not a solution for NAT traversal by itself.
// However, it can be utilized as part of a solution through STUN
// usages. This is discussed further in Section 14.
type Server struct {
}
var (
software = stun.NewSoftware("stuns")
)
var (
errNotSTUNMessage = errors.New("not stun message")
)
func basicProcess(addr net.Addr, b []byte, req, res *stun.Message) error {
if !stun.IsMessage(b) {
return errNotSTUNMessage
}
if _, err := req.Write(b); err != nil {
return errors.Wrap(err, "failed to read message")
}
var (
ip net.IP
port int
)
switch a := addr.(type) {
case *net.UDPAddr:
ip = a.IP
port = a.Port
default:
log.Fatalf("Unknown addr: %v", addr)
}
return res.Build(
stun.NewTransactionIDSetter(req.TransactionID),
stun.NewType(stun.MethodBinding, stun.ClassSuccessResponse),
software,
&stun.XORMappedAddress{
IP: ip,
Port: port,
},
stun.Fingerprint,
)
}
func (s *Server) serveConn(c net.PacketConn, res, req *stun.Message) error {
if c == nil {
return nil
}
buf := make([]byte, 1024)
n, addr, err := c.ReadFrom(buf)
if err != nil {
log.Errorf("ReadFrom: %v", err)
return nil
}
log.Debugf("read %d bytes from %s", n, addr)
if _, err = req.Write(buf[:n]); err != nil {
return err
}
if err = basicProcess(addr, buf[:n], req, res); err != nil {
if err == errNotSTUNMessage {
return nil
}
log.Errorf("basicProcess: %v", err)
return nil
}
_, err = c.WriteTo(res.Raw, addr)
if err != nil {
log.Errorf("WriteTo: %v", err)
}
return err
}
// Serve reads packets from connections and responds to BINDING requests.
func (s *Server) Serve(c net.PacketConn) error {
var (
res = new(stun.Message)
req = new(stun.Message)
)
for {
err := s.serveConn(c, res, req)
if err != nil {
log.Debugf("serve: %v", err)
//return err
}
res.Reset()
req.Reset()
}
}
// ListenUDPAndServe listens on laddr and process incoming packets.
func ListenUDPAndServe(serverNet, laddr string) error {
c, err := net.ListenPacket(serverNet, laddr)
if err != nil {
return err
}
return new(Server).Serve(c)
}
func normalize(address string) string {
if len(address) == 0 {
address = "0.0.0.0"
}
if !strings.Contains(address, ":") {
address = fmt.Sprintf("%s:%d", address, stun.DefaultPort)
}
return address
}
func main() {
if opts.Profile {
go func() {
log.Println(http.ListenAndServe(":6666", nil))
}()
}
switch opts.Transport {
case "udp":
normalized := normalize(opts.Addr)
log.Infoln("stuns listening on", normalized, "via", opts.Transport)
log.Fatalln(ListenUDPAndServe(opts.Transport, normalized))
default:
log.Fatalln("Unsupported network:", opts.Transport)
}
}