Google Git
Sign in
webrtc / src / b84097e13973a726d5099e9a211f3c9d52b6fa43 / . / rtc_base / nat_server.cc
blob: f21d404bd3c332b10c0313086117d8d2fa4fb2f8 [file] [log] [blame]
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1/*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Jonas Olssona4d87372019-07-05 17:08:33[diff] [blame]11#include "rtc_base/nat_server.h"
12
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]13#include <cstddef>
Per K056782c2024-01-30 11:32:05[diff] [blame]14#include <cstdint>
jbauch555604a2016-04-26 10:13:22[diff] [blame]15#include <memory>
16
Per K056782c2024-01-30 11:32:05[diff] [blame]17#include "api/array_view.h"
Mirko Bonadei92ea95e2017-09-15 04:47:31[diff] [blame]18#include "rtc_base/checks.h"
19#include "rtc_base/logging.h"
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]20#include "rtc_base/nat_socket_factory.h"
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]21#include "rtc_base/network/received_packet.h"
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]22#include "rtc_base/socket_adapters.h"
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]23#include "rtc_base/socket_address.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]24
25namespace rtc {
26
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]27RouteCmp::RouteCmp(NAT* nat) : symmetric(nat->IsSymmetric()) {}
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]28
29size_t RouteCmp::operator()(const SocketAddressPair& r) const {
30 size_t h = r.source().Hash();
31 if (symmetric)
32 h ^= r.destination().Hash();
33 return h;
34}
35
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]36bool RouteCmp::operator()(const SocketAddressPair& r1,
37 const SocketAddressPair& r2) const {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]38 if (r1.source() < r2.source())
39 return true;
40 if (r2.source() < r1.source())
41 return false;
42 if (symmetric && (r1.destination() < r2.destination()))
43 return true;
44 if (symmetric && (r2.destination() < r1.destination()))
45 return false;
46 return false;
47}
48
49AddrCmp::AddrCmp(NAT* nat)
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]50 : use_ip(nat->FiltersIP()), use_port(nat->FiltersPort()) {}
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]51
52size_t AddrCmp::operator()(const SocketAddress& a) const {
53 size_t h = 0;
54 if (use_ip)
55 h ^= HashIP(a.ipaddr());
56 if (use_port)
57 h ^= a.port() | (a.port() << 16);
58 return h;
59}
60
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]61bool AddrCmp::operator()(const SocketAddress& a1,
62 const SocketAddress& a2) const {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]63 if (use_ip && (a1.ipaddr() < a2.ipaddr()))
64 return true;
65 if (use_ip && (a2.ipaddr() < a1.ipaddr()))
66 return false;
67 if (use_port && (a1.port() < a2.port()))
68 return true;
69 if (use_port && (a2.port() < a1.port()))
70 return false;
71 return false;
72}
73
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]74// Proxy socket that will capture the external destination address intended for
75// a TCP connection to the NAT server.
76class NATProxyServerSocket : public AsyncProxyServerSocket {
77 public:
Niels Möllerd0b88792021-08-12 08:32:30[diff] [blame]78 NATProxyServerSocket(Socket* socket)
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]79 : AsyncProxyServerSocket(socket, kNATEncodedIPv6AddressSize) {
80 BufferInput(true);
81 }
82
83 void SendConnectResult(int err, const SocketAddress& addr) override {
84 char code = err ? 1 : 0;
85 BufferedReadAdapter::DirectSend(&code, sizeof(char));
86 }
87
88 protected:
89 void ProcessInput(char* data, size_t* len) override {
90 if (*len < 2) {
91 return;
92 }
93
94 int family = data[1];
nisseede5da42017-01-12 13:15:36[diff] [blame]95 RTC_DCHECK(family == AF_INET || family == AF_INET6);
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]96 if ((family == AF_INET && *len < kNATEncodedIPv4AddressSize) ||
97 (family == AF_INET6 && *len < kNATEncodedIPv6AddressSize)) {
98 return;
99 }
100
101 SocketAddress dest_addr;
Per K056782c2024-01-30 11:32:05[diff] [blame]102 size_t address_length = UnpackAddressFromNAT(
103 MakeArrayView(reinterpret_cast<const uint8_t*>(data), *len),
104 &dest_addr);
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]105 *len -= address_length;
106 if (*len > 0) {
107 memmove(data, data + address_length, *len);
108 }
109
110 bool remainder = (*len > 0);
111 BufferInput(false);
112 SignalConnectRequest(this, dest_addr);
113 if (remainder) {
114 SignalReadEvent(this);
115 }
116 }
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]117};
118
119class NATProxyServer : public ProxyServer {
120 public:
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]121 NATProxyServer(SocketFactory* int_factory,
122 const SocketAddress& int_addr,
123 SocketFactory* ext_factory,
124 const SocketAddress& ext_ip)
125 : ProxyServer(int_factory, int_addr, ext_factory, ext_ip) {}
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]126
127 protected:
Niels Möllerd0b88792021-08-12 08:32:30[diff] [blame]128 AsyncProxyServerSocket* WrapSocket(Socket* socket) override {
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]129 return new NATProxyServerSocket(socket);
130 }
131};
132
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]133NATServer::NATServer(NATType type,
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]134 rtc::Thread& internal_socket_thread,
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]135 SocketFactory* internal,
136 const SocketAddress& internal_udp_addr,
137 const SocketAddress& internal_tcp_addr,
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]138 rtc::Thread& external_socket_thread,
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]139 SocketFactory* external,
140 const SocketAddress& external_ip)
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]141 : internal_socket_thread_(internal_socket_thread),
142 external_socket_thread_(external_socket_thread),
143 external_(external),
144 external_ip_(external_ip.ipaddr(), 0) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]145 nat_ = NAT::Create(type);
146
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]147 internal_socket_thread_.BlockingCall([&] {
148 udp_server_socket_ = AsyncUDPSocket::Create(internal, internal_udp_addr);
149 udp_server_socket_->RegisterReceivedPacketCallback(
150 [&](rtc::AsyncPacketSocket* socket, const rtc::ReceivedPacket& packet) {
151 OnInternalUDPPacket(socket, packet);
152 });
153 });
154
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]155 tcp_proxy_server_ =
156 new NATProxyServer(internal, internal_tcp_addr, external, external_ip);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]157
158 int_map_ = new InternalMap(RouteCmp(nat_));
159 ext_map_ = new ExternalMap();
160}
161
162NATServer::~NATServer() {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]163 for (InternalMap::iterator iter = int_map_->begin(); iter != int_map_->end();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]164 iter++)
165 delete iter->second;
166
167 delete nat_;
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]168 delete udp_server_socket_;
169 delete tcp_proxy_server_;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]170 delete int_map_;
171 delete ext_map_;
172}
173
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]174void NATServer::OnInternalUDPPacket(AsyncPacketSocket* socket,
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]175 const rtc::ReceivedPacket& packet) {
176 RTC_DCHECK(internal_socket_thread_.IsCurrent());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]177 // Read the intended destination from the wire.
178 SocketAddress dest_addr;
Per K056782c2024-01-30 11:32:05[diff] [blame]179 size_t length = UnpackAddressFromNAT(packet.payload(), &dest_addr);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]180
181 // Find the translation for these addresses (allocating one if necessary).
Per K056782c2024-01-30 11:32:05[diff] [blame]182 SocketAddressPair route(packet.source_address(), dest_addr);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]183 InternalMap::iterator iter = int_map_->find(route);
184 if (iter == int_map_->end()) {
185 Translate(route);
186 iter = int_map_->find(route);
187 }
nisseede5da42017-01-12 13:15:36[diff] [blame]188 RTC_DCHECK(iter != int_map_->end());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]189
190 // Allow the destination to send packets back to the source.
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]191 iter->second->AllowlistInsert(dest_addr);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]192
193 // Send the packet to its intended destination.
194 rtc::PacketOptions options;
Per K056782c2024-01-30 11:32:05[diff] [blame]195 const char* buf = reinterpret_cast<const char*>(packet.payload().data());
196 size_t size = packet.payload().size();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]197 iter->second->socket->SendTo(buf + length, size - length, dest_addr, options);
198}
199
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]200void NATServer::OnExternalUDPPacket(AsyncPacketSocket* socket,
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]201 const rtc::ReceivedPacket& packet) {
202 RTC_DCHECK(external_socket_thread_.IsCurrent());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]203 SocketAddress local_addr = socket->GetLocalAddress();
204
205 // Find the translation for this addresses.
206 ExternalMap::iterator iter = ext_map_->find(local_addr);
nisseede5da42017-01-12 13:15:36[diff] [blame]207 RTC_DCHECK(iter != ext_map_->end());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]208
209 // Allow the NAT to reject this packet.
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]210 if (ShouldFilterOut(iter->second, packet.source_address())) {
211 RTC_LOG(LS_INFO) << "Packet from "
212 << packet.source_address().ToSensitiveString()
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]213 << " was filtered out by the NAT.";
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]214 return;
215 }
216
217 // Forward this packet to the internal address.
218 // First prepend the address in a quasi-STUN format.
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]219 std::unique_ptr<char[]> real_buf(
220 new char[packet.payload().size() + kNATEncodedIPv6AddressSize]);
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]221 size_t addrlength = PackAddressForNAT(
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]222 real_buf.get(), packet.payload().size() + kNATEncodedIPv6AddressSize,
223 packet.source_address());
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]224 // Copy the data part after the address.
225 rtc::PacketOptions options;
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]226 memcpy(real_buf.get() + addrlength, packet.payload().data(),
227 packet.payload().size());
228 udp_server_socket_->SendTo(real_buf.get(),
229 packet.payload().size() + addrlength,
deadbeefc5d0d952015-07-16 17:22:21[diff] [blame]230 iter->second->route.source(), options);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]231}
232
233void NATServer::Translate(const SocketAddressPair& route) {
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]234 external_socket_thread_.BlockingCall([&] {
235 AsyncUDPSocket* socket = AsyncUDPSocket::Create(external_, external_ip_);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]236
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]237 if (!socket) {
238 RTC_LOG(LS_ERROR) << "Couldn't find a free port!";
239 return;
240 }
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]241
Per Ka8cd2ba2023-12-13 07:10:06[diff] [blame]242 TransEntry* entry = new TransEntry(route, socket, nat_);
243 (*int_map_)[route] = entry;
244 (*ext_map_)[socket->GetLocalAddress()] = entry;
245 socket->RegisterReceivedPacketCallback(
246 [&](rtc::AsyncPacketSocket* socket, const rtc::ReceivedPacket& packet) {
247 OnExternalUDPPacket(socket, packet);
248 });
249 });
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]250}
251
252bool NATServer::ShouldFilterOut(TransEntry* entry,
253 const SocketAddress& ext_addr) {
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]254 return entry->AllowlistContains(ext_addr);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]255}
256
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]257NATServer::TransEntry::TransEntry(const SocketAddressPair& r,
258 AsyncUDPSocket* s,
259 NAT* nat)
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]260 : route(r), socket(s) {
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]261 allowlist = new AddressSet(AddrCmp(nat));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]262}
263
264NATServer::TransEntry::~TransEntry() {
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]265 delete allowlist;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]266 delete socket;
267}
268
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]269void NATServer::TransEntry::AllowlistInsert(const SocketAddress& addr) {
Markus Handell18523c32020-07-08 15:55:58[diff] [blame]270 webrtc::MutexLock lock(&mutex_);
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]271 allowlist->insert(addr);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]272}
273
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]274bool NATServer::TransEntry::AllowlistContains(const SocketAddress& ext_addr) {
Markus Handell18523c32020-07-08 15:55:58[diff] [blame]275 webrtc::MutexLock lock(&mutex_);
Mirko Bonadeic3efe1a2020-06-30 12:24:09[diff] [blame]276 return allowlist->find(ext_addr) == allowlist->end();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]277}
278
279} // namespace rtc