blob: a44518bfa87f06f6674b0b792520c9bd8bcc1989 [file] [log] [blame]
/*
* Copyright 2004 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#include "p2p/base/stun_request.h"
#include <algorithm>
#include <memory>
#include <utility>
#include <vector>
#include "absl/memory/memory.h"
#include "api/task_queue/pending_task_safety_flag.h"
#include "rtc_base/checks.h"
#include "rtc_base/crypto_random.h"
#include "rtc_base/logging.h"
#include "rtc_base/string_encode.h"
#include "rtc_base/time_utils.h" // For TimeMillis
namespace cricket {
using ::webrtc::SafeTask;
// RFC 5389 says SHOULD be 500ms.
// For years, this was 100ms, but for networks that
// experience moments of high RTT (such as 2G networks), this doesn't
// work well.
const int STUN_INITIAL_RTO = 250; // milliseconds
// The timeout doubles each retransmission, up to this many times
// RFC 5389 says SHOULD retransmit 7 times.
// This has been 8 for years (not sure why).
const int STUN_MAX_RETRANSMISSIONS = 8; // Total sends: 9
// We also cap the doubling, even though the standard doesn't say to.
// This has been 1.6 seconds for years, but for networks that
// experience moments of high RTT (such as 2G networks), this doesn't
// work well.
const int STUN_MAX_RTO = 8000; // milliseconds, or 5 doublings
StunRequestManager::StunRequestManager(
webrtc::TaskQueueBase* thread,
std::function<void(const void*, size_t, StunRequest*)> send_packet)
: thread_(thread), send_packet_(std::move(send_packet)) {}
StunRequestManager::~StunRequestManager() = default;
void StunRequestManager::Send(StunRequest* request) {
SendDelayed(request, 0);
}
void StunRequestManager::SendDelayed(StunRequest* request, int delay) {
RTC_DCHECK_RUN_ON(thread_);
RTC_DCHECK_EQ(this, request->manager());
RTC_DCHECK(!request->AuthenticationRequired() ||
request->msg()->integrity() !=
StunMessage::IntegrityStatus::kNotSet)
<< "Sending request w/o integrity!";
auto [iter, was_inserted] =
requests_.emplace(request->id(), absl::WrapUnique(request));
RTC_DCHECK(was_inserted);
request->Send(webrtc::TimeDelta::Millis(delay));
}
void StunRequestManager::FlushForTest(int msg_type) {
RTC_DCHECK_RUN_ON(thread_);
for (const auto& [unused, request] : requests_) {
if (msg_type == kAllRequestsForTest || msg_type == request->type()) {
// Calling `Send` implies starting the send operation which may be posted
// on a timer and be repeated on a timer until timeout. To make sure that
// a call to `Send` doesn't conflict with a previously started `Send`
// operation, we reset the `task_safety_` flag here, which has the effect
// of canceling any outstanding tasks and prepare a new flag for
// operations related to this call to `Send`.
request->ResetTasksForTest();
request->Send(webrtc::TimeDelta::Zero());
}
}
}
bool StunRequestManager::HasRequestForTest(int msg_type) {
RTC_DCHECK_RUN_ON(thread_);
RTC_DCHECK_NE(msg_type, kAllRequestsForTest);
for (const auto& [unused, request] : requests_) {
if (msg_type == request->type()) {
return true;
}
}
return false;
}
void StunRequestManager::Clear() {
RTC_DCHECK_RUN_ON(thread_);
requests_.clear();
}
bool StunRequestManager::CheckResponse(StunMessage* msg) {
RTC_DCHECK_RUN_ON(thread_);
RequestMap::iterator iter = requests_.find(msg->transaction_id());
if (iter == requests_.end())
return false;
StunRequest* request = iter->second.get();
// Now that we know the request, we can see if the response is
// integrity-protected or not. Some requests explicitly disables
// integrity checks using SetAuthenticationRequired.
// TODO(chromium:1177125): Remove below!
// And we suspect that for some tests, the message integrity is not set in the
// request. Complain, and then don't check.
bool skip_integrity_checking =
(request->msg()->integrity() == StunMessage::IntegrityStatus::kNotSet);
if (!request->AuthenticationRequired()) {
// This is a STUN_BINDING to from stun_port.cc or
// the initial (unauthenticated) TURN_ALLOCATE_REQUEST.
} else if (skip_integrity_checking) {
// TODO(chromium:1177125): Remove below!
// This indicates lazy test writing (not adding integrity attribute).
// Complain, but only in debug mode (while developing).
RTC_LOG(LS_ERROR)
<< "CheckResponse called on a passwordless request. Fix test!";
RTC_DCHECK(false)
<< "CheckResponse called on a passwordless request. Fix test!";
} else {
if (msg->integrity() == StunMessage::IntegrityStatus::kNotSet) {
// Checking status for the first time. Normal.
msg->ValidateMessageIntegrity(request->msg()->password());
} else if (msg->integrity() == StunMessage::IntegrityStatus::kIntegrityOk &&
msg->password() == request->msg()->password()) {
// Status is already checked, with the same password. This is the case
// we would want to see happen.
} else if (msg->integrity() ==
StunMessage::IntegrityStatus::kIntegrityBad) {
// This indicates that the original check had the wrong password.
// Bad design, needs revisiting.
// TODO(crbug.com/1177125): Fix this.
msg->RevalidateMessageIntegrity(request->msg()->password());
} else {
RTC_CHECK_NOTREACHED();
}
}
if (!msg->GetNonComprehendedAttributes().empty()) {
// If a response contains unknown comprehension-required attributes, it's
// simply discarded and the transaction is considered failed. See RFC5389
// sections 7.3.3 and 7.3.4.
RTC_LOG(LS_ERROR) << ": Discarding response due to unknown "
"comprehension-required attribute.";
requests_.erase(iter);
return false;
} else if (msg->type() == GetStunSuccessResponseType(request->type())) {
if (!msg->IntegrityOk() && !skip_integrity_checking) {
return false;
}
// Erase element from hash before calling callback. This ensures
// that the callback can modify the StunRequestManager any way it
// sees fit.
std::unique_ptr<StunRequest> owned_request = std::move(iter->second);
requests_.erase(iter);
owned_request->OnResponse(msg);
return true;
} else if (msg->type() == GetStunErrorResponseType(request->type())) {
// Erase element from hash before calling callback. This ensures
// that the callback can modify the StunRequestManager any way it
// sees fit.
std::unique_ptr<StunRequest> owned_request = std::move(iter->second);
requests_.erase(iter);
owned_request->OnErrorResponse(msg);
return true;
} else {
RTC_LOG(LS_ERROR) << "Received response with wrong type: " << msg->type()
<< " (expecting "
<< GetStunSuccessResponseType(request->type()) << ")";
return false;
}
}
bool StunRequestManager::empty() const {
RTC_DCHECK_RUN_ON(thread_);
return requests_.empty();
}
bool StunRequestManager::CheckResponse(const char* data, size_t size) {
RTC_DCHECK_RUN_ON(thread_);
// Check the appropriate bytes of the stream to see if they match the
// transaction ID of a response we are expecting.
if (size < 20)
return false;
std::string id;
id.append(data + kStunTransactionIdOffset, kStunTransactionIdLength);
RequestMap::iterator iter = requests_.find(id);
if (iter == requests_.end())
return false;
// Parse the STUN message and continue processing as usual.
rtc::ByteBufferReader buf(
rtc::MakeArrayView(reinterpret_cast<const uint8_t*>(data), size));
std::unique_ptr<StunMessage> response(iter->second->msg_->CreateNew());
if (!response->Read(&buf)) {
RTC_LOG(LS_WARNING) << "Failed to read STUN response "
<< rtc::hex_encode(id);
return false;
}
return CheckResponse(response.get());
}
void StunRequestManager::OnRequestTimedOut(StunRequest* request) {
RTC_DCHECK_RUN_ON(thread_);
requests_.erase(request->id());
}
void StunRequestManager::SendPacket(const void* data,
size_t size,
StunRequest* request) {
RTC_DCHECK_EQ(this, request->manager());
send_packet_(data, size, request);
}
StunRequest::StunRequest(StunRequestManager& manager)
: manager_(manager),
msg_(new StunMessage(STUN_INVALID_MESSAGE_TYPE)),
tstamp_(0),
count_(0),
timeout_(false) {
RTC_DCHECK_RUN_ON(network_thread());
}
StunRequest::StunRequest(StunRequestManager& manager,
std::unique_ptr<StunMessage> message)
: manager_(manager),
msg_(std::move(message)),
tstamp_(0),
count_(0),
timeout_(false) {
RTC_DCHECK_RUN_ON(network_thread());
RTC_DCHECK(!msg_->transaction_id().empty());
}
StunRequest::~StunRequest() {}
int StunRequest::type() {
RTC_DCHECK(msg_ != NULL);
return msg_->type();
}
const StunMessage* StunRequest::msg() const {
return msg_.get();
}
int StunRequest::Elapsed() const {
RTC_DCHECK_RUN_ON(network_thread());
return static_cast<int>(rtc::TimeMillis() - tstamp_);
}
void StunRequest::SendInternal() {
RTC_DCHECK_RUN_ON(network_thread());
if (timeout_) {
OnTimeout();
manager_.OnRequestTimedOut(this);
return;
}
tstamp_ = rtc::TimeMillis();
rtc::ByteBufferWriter buf;
msg_->Write(&buf);
manager_.SendPacket(buf.Data(), buf.Length(), this);
OnSent();
SendDelayed(webrtc::TimeDelta::Millis(resend_delay()));
}
void StunRequest::SendDelayed(webrtc::TimeDelta delay) {
network_thread()->PostDelayedTask(
SafeTask(task_safety_.flag(), [this]() { SendInternal(); }), delay);
}
void StunRequest::Send(webrtc::TimeDelta delay) {
RTC_DCHECK_RUN_ON(network_thread());
RTC_DCHECK_GE(delay.ms(), 0);
RTC_DCHECK(!task_safety_.flag()->alive()) << "Send already called?";
task_safety_.flag()->SetAlive();
delay.IsZero() ? SendInternal() : SendDelayed(delay);
}
void StunRequest::ResetTasksForTest() {
RTC_DCHECK_RUN_ON(network_thread());
task_safety_.reset(webrtc::PendingTaskSafetyFlag::CreateDetachedInactive());
count_ = 0;
RTC_DCHECK(!timeout_);
}
void StunRequest::OnSent() {
RTC_DCHECK_RUN_ON(network_thread());
count_ += 1;
int retransmissions = (count_ - 1);
if (retransmissions >= STUN_MAX_RETRANSMISSIONS) {
timeout_ = true;
}
RTC_DLOG(LS_VERBOSE) << "Sent STUN request " << count_
<< "; resend delay = " << resend_delay();
}
int StunRequest::resend_delay() {
RTC_DCHECK_RUN_ON(network_thread());
if (count_ == 0) {
return 0;
}
int retransmissions = (count_ - 1);
int rto = STUN_INITIAL_RTO << retransmissions;
return std::min(rto, STUN_MAX_RTO);
}
void StunRequest::set_timed_out() {
RTC_DCHECK_RUN_ON(network_thread());
timeout_ = true;
}
} // namespace cricket