Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #2396 from gravitl/remove-stun

remove stun
Alex Feiszli 2 years ago
parent
ae92499a32 5857ff45d4
commit
0046baee1a
7 changed files with 1 additions and 176 deletions
Split View Show Diff Stats
  1. 1 3
      compose/docker-compose.yml
  2. 0 6
      docker/Caddyfile
  3. 0 6
      docker/Caddyfile-EE
  4. 0 5
      main.go
  5. 0 1
      scripts/nm-certs.sh
  6. 0 1
      scripts/nm-upgrade-0-17-1-to-0-19-0.sh
  7. 0 154
      stun-server/stun-server.go

+ 1 - 3
compose/docker-compose.yml
View File 

@@ -12,7 +12,7 @@ services:
 
       - sqldata:/root/data
 
     environment:
 
       # config-dependant vars
 
-      - STUN_LIST=stun.${NM_DOMAIN}:${STUN_PORT},stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302
 
+      - STUN_LIST=stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302
 
       # The domain/host IP indicating the mq broker address
 
       - BROKER_ENDPOINT=wss://broker.${NM_DOMAIN}
 
       # The base domain of netmaker
 
@@ -26,8 +26,6 @@ services:
 
       - TURN_SERVER_HOST=turn.${NM_DOMAIN}
 
       # domain of the turn api server
 
       - TURN_SERVER_API_HOST=https://turnapi.${NM_DOMAIN}
 
-    ports:
 
-      - "3478:3478/udp"
 
 
   netmaker-ui:
 
     container_name: netmaker-ui

+ 0 - 6
docker/Caddyfile
View File 

@@ -26,12 +26,6 @@ https://api.{$NM_DOMAIN} {
 
 	reverse_proxy http://netmaker:8081
 
 }
 
 
-# STUN
 
-https://stun.{$NM_DOMAIN} {
 
-	tls /root/certs/fullchain.pem /root/certs/privkey.pem
 
-	reverse_proxy netmaker:3478
 
-}
 
-
 
 # TURN
 
 https://turn.{$NM_DOMAIN} {
 
 	tls /root/certs/fullchain.pem /root/certs/privkey.pem

+ 0 - 6
docker/Caddyfile-EE
View File 

@@ -44,12 +44,6 @@ https://api.{$NM_DOMAIN} {
 
 	reverse_proxy http://netmaker:8081
 
 }
 
 
-# STUN
 
-https://stun.{$NM_DOMAIN} {
 
-	tls /root/certs/fullchain.pem /root/certs/privkey.pem
 
-	reverse_proxy netmaker:3478
 
-}
 
-
 
 # TURN
 
 https://turn.{$NM_DOMAIN} {
 
 	tls /root/certs/fullchain.pem /root/certs/privkey.pem

+ 0 - 5
main.go
View File 

@@ -26,7 +26,6 @@ import (
 
 	"github.com/gravitl/netmaker/netclient/ncutils"
 
 	"github.com/gravitl/netmaker/servercfg"
 
 	"github.com/gravitl/netmaker/serverctl"
 
-	stunserver "github.com/gravitl/netmaker/stun-server"
 
 	"golang.org/x/exp/slog"
 
 )
 
 
@@ -149,10 +148,6 @@ func startControllers(wg *sync.WaitGroup, ctx context.Context) {
 
 		logger.Log(0, "No Server Mode selected, so nothing is being served! Set Rest mode (REST_BACKEND) or MessageQueue (MESSAGEQUEUE_BACKEND) to 'true'.")
 
 	}
 
 
-	// starts the stun server
 
-	wg.Add(1)
 
-	go stunserver.Start(wg, ctx)
 
-
 
 	wg.Add(1)
 
 	go logic.StartHookManager(ctx, wg)
 
 }

+ 0 - 1
scripts/nm-certs.sh
View File 

@@ -31,7 +31,6 @@ CERTBOT_PARAMS=$(cat <<EOF
 
 certonly --standalone \
 
 	--non-interactive --agree-tos \
 
 	-m $NM_EMAIL \
 
-	-d stun.$NM_DOMAIN \
 
 	-d api.$NM_DOMAIN \
 
 	-d broker.$NM_DOMAIN \
 
 	-d dashboard.$NM_DOMAIN \

+ 0 - 1
scripts/nm-upgrade-0-17-1-to-0-19-0.sh
View File 

@@ -259,7 +259,6 @@ collect_server_settings() {
 
     esac
 
   done
 
 
-  STUN_DOMAIN="stun.$SERVER_NAME"
 
   TURN_DOMAIN="turn.$SERVER_NAME"
 
   TURNAPI_DOMAIN="turnapi.$SERVER_NAME"
 
   echo "-----------------------------------------------------"

+ 0 - 154
stun-server/stun-server.go
View File 

@@ -1,154 +0,0 @@
 
-package stunserver
 
-
 
-import (
 
-	"context"
 
-	"fmt"
 
-	"net"
 
-	"strings"
 
-	"sync"
 
-
 
-	"github.com/gravitl/netmaker/logger"
 
-	"github.com/gravitl/netmaker/servercfg"
 
-	"github.com/pkg/errors"
 
-	"gortc.io/stun"
 
-)
 
-
 
-// Server is RFC 5389 basic server implementation.
 
-//
 
-// Current implementation is UDP only and not utilizes FINGERPRINT mechanism,
 
-// nor ALTERNATE-SERVER, nor credentials mechanisms. It does not support
 
-// backwards compatibility with RFC 3489.
 
-type Server struct {
 
-	Addr string
 
-}
 
-
 
-var (
 
-	software          = stun.NewSoftware("netmaker-stun")
 
-	errNotSTUNMessage = errors.New("not stun message")
 
-)
 
-
 
-func basicProcess(addr net.Addr, b []byte, req, res *stun.Message) error {
 
-	if !stun.IsMessage(b) {
 
-		return errNotSTUNMessage
 
-	}
 
-	if _, err := req.Write(b); err != nil {
 
-		return errors.Wrap(err, "failed to read message")
 
-	}
 
-	var (
 
-		ip   net.IP
 
-		port int
 
-	)
 
-	switch a := addr.(type) {
 
-	case *net.UDPAddr:
 
-		ip = a.IP
 
-		port = a.Port
 
-	default:
 
-		panic(fmt.Sprintf("unknown addr: %v", addr))
 
-	}
 
-	return res.Build(req,
 
-		stun.BindingSuccess,
 
-		software,
 
-		&stun.XORMappedAddress{
 
-			IP:   ip,
 
-			Port: port,
 
-		},
 
-		stun.Fingerprint,
 
-	)
 
-}
 
-
 
-func (s *Server) serveConn(c net.PacketConn, res, req *stun.Message, ctx context.Context) error {
 
-	if c == nil {
 
-		return nil
 
-	}
 
-	go func(ctx context.Context) {
 
-		<-ctx.Done()
 
-		if c != nil {
 
-			// kill connection on server shutdown
 
-			c.Close()
 
-		}
 
-	}(ctx)
 
-
 
-	buf := make([]byte, 1024)
 
-	n, addr, err := c.ReadFrom(buf) // this be blocky af
 
-	if err != nil {
 
-		if !strings.Contains(err.Error(), "use of closed network connection") {
 
-			logger.Log(1, "STUN read error:", err.Error())
 
-		}
 
-		return nil
 
-	}
 
-
 
-	if _, err = req.Write(buf[:n]); err != nil {
 
-		logger.Log(1, "STUN write error:", err.Error())
 
-		return err
 
-	}
 
-	if err = basicProcess(addr, buf[:n], req, res); err != nil {
 
-		if err == errNotSTUNMessage {
 
-			return nil
 
-		}
 
-		logger.Log(1, "STUN process error:", err.Error())
 
-		return nil
 
-	}
 
-	_, err = c.WriteTo(res.Raw, addr)
 
-	if err != nil {
 
-		logger.Log(1, "STUN response write error", err.Error())
 
-	}
 
-	return err
 
-}
 
-
 
-// Serve reads packets from connections and responds to BINDING requests.
 
-func (s *Server) serve(c net.PacketConn, ctx context.Context) error {
 
-	var (
 
-		res = new(stun.Message)
 
-		req = new(stun.Message)
 
-	)
 
-	for {
 
-		select {
 
-		case <-ctx.Done():
 
-			logger.Log(0, "shut down STUN server")
 
-			return nil
 
-		default:
 
-			if err := s.serveConn(c, res, req, ctx); err != nil {
 
-				logger.Log(1, "serve: %v", err.Error())
 
-				continue
 
-			}
 
-			res.Reset()
 
-			req.Reset()
 
-		}
 
-	}
 
-}
 
-
 
-// listenUDPAndServe listens on laddr and process incoming packets.
 
-func listenUDPAndServe(ctx context.Context, serverNet, laddr string) error {
 
-	c, err := net.ListenPacket(serverNet, laddr)
 
-	if err != nil {
 
-		return err
 
-	}
 
-	s := &Server{
 
-		Addr: laddr,
 
-	}
 
-	return s.serve(c, ctx)
 
-}
 
-
 
-func normalize(address string) string {
 
-	if len(address) == 0 {
 
-		address = "0.0.0.0"
 
-	}
 
-	if !strings.Contains(address, ":") {
 
-		address = fmt.Sprintf("%s:%d", address, stun.DefaultPort)
 
-	}
 
-	return address
 
-}
 
-
 
-// Start - starts the stun server
 
-func Start(wg *sync.WaitGroup, ctx context.Context) {
 
-	defer wg.Done()
 
-	normalized := normalize(fmt.Sprintf("0.0.0.0:%d", servercfg.GetStunPort()))
 
-	logger.Log(0, "netmaker-stun listening on", normalized, "via udp")
 
-	if err := listenUDPAndServe(ctx, "udp", normalized); err != nil {
 
-		if strings.Contains(err.Error(), "closed network connection") {
 
-			logger.Log(0, "shutdown STUN server")
 
-		} else {
 
-			logger.Log(0, "server: ", err.Error())
 
-		}
 
-	}
 
-}