1 /*
2  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
3  *
4  *  Use of this source code is governed by a BSD-style license
5  *  that can be found in the LICENSE file in the root of the source
6  *  tree. An additional intellectual property rights grant can be found
7  *  in the file PATENTS.  All contributing project authors may
8  *  be found in the AUTHORS file in the root of the source tree.
9  */
10 
11 #include "webrtc/p2p/client/basicportallocator.h"
12 
13 #include <algorithm>
14 #include <string>
15 #include <vector>
16 
17 #include "webrtc/p2p/base/basicpacketsocketfactory.h"
18 #include "webrtc/p2p/base/common.h"
19 #include "webrtc/p2p/base/port.h"
20 #include "webrtc/p2p/base/relayport.h"
21 #include "webrtc/p2p/base/stunport.h"
22 #include "webrtc/p2p/base/tcpport.h"
23 #include "webrtc/p2p/base/turnport.h"
24 #include "webrtc/p2p/base/udpport.h"
25 #include "webrtc/base/checks.h"
26 #include "webrtc/base/common.h"
27 #include "webrtc/base/helpers.h"
28 #include "webrtc/base/logging.h"
29 
30 using rtc::CreateRandomId;
31 using rtc::CreateRandomString;
32 
33 namespace {
34 
35 enum {
36   MSG_CONFIG_START,
37   MSG_CONFIG_READY,
38   MSG_ALLOCATE,
39   MSG_ALLOCATION_PHASE,
40   MSG_SHAKE,
41   MSG_SEQUENCEOBJECTS_CREATED,
42   MSG_CONFIG_STOP,
43 };
44 
45 const int PHASE_UDP = 0;
46 const int PHASE_RELAY = 1;
47 const int PHASE_TCP = 2;
48 const int PHASE_SSLTCP = 3;
49 
50 const int kNumPhases = 4;
51 
52 const int SHAKE_MIN_DELAY = 45 * 1000;  // 45 seconds
53 const int SHAKE_MAX_DELAY = 90 * 1000;  // 90 seconds
54 
ShakeDelay()55 int ShakeDelay() {
56   int range = SHAKE_MAX_DELAY - SHAKE_MIN_DELAY + 1;
57   return SHAKE_MIN_DELAY + CreateRandomId() % range;
58 }
59 
60 }  // namespace
61 
62 namespace cricket {
63 const uint32_t DISABLE_ALL_PHASES =
64     PORTALLOCATOR_DISABLE_UDP | PORTALLOCATOR_DISABLE_TCP |
65     PORTALLOCATOR_DISABLE_STUN | PORTALLOCATOR_DISABLE_RELAY;
66 
67 // BasicPortAllocator
BasicPortAllocator(rtc::NetworkManager * network_manager,rtc::PacketSocketFactory * socket_factory)68 BasicPortAllocator::BasicPortAllocator(
69     rtc::NetworkManager* network_manager,
70     rtc::PacketSocketFactory* socket_factory)
71     : network_manager_(network_manager),
72       socket_factory_(socket_factory),
73       stun_servers_() {
74   ASSERT(network_manager_ != nullptr);
75   ASSERT(socket_factory_ != nullptr);
76   Construct();
77 }
78 
BasicPortAllocator(rtc::NetworkManager * network_manager)79 BasicPortAllocator::BasicPortAllocator(rtc::NetworkManager* network_manager)
80     : network_manager_(network_manager),
81       socket_factory_(nullptr),
82       stun_servers_() {
83   ASSERT(network_manager_ != nullptr);
84   Construct();
85 }
86 
BasicPortAllocator(rtc::NetworkManager * network_manager,rtc::PacketSocketFactory * socket_factory,const ServerAddresses & stun_servers)87 BasicPortAllocator::BasicPortAllocator(
88     rtc::NetworkManager* network_manager,
89     rtc::PacketSocketFactory* socket_factory,
90     const ServerAddresses& stun_servers)
91     : network_manager_(network_manager),
92       socket_factory_(socket_factory),
93       stun_servers_(stun_servers) {
94   ASSERT(socket_factory_ != NULL);
95   Construct();
96 }
97 
BasicPortAllocator(rtc::NetworkManager * network_manager,const ServerAddresses & stun_servers,const rtc::SocketAddress & relay_address_udp,const rtc::SocketAddress & relay_address_tcp,const rtc::SocketAddress & relay_address_ssl)98 BasicPortAllocator::BasicPortAllocator(
99     rtc::NetworkManager* network_manager,
100     const ServerAddresses& stun_servers,
101     const rtc::SocketAddress& relay_address_udp,
102     const rtc::SocketAddress& relay_address_tcp,
103     const rtc::SocketAddress& relay_address_ssl)
104     : network_manager_(network_manager),
105       socket_factory_(NULL),
106       stun_servers_(stun_servers) {
107 
108   RelayServerConfig config(RELAY_GTURN);
109   if (!relay_address_udp.IsNil()) {
110     config.ports.push_back(ProtocolAddress(relay_address_udp, PROTO_UDP));
111   }
112   if (!relay_address_tcp.IsNil()) {
113     config.ports.push_back(ProtocolAddress(relay_address_tcp, PROTO_TCP));
114   }
115   if (!relay_address_ssl.IsNil()) {
116     config.ports.push_back(ProtocolAddress(relay_address_ssl, PROTO_SSLTCP));
117   }
118 
119   if (!config.ports.empty()) {
120     AddTurnServer(config);
121   }
122 
123   Construct();
124 }
125 
Construct()126 void BasicPortAllocator::Construct() {
127   allow_tcp_listen_ = true;
128 }
129 
~BasicPortAllocator()130 BasicPortAllocator::~BasicPortAllocator() {
131 }
132 
CreateSessionInternal(const std::string & content_name,int component,const std::string & ice_ufrag,const std::string & ice_pwd)133 PortAllocatorSession* BasicPortAllocator::CreateSessionInternal(
134     const std::string& content_name, int component,
135     const std::string& ice_ufrag, const std::string& ice_pwd) {
136   return new BasicPortAllocatorSession(
137       this, content_name, component, ice_ufrag, ice_pwd);
138 }
139 
140 
141 // BasicPortAllocatorSession
BasicPortAllocatorSession(BasicPortAllocator * allocator,const std::string & content_name,int component,const std::string & ice_ufrag,const std::string & ice_pwd)142 BasicPortAllocatorSession::BasicPortAllocatorSession(
143     BasicPortAllocator *allocator,
144     const std::string& content_name,
145     int component,
146     const std::string& ice_ufrag,
147     const std::string& ice_pwd)
148     : PortAllocatorSession(content_name, component,
149                            ice_ufrag, ice_pwd, allocator->flags()),
150       allocator_(allocator), network_thread_(NULL),
151       socket_factory_(allocator->socket_factory()),
152       allocation_started_(false),
153       network_manager_started_(false),
154       running_(false),
155       allocation_sequences_created_(false) {
156   allocator_->network_manager()->SignalNetworksChanged.connect(
157       this, &BasicPortAllocatorSession::OnNetworksChanged);
158   allocator_->network_manager()->StartUpdating();
159 }
160 
~BasicPortAllocatorSession()161 BasicPortAllocatorSession::~BasicPortAllocatorSession() {
162   allocator_->network_manager()->StopUpdating();
163   if (network_thread_ != NULL)
164     network_thread_->Clear(this);
165 
166   for (uint32_t i = 0; i < sequences_.size(); ++i) {
167     // AllocationSequence should clear it's map entry for turn ports before
168     // ports are destroyed.
169     sequences_[i]->Clear();
170   }
171 
172   std::vector<PortData>::iterator it;
173   for (it = ports_.begin(); it != ports_.end(); it++)
174     delete it->port();
175 
176   for (uint32_t i = 0; i < configs_.size(); ++i)
177     delete configs_[i];
178 
179   for (uint32_t i = 0; i < sequences_.size(); ++i)
180     delete sequences_[i];
181 }
182 
StartGettingPorts()183 void BasicPortAllocatorSession::StartGettingPorts() {
184   network_thread_ = rtc::Thread::Current();
185   if (!socket_factory_) {
186     owned_socket_factory_.reset(
187         new rtc::BasicPacketSocketFactory(network_thread_));
188     socket_factory_ = owned_socket_factory_.get();
189   }
190 
191   running_ = true;
192   network_thread_->Post(this, MSG_CONFIG_START);
193 
194   if (flags() & PORTALLOCATOR_ENABLE_SHAKER)
195     network_thread_->PostDelayed(ShakeDelay(), this, MSG_SHAKE);
196 }
197 
StopGettingPorts()198 void BasicPortAllocatorSession::StopGettingPorts() {
199   ASSERT(rtc::Thread::Current() == network_thread_);
200   running_ = false;
201   network_thread_->Post(this, MSG_CONFIG_STOP);
202   ClearGettingPorts();
203 }
204 
ClearGettingPorts()205 void BasicPortAllocatorSession::ClearGettingPorts() {
206   network_thread_->Clear(this, MSG_ALLOCATE);
207   for (uint32_t i = 0; i < sequences_.size(); ++i)
208     sequences_[i]->Stop();
209 }
210 
OnMessage(rtc::Message * message)211 void BasicPortAllocatorSession::OnMessage(rtc::Message *message) {
212   switch (message->message_id) {
213   case MSG_CONFIG_START:
214     ASSERT(rtc::Thread::Current() == network_thread_);
215     GetPortConfigurations();
216     break;
217 
218   case MSG_CONFIG_READY:
219     ASSERT(rtc::Thread::Current() == network_thread_);
220     OnConfigReady(static_cast<PortConfiguration*>(message->pdata));
221     break;
222 
223   case MSG_ALLOCATE:
224     ASSERT(rtc::Thread::Current() == network_thread_);
225     OnAllocate();
226     break;
227 
228   case MSG_SHAKE:
229     ASSERT(rtc::Thread::Current() == network_thread_);
230     OnShake();
231     break;
232   case MSG_SEQUENCEOBJECTS_CREATED:
233     ASSERT(rtc::Thread::Current() == network_thread_);
234     OnAllocationSequenceObjectsCreated();
235     break;
236   case MSG_CONFIG_STOP:
237     ASSERT(rtc::Thread::Current() == network_thread_);
238     OnConfigStop();
239     break;
240   default:
241     ASSERT(false);
242   }
243 }
244 
GetPortConfigurations()245 void BasicPortAllocatorSession::GetPortConfigurations() {
246   PortConfiguration* config = new PortConfiguration(allocator_->stun_servers(),
247                                                     username(),
248                                                     password());
249 
250   for (const RelayServerConfig& turn_server : allocator_->turn_servers()) {
251     config->AddRelay(turn_server);
252   }
253   ConfigReady(config);
254 }
255 
ConfigReady(PortConfiguration * config)256 void BasicPortAllocatorSession::ConfigReady(PortConfiguration* config) {
257   network_thread_->Post(this, MSG_CONFIG_READY, config);
258 }
259 
260 // Adds a configuration to the list.
OnConfigReady(PortConfiguration * config)261 void BasicPortAllocatorSession::OnConfigReady(PortConfiguration* config) {
262   if (config) {
263     configs_.push_back(config);
264   }
265 
266   AllocatePorts();
267 }
268 
OnConfigStop()269 void BasicPortAllocatorSession::OnConfigStop() {
270   ASSERT(rtc::Thread::Current() == network_thread_);
271 
272   // If any of the allocated ports have not completed the candidates allocation,
273   // mark those as error. Since session doesn't need any new candidates
274   // at this stage of the allocation, it's safe to discard any new candidates.
275   bool send_signal = false;
276   for (std::vector<PortData>::iterator it = ports_.begin();
277        it != ports_.end(); ++it) {
278     if (!it->complete()) {
279       // Updating port state to error, which didn't finish allocating candidates
280       // yet.
281       it->set_error();
282       send_signal = true;
283     }
284   }
285 
286   // Did we stop any running sequences?
287   for (std::vector<AllocationSequence*>::iterator it = sequences_.begin();
288        it != sequences_.end() && !send_signal; ++it) {
289     if ((*it)->state() == AllocationSequence::kStopped) {
290       send_signal = true;
291     }
292   }
293 
294   // If we stopped anything that was running, send a done signal now.
295   if (send_signal) {
296     MaybeSignalCandidatesAllocationDone();
297   }
298 }
299 
AllocatePorts()300 void BasicPortAllocatorSession::AllocatePorts() {
301   ASSERT(rtc::Thread::Current() == network_thread_);
302   network_thread_->Post(this, MSG_ALLOCATE);
303 }
304 
OnAllocate()305 void BasicPortAllocatorSession::OnAllocate() {
306   if (network_manager_started_)
307     DoAllocate();
308 
309   allocation_started_ = true;
310 }
311 
GetNetworks(std::vector<rtc::Network * > * networks)312 void BasicPortAllocatorSession::GetNetworks(
313     std::vector<rtc::Network*>* networks) {
314   networks->clear();
315   rtc::NetworkManager* network_manager = allocator_->network_manager();
316   ASSERT(network_manager != nullptr);
317   // If the network permission state is BLOCKED, we just act as if the flag has
318   // been passed in.
319   if (network_manager->enumeration_permission() ==
320       rtc::NetworkManager::ENUMERATION_BLOCKED) {
321     set_flags(flags() | PORTALLOCATOR_DISABLE_ADAPTER_ENUMERATION);
322   }
323   // If the adapter enumeration is disabled, we'll just bind to any address
324   // instead of specific NIC. This is to ensure the same routing for http
325   // traffic by OS is also used here to avoid any local or public IP leakage
326   // during stun process.
327   if (flags() & PORTALLOCATOR_DISABLE_ADAPTER_ENUMERATION) {
328     network_manager->GetAnyAddressNetworks(networks);
329   } else {
330     network_manager->GetNetworks(networks);
331   }
332   networks->erase(std::remove_if(networks->begin(), networks->end(),
333                                  [this](rtc::Network* network) {
334                                    return allocator_->network_ignore_mask() &
335                                           network->type();
336                                  }),
337                   networks->end());
338 }
339 
340 // For each network, see if we have a sequence that covers it already.  If not,
341 // create a new sequence to create the appropriate ports.
DoAllocate()342 void BasicPortAllocatorSession::DoAllocate() {
343   bool done_signal_needed = false;
344   std::vector<rtc::Network*> networks;
345   GetNetworks(&networks);
346 
347   if (networks.empty()) {
348     LOG(LS_WARNING) << "Machine has no networks; no ports will be allocated";
349     done_signal_needed = true;
350   } else {
351     for (uint32_t i = 0; i < networks.size(); ++i) {
352       PortConfiguration* config = NULL;
353       if (configs_.size() > 0)
354         config = configs_.back();
355 
356       uint32_t sequence_flags = flags();
357       if ((sequence_flags & DISABLE_ALL_PHASES) == DISABLE_ALL_PHASES) {
358         // If all the ports are disabled we should just fire the allocation
359         // done event and return.
360         done_signal_needed = true;
361         break;
362       }
363 
364       if (!config || config->relays.empty()) {
365         // No relay ports specified in this config.
366         sequence_flags |= PORTALLOCATOR_DISABLE_RELAY;
367       }
368 
369       if (!(sequence_flags & PORTALLOCATOR_ENABLE_IPV6) &&
370           networks[i]->GetBestIP().family() == AF_INET6) {
371         // Skip IPv6 networks unless the flag's been set.
372         continue;
373       }
374 
375       // Disable phases that would only create ports equivalent to
376       // ones that we have already made.
377       DisableEquivalentPhases(networks[i], config, &sequence_flags);
378 
379       if ((sequence_flags & DISABLE_ALL_PHASES) == DISABLE_ALL_PHASES) {
380         // New AllocationSequence would have nothing to do, so don't make it.
381         continue;
382       }
383 
384       AllocationSequence* sequence =
385           new AllocationSequence(this, networks[i], config, sequence_flags);
386       if (!sequence->Init()) {
387         delete sequence;
388         continue;
389       }
390       done_signal_needed = true;
391       sequence->SignalPortAllocationComplete.connect(
392           this, &BasicPortAllocatorSession::OnPortAllocationComplete);
393       if (running_)
394         sequence->Start();
395       sequences_.push_back(sequence);
396     }
397   }
398   if (done_signal_needed) {
399     network_thread_->Post(this, MSG_SEQUENCEOBJECTS_CREATED);
400   }
401 }
402 
OnNetworksChanged()403 void BasicPortAllocatorSession::OnNetworksChanged() {
404   std::vector<rtc::Network*> networks;
405   GetNetworks(&networks);
406   for (AllocationSequence* sequence : sequences_) {
407     // Remove the network from the allocation sequence if it is not in
408     // |networks|.
409     if (!sequence->network_removed() &&
410         std::find(networks.begin(), networks.end(), sequence->network()) ==
411             networks.end()) {
412       sequence->OnNetworkRemoved();
413     }
414   }
415 
416   network_manager_started_ = true;
417   if (allocation_started_)
418     DoAllocate();
419 }
420 
DisableEquivalentPhases(rtc::Network * network,PortConfiguration * config,uint32_t * flags)421 void BasicPortAllocatorSession::DisableEquivalentPhases(
422     rtc::Network* network,
423     PortConfiguration* config,
424     uint32_t* flags) {
425   for (uint32_t i = 0; i < sequences_.size() &&
426                            (*flags & DISABLE_ALL_PHASES) != DISABLE_ALL_PHASES;
427        ++i) {
428     sequences_[i]->DisableEquivalentPhases(network, config, flags);
429   }
430 }
431 
AddAllocatedPort(Port * port,AllocationSequence * seq,bool prepare_address)432 void BasicPortAllocatorSession::AddAllocatedPort(Port* port,
433                                                  AllocationSequence * seq,
434                                                  bool prepare_address) {
435   if (!port)
436     return;
437 
438   LOG(LS_INFO) << "Adding allocated port for " << content_name();
439   port->set_content_name(content_name());
440   port->set_component(component_);
441   port->set_generation(generation());
442   if (allocator_->proxy().type != rtc::PROXY_NONE)
443     port->set_proxy(allocator_->user_agent(), allocator_->proxy());
444   port->set_send_retransmit_count_attribute((allocator_->flags() &
445       PORTALLOCATOR_ENABLE_STUN_RETRANSMIT_ATTRIBUTE) != 0);
446 
447   // Push down the candidate_filter to individual port.
448   uint32_t candidate_filter = allocator_->candidate_filter();
449 
450   // When adapter enumeration is disabled, disable CF_HOST at port level so
451   // local address is not leaked by stunport in the candidate's related address.
452   if ((flags() & PORTALLOCATOR_DISABLE_ADAPTER_ENUMERATION) &&
453       (flags() & PORTALLOCATOR_DISABLE_DEFAULT_LOCAL_CANDIDATE)) {
454     candidate_filter &= ~CF_HOST;
455   }
456   port->set_candidate_filter(candidate_filter);
457 
458   PortData data(port, seq);
459   ports_.push_back(data);
460 
461   port->SignalCandidateReady.connect(
462       this, &BasicPortAllocatorSession::OnCandidateReady);
463   port->SignalPortComplete.connect(this,
464       &BasicPortAllocatorSession::OnPortComplete);
465   port->SignalDestroyed.connect(this,
466       &BasicPortAllocatorSession::OnPortDestroyed);
467   port->SignalPortError.connect(
468       this, &BasicPortAllocatorSession::OnPortError);
469   LOG_J(LS_INFO, port) << "Added port to allocator";
470 
471   if (prepare_address)
472     port->PrepareAddress();
473 }
474 
OnAllocationSequenceObjectsCreated()475 void BasicPortAllocatorSession::OnAllocationSequenceObjectsCreated() {
476   allocation_sequences_created_ = true;
477   // Send candidate allocation complete signal if we have no sequences.
478   MaybeSignalCandidatesAllocationDone();
479 }
480 
OnCandidateReady(Port * port,const Candidate & c)481 void BasicPortAllocatorSession::OnCandidateReady(
482     Port* port, const Candidate& c) {
483   ASSERT(rtc::Thread::Current() == network_thread_);
484   PortData* data = FindPort(port);
485   ASSERT(data != NULL);
486   // Discarding any candidate signal if port allocation status is
487   // already in completed state.
488   if (data->complete())
489     return;
490 
491   ProtocolType pvalue;
492   bool candidate_signalable = CheckCandidateFilter(c);
493 
494   // When device enumeration is disabled (to prevent non-default IP addresses
495   // from leaking), we ping from some local candidates even though we don't
496   // signal them. However, if host candidates are also disabled (for example, to
497   // prevent even default IP addresses from leaking), we still don't want to
498   // ping from them, even if device enumeration is disabled.  Thus, we check for
499   // both device enumeration and host candidates being disabled.
500   bool network_enumeration_disabled = c.address().IsAnyIP();
501   bool can_ping_from_candidate =
502       (port->SharedSocket() || c.protocol() == TCP_PROTOCOL_NAME);
503   bool host_canidates_disabled = !(allocator_->candidate_filter() & CF_HOST);
504 
505   bool candidate_pairable =
506       candidate_signalable ||
507       (network_enumeration_disabled && can_ping_from_candidate &&
508        !host_canidates_disabled);
509   bool candidate_protocol_enabled =
510       StringToProto(c.protocol().c_str(), &pvalue) &&
511       data->sequence()->ProtocolEnabled(pvalue);
512 
513   if (candidate_signalable && candidate_protocol_enabled) {
514     std::vector<Candidate> candidates;
515     candidates.push_back(c);
516     SignalCandidatesReady(this, candidates);
517   }
518 
519   // Port has been made ready. Nothing to do here.
520   if (data->ready()) {
521     return;
522   }
523 
524   // Move the port to the READY state, either because we have a usable candidate
525   // from the port, or simply because the port is bound to the any address and
526   // therefore has no host candidate. This will trigger the port to start
527   // creating candidate pairs (connections) and issue connectivity checks.
528   if (candidate_pairable) {
529     data->set_ready();
530     SignalPortReady(this, port);
531   }
532 }
533 
OnPortComplete(Port * port)534 void BasicPortAllocatorSession::OnPortComplete(Port* port) {
535   ASSERT(rtc::Thread::Current() == network_thread_);
536   PortData* data = FindPort(port);
537   ASSERT(data != NULL);
538 
539   // Ignore any late signals.
540   if (data->complete())
541     return;
542 
543   // Moving to COMPLETE state.
544   data->set_complete();
545   // Send candidate allocation complete signal if this was the last port.
546   MaybeSignalCandidatesAllocationDone();
547 }
548 
OnPortError(Port * port)549 void BasicPortAllocatorSession::OnPortError(Port* port) {
550   ASSERT(rtc::Thread::Current() == network_thread_);
551   PortData* data = FindPort(port);
552   ASSERT(data != NULL);
553   // We might have already given up on this port and stopped it.
554   if (data->complete())
555     return;
556 
557   // SignalAddressError is currently sent from StunPort/TurnPort.
558   // But this signal itself is generic.
559   data->set_error();
560   // Send candidate allocation complete signal if this was the last port.
561   MaybeSignalCandidatesAllocationDone();
562 }
563 
OnProtocolEnabled(AllocationSequence * seq,ProtocolType proto)564 void BasicPortAllocatorSession::OnProtocolEnabled(AllocationSequence* seq,
565                                                   ProtocolType proto) {
566   std::vector<Candidate> candidates;
567   for (std::vector<PortData>::iterator it = ports_.begin();
568        it != ports_.end(); ++it) {
569     if (it->sequence() != seq)
570       continue;
571 
572     const std::vector<Candidate>& potentials = it->port()->Candidates();
573     for (size_t i = 0; i < potentials.size(); ++i) {
574       if (!CheckCandidateFilter(potentials[i]))
575         continue;
576       ProtocolType pvalue;
577       bool candidate_protocol_enabled =
578           StringToProto(potentials[i].protocol().c_str(), &pvalue) &&
579           pvalue == proto;
580       if (candidate_protocol_enabled) {
581         candidates.push_back(potentials[i]);
582       }
583     }
584   }
585 
586   if (!candidates.empty()) {
587     SignalCandidatesReady(this, candidates);
588   }
589 }
590 
CheckCandidateFilter(const Candidate & c)591 bool BasicPortAllocatorSession::CheckCandidateFilter(const Candidate& c) {
592   uint32_t filter = allocator_->candidate_filter();
593 
594   // When binding to any address, before sending packets out, the getsockname
595   // returns all 0s, but after sending packets, it'll be the NIC used to
596   // send. All 0s is not a valid ICE candidate address and should be filtered
597   // out.
598   if (c.address().IsAnyIP()) {
599     return false;
600   }
601 
602   if (c.type() == RELAY_PORT_TYPE) {
603     return ((filter & CF_RELAY) != 0);
604   } else if (c.type() == STUN_PORT_TYPE) {
605     return ((filter & CF_REFLEXIVE) != 0);
606   } else if (c.type() == LOCAL_PORT_TYPE) {
607     if ((filter & CF_REFLEXIVE) && !c.address().IsPrivateIP()) {
608       // We allow host candidates if the filter allows server-reflexive
609       // candidates and the candidate is a public IP. Because we don't generate
610       // server-reflexive candidates if they have the same IP as the host
611       // candidate (i.e. when the host candidate is a public IP), filtering to
612       // only server-reflexive candidates won't work right when the host
613       // candidates have public IPs.
614       return true;
615     }
616 
617     return ((filter & CF_HOST) != 0);
618   }
619   return false;
620 }
621 
OnPortAllocationComplete(AllocationSequence * seq)622 void BasicPortAllocatorSession::OnPortAllocationComplete(
623     AllocationSequence* seq) {
624   // Send candidate allocation complete signal if all ports are done.
625   MaybeSignalCandidatesAllocationDone();
626 }
627 
MaybeSignalCandidatesAllocationDone()628 void BasicPortAllocatorSession::MaybeSignalCandidatesAllocationDone() {
629   // Send signal only if all required AllocationSequence objects
630   // are created.
631   if (!allocation_sequences_created_)
632     return;
633 
634   // Check that all port allocation sequences are complete.
635   for (std::vector<AllocationSequence*>::iterator it = sequences_.begin();
636        it != sequences_.end(); ++it) {
637     if ((*it)->state() == AllocationSequence::kRunning)
638       return;
639   }
640 
641   // If all allocated ports are in complete state, session must have got all
642   // expected candidates. Session will trigger candidates allocation complete
643   // signal.
644   for (std::vector<PortData>::iterator it = ports_.begin();
645        it != ports_.end(); ++it) {
646     if (!it->complete())
647       return;
648   }
649   LOG(LS_INFO) << "All candidates gathered for " << content_name_ << ":"
650                << component_ << ":" << generation();
651   SignalCandidatesAllocationDone(this);
652 }
653 
OnPortDestroyed(PortInterface * port)654 void BasicPortAllocatorSession::OnPortDestroyed(
655     PortInterface* port) {
656   ASSERT(rtc::Thread::Current() == network_thread_);
657   for (std::vector<PortData>::iterator iter = ports_.begin();
658        iter != ports_.end(); ++iter) {
659     if (port == iter->port()) {
660       ports_.erase(iter);
661       LOG_J(LS_INFO, port) << "Removed port from allocator ("
662                            << static_cast<int>(ports_.size()) << " remaining)";
663       return;
664     }
665   }
666   ASSERT(false);
667 }
668 
OnShake()669 void BasicPortAllocatorSession::OnShake() {
670   LOG(INFO) << ">>>>> SHAKE <<<<< >>>>> SHAKE <<<<< >>>>> SHAKE <<<<<";
671 
672   std::vector<Port*> ports;
673   std::vector<Connection*> connections;
674 
675   for (size_t i = 0; i < ports_.size(); ++i) {
676     if (ports_[i].ready())
677       ports.push_back(ports_[i].port());
678   }
679 
680   for (size_t i = 0; i < ports.size(); ++i) {
681     Port::AddressMap::const_iterator iter;
682     for (iter = ports[i]->connections().begin();
683          iter != ports[i]->connections().end();
684          ++iter) {
685       connections.push_back(iter->second);
686     }
687   }
688 
689   LOG(INFO) << ">>>>> Destroying " << ports.size() << " ports and "
690             << connections.size() << " connections";
691 
692   for (size_t i = 0; i < connections.size(); ++i)
693     connections[i]->Destroy();
694 
695   if (running_ || (ports.size() > 0) || (connections.size() > 0))
696     network_thread_->PostDelayed(ShakeDelay(), this, MSG_SHAKE);
697 }
698 
FindPort(Port * port)699 BasicPortAllocatorSession::PortData* BasicPortAllocatorSession::FindPort(
700     Port* port) {
701   for (std::vector<PortData>::iterator it = ports_.begin();
702        it != ports_.end(); ++it) {
703     if (it->port() == port) {
704       return &*it;
705     }
706   }
707   return NULL;
708 }
709 
710 // AllocationSequence
711 
AllocationSequence(BasicPortAllocatorSession * session,rtc::Network * network,PortConfiguration * config,uint32_t flags)712 AllocationSequence::AllocationSequence(BasicPortAllocatorSession* session,
713                                        rtc::Network* network,
714                                        PortConfiguration* config,
715                                        uint32_t flags)
716     : session_(session),
717       network_(network),
718       ip_(network->GetBestIP()),
719       config_(config),
720       state_(kInit),
721       flags_(flags),
722       udp_socket_(),
723       udp_port_(NULL),
724       phase_(0) {
725 }
726 
Init()727 bool AllocationSequence::Init() {
728   if (IsFlagSet(PORTALLOCATOR_ENABLE_SHARED_SOCKET)) {
729     udp_socket_.reset(session_->socket_factory()->CreateUdpSocket(
730         rtc::SocketAddress(ip_, 0), session_->allocator()->min_port(),
731         session_->allocator()->max_port()));
732     if (udp_socket_) {
733       udp_socket_->SignalReadPacket.connect(
734           this, &AllocationSequence::OnReadPacket);
735     }
736     // Continuing if |udp_socket_| is NULL, as local TCP and RelayPort using TCP
737     // are next available options to setup a communication channel.
738   }
739   return true;
740 }
741 
Clear()742 void AllocationSequence::Clear() {
743   udp_port_ = NULL;
744   turn_ports_.clear();
745 }
746 
OnNetworkRemoved()747 void AllocationSequence::OnNetworkRemoved() {
748   // Stop the allocation sequence if its network is gone.
749   Stop();
750   network_removed_ = true;
751 }
752 
~AllocationSequence()753 AllocationSequence::~AllocationSequence() {
754   session_->network_thread()->Clear(this);
755 }
756 
DisableEquivalentPhases(rtc::Network * network,PortConfiguration * config,uint32_t * flags)757 void AllocationSequence::DisableEquivalentPhases(rtc::Network* network,
758     PortConfiguration* config, uint32_t* flags) {
759   if (network_removed_) {
760     // If the network of this allocation sequence has ever gone away,
761     // it won't be equivalent to the new network.
762     return;
763   }
764 
765   if (!((network == network_) && (ip_ == network->GetBestIP()))) {
766     // Different network setup; nothing is equivalent.
767     return;
768   }
769 
770   // Else turn off the stuff that we've already got covered.
771 
772   // Every config implicitly specifies local, so turn that off right away.
773   *flags |= PORTALLOCATOR_DISABLE_UDP;
774   *flags |= PORTALLOCATOR_DISABLE_TCP;
775 
776   if (config_ && config) {
777     if (config_->StunServers() == config->StunServers()) {
778       // Already got this STUN servers covered.
779       *flags |= PORTALLOCATOR_DISABLE_STUN;
780     }
781     if (!config_->relays.empty()) {
782       // Already got relays covered.
783       // NOTE: This will even skip a _different_ set of relay servers if we
784       // were to be given one, but that never happens in our codebase. Should
785       // probably get rid of the list in PortConfiguration and just keep a
786       // single relay server in each one.
787       *flags |= PORTALLOCATOR_DISABLE_RELAY;
788     }
789   }
790 }
791 
Start()792 void AllocationSequence::Start() {
793   state_ = kRunning;
794   session_->network_thread()->Post(this, MSG_ALLOCATION_PHASE);
795 }
796 
Stop()797 void AllocationSequence::Stop() {
798   // If the port is completed, don't set it to stopped.
799   if (state_ == kRunning) {
800     state_ = kStopped;
801     session_->network_thread()->Clear(this, MSG_ALLOCATION_PHASE);
802   }
803 }
804 
OnMessage(rtc::Message * msg)805 void AllocationSequence::OnMessage(rtc::Message* msg) {
806   ASSERT(rtc::Thread::Current() == session_->network_thread());
807   ASSERT(msg->message_id == MSG_ALLOCATION_PHASE);
808 
809   const char* const PHASE_NAMES[kNumPhases] = {
810     "Udp", "Relay", "Tcp", "SslTcp"
811   };
812 
813   // Perform all of the phases in the current step.
814   LOG_J(LS_INFO, network_) << "Allocation Phase="
815                            << PHASE_NAMES[phase_];
816 
817   switch (phase_) {
818     case PHASE_UDP:
819       CreateUDPPorts();
820       CreateStunPorts();
821       EnableProtocol(PROTO_UDP);
822       break;
823 
824     case PHASE_RELAY:
825       CreateRelayPorts();
826       break;
827 
828     case PHASE_TCP:
829       CreateTCPPorts();
830       EnableProtocol(PROTO_TCP);
831       break;
832 
833     case PHASE_SSLTCP:
834       state_ = kCompleted;
835       EnableProtocol(PROTO_SSLTCP);
836       break;
837 
838     default:
839       ASSERT(false);
840   }
841 
842   if (state() == kRunning) {
843     ++phase_;
844     session_->network_thread()->PostDelayed(
845         session_->allocator()->step_delay(),
846         this, MSG_ALLOCATION_PHASE);
847   } else {
848     // If all phases in AllocationSequence are completed, no allocation
849     // steps needed further. Canceling  pending signal.
850     session_->network_thread()->Clear(this, MSG_ALLOCATION_PHASE);
851     SignalPortAllocationComplete(this);
852   }
853 }
854 
EnableProtocol(ProtocolType proto)855 void AllocationSequence::EnableProtocol(ProtocolType proto) {
856   if (!ProtocolEnabled(proto)) {
857     protocols_.push_back(proto);
858     session_->OnProtocolEnabled(this, proto);
859   }
860 }
861 
ProtocolEnabled(ProtocolType proto) const862 bool AllocationSequence::ProtocolEnabled(ProtocolType proto) const {
863   for (ProtocolList::const_iterator it = protocols_.begin();
864        it != protocols_.end(); ++it) {
865     if (*it == proto)
866       return true;
867   }
868   return false;
869 }
870 
CreateUDPPorts()871 void AllocationSequence::CreateUDPPorts() {
872   if (IsFlagSet(PORTALLOCATOR_DISABLE_UDP)) {
873     LOG(LS_VERBOSE) << "AllocationSequence: UDP ports disabled, skipping.";
874     return;
875   }
876 
877   // TODO(mallinath) - Remove UDPPort creating socket after shared socket
878   // is enabled completely.
879   UDPPort* port = NULL;
880   bool emit_local_candidate_for_anyaddress =
881       !IsFlagSet(PORTALLOCATOR_DISABLE_DEFAULT_LOCAL_CANDIDATE);
882   if (IsFlagSet(PORTALLOCATOR_ENABLE_SHARED_SOCKET) && udp_socket_) {
883     port = UDPPort::Create(
884         session_->network_thread(), session_->socket_factory(), network_,
885         udp_socket_.get(), session_->username(), session_->password(),
886         session_->allocator()->origin(), emit_local_candidate_for_anyaddress);
887   } else {
888     port = UDPPort::Create(
889         session_->network_thread(), session_->socket_factory(), network_, ip_,
890         session_->allocator()->min_port(), session_->allocator()->max_port(),
891         session_->username(), session_->password(),
892         session_->allocator()->origin(), emit_local_candidate_for_anyaddress);
893   }
894 
895   if (port) {
896     // If shared socket is enabled, STUN candidate will be allocated by the
897     // UDPPort.
898     if (IsFlagSet(PORTALLOCATOR_ENABLE_SHARED_SOCKET)) {
899       udp_port_ = port;
900       port->SignalDestroyed.connect(this, &AllocationSequence::OnPortDestroyed);
901 
902       // If STUN is not disabled, setting stun server address to port.
903       if (!IsFlagSet(PORTALLOCATOR_DISABLE_STUN)) {
904         if (config_ && !config_->StunServers().empty()) {
905           LOG(LS_INFO) << "AllocationSequence: UDPPort will be handling the "
906                        <<  "STUN candidate generation.";
907           port->set_server_addresses(config_->StunServers());
908         }
909       }
910     }
911 
912     session_->AddAllocatedPort(port, this, true);
913   }
914 }
915 
CreateTCPPorts()916 void AllocationSequence::CreateTCPPorts() {
917   if (IsFlagSet(PORTALLOCATOR_DISABLE_TCP)) {
918     LOG(LS_VERBOSE) << "AllocationSequence: TCP ports disabled, skipping.";
919     return;
920   }
921 
922   Port* port = TCPPort::Create(session_->network_thread(),
923                                session_->socket_factory(),
924                                network_, ip_,
925                                session_->allocator()->min_port(),
926                                session_->allocator()->max_port(),
927                                session_->username(), session_->password(),
928                                session_->allocator()->allow_tcp_listen());
929   if (port) {
930     session_->AddAllocatedPort(port, this, true);
931     // Since TCPPort is not created using shared socket, |port| will not be
932     // added to the dequeue.
933   }
934 }
935 
CreateStunPorts()936 void AllocationSequence::CreateStunPorts() {
937   if (IsFlagSet(PORTALLOCATOR_DISABLE_STUN)) {
938     LOG(LS_VERBOSE) << "AllocationSequence: STUN ports disabled, skipping.";
939     return;
940   }
941 
942   if (IsFlagSet(PORTALLOCATOR_ENABLE_SHARED_SOCKET)) {
943     return;
944   }
945 
946   if (!(config_ && !config_->StunServers().empty())) {
947     LOG(LS_WARNING)
948         << "AllocationSequence: No STUN server configured, skipping.";
949     return;
950   }
951 
952   StunPort* port = StunPort::Create(session_->network_thread(),
953                                 session_->socket_factory(),
954                                 network_, ip_,
955                                 session_->allocator()->min_port(),
956                                 session_->allocator()->max_port(),
957                                 session_->username(), session_->password(),
958                                 config_->StunServers(),
959                                 session_->allocator()->origin());
960   if (port) {
961     session_->AddAllocatedPort(port, this, true);
962     // Since StunPort is not created using shared socket, |port| will not be
963     // added to the dequeue.
964   }
965 }
966 
CreateRelayPorts()967 void AllocationSequence::CreateRelayPorts() {
968   if (IsFlagSet(PORTALLOCATOR_DISABLE_RELAY)) {
969      LOG(LS_VERBOSE) << "AllocationSequence: Relay ports disabled, skipping.";
970      return;
971   }
972 
973   // If BasicPortAllocatorSession::OnAllocate left relay ports enabled then we
974   // ought to have a relay list for them here.
975   ASSERT(config_ && !config_->relays.empty());
976   if (!(config_ && !config_->relays.empty())) {
977     LOG(LS_WARNING)
978         << "AllocationSequence: No relay server configured, skipping.";
979     return;
980   }
981 
982   PortConfiguration::RelayList::const_iterator relay;
983   for (relay = config_->relays.begin();
984        relay != config_->relays.end(); ++relay) {
985     if (relay->type == RELAY_GTURN) {
986       CreateGturnPort(*relay);
987     } else if (relay->type == RELAY_TURN) {
988       CreateTurnPort(*relay);
989     } else {
990       ASSERT(false);
991     }
992   }
993 }
994 
CreateGturnPort(const RelayServerConfig & config)995 void AllocationSequence::CreateGturnPort(const RelayServerConfig& config) {
996   // TODO(mallinath) - Rename RelayPort to GTurnPort.
997   RelayPort* port = RelayPort::Create(session_->network_thread(),
998                                       session_->socket_factory(),
999                                       network_, ip_,
1000                                       session_->allocator()->min_port(),
1001                                       session_->allocator()->max_port(),
1002                                       config_->username, config_->password);
1003   if (port) {
1004     // Since RelayPort is not created using shared socket, |port| will not be
1005     // added to the dequeue.
1006     // Note: We must add the allocated port before we add addresses because
1007     //       the latter will create candidates that need name and preference
1008     //       settings.  However, we also can't prepare the address (normally
1009     //       done by AddAllocatedPort) until we have these addresses.  So we
1010     //       wait to do that until below.
1011     session_->AddAllocatedPort(port, this, false);
1012 
1013     // Add the addresses of this protocol.
1014     PortList::const_iterator relay_port;
1015     for (relay_port = config.ports.begin();
1016          relay_port != config.ports.end();
1017          ++relay_port) {
1018       port->AddServerAddress(*relay_port);
1019       port->AddExternalAddress(*relay_port);
1020     }
1021     // Start fetching an address for this port.
1022     port->PrepareAddress();
1023   }
1024 }
1025 
CreateTurnPort(const RelayServerConfig & config)1026 void AllocationSequence::CreateTurnPort(const RelayServerConfig& config) {
1027   PortList::const_iterator relay_port;
1028   for (relay_port = config.ports.begin();
1029        relay_port != config.ports.end(); ++relay_port) {
1030     TurnPort* port = NULL;
1031 
1032     // Skip UDP connections to relay servers if it's disallowed.
1033     if (IsFlagSet(PORTALLOCATOR_DISABLE_UDP_RELAY) &&
1034         relay_port->proto == PROTO_UDP) {
1035       continue;
1036     }
1037 
1038     // Shared socket mode must be enabled only for UDP based ports. Hence
1039     // don't pass shared socket for ports which will create TCP sockets.
1040     // TODO(mallinath) - Enable shared socket mode for TURN ports. Disabled
1041     // due to webrtc bug https://code.google.com/p/webrtc/issues/detail?id=3537
1042     if (IsFlagSet(PORTALLOCATOR_ENABLE_SHARED_SOCKET) &&
1043         relay_port->proto == PROTO_UDP && udp_socket_) {
1044       port = TurnPort::Create(session_->network_thread(),
1045                               session_->socket_factory(),
1046                               network_, udp_socket_.get(),
1047                               session_->username(), session_->password(),
1048                               *relay_port, config.credentials, config.priority,
1049                               session_->allocator()->origin());
1050       turn_ports_.push_back(port);
1051       // Listen to the port destroyed signal, to allow AllocationSequence to
1052       // remove entrt from it's map.
1053       port->SignalDestroyed.connect(this, &AllocationSequence::OnPortDestroyed);
1054     } else {
1055       port = TurnPort::Create(session_->network_thread(),
1056                               session_->socket_factory(),
1057                               network_, ip_,
1058                               session_->allocator()->min_port(),
1059                               session_->allocator()->max_port(),
1060                               session_->username(),
1061                               session_->password(),
1062                               *relay_port, config.credentials, config.priority,
1063                               session_->allocator()->origin());
1064     }
1065     ASSERT(port != NULL);
1066     session_->AddAllocatedPort(port, this, true);
1067   }
1068 }
1069 
OnReadPacket(rtc::AsyncPacketSocket * socket,const char * data,size_t size,const rtc::SocketAddress & remote_addr,const rtc::PacketTime & packet_time)1070 void AllocationSequence::OnReadPacket(
1071     rtc::AsyncPacketSocket* socket, const char* data, size_t size,
1072     const rtc::SocketAddress& remote_addr,
1073     const rtc::PacketTime& packet_time) {
1074   ASSERT(socket == udp_socket_.get());
1075 
1076   bool turn_port_found = false;
1077 
1078   // Try to find the TurnPort that matches the remote address. Note that the
1079   // message could be a STUN binding response if the TURN server is also used as
1080   // a STUN server. We don't want to parse every message here to check if it is
1081   // a STUN binding response, so we pass the message to TurnPort regardless of
1082   // the message type. The TurnPort will just ignore the message since it will
1083   // not find any request by transaction ID.
1084   for (std::vector<TurnPort*>::const_iterator it = turn_ports_.begin();
1085        it != turn_ports_.end(); ++it) {
1086     TurnPort* port = *it;
1087     if (port->server_address().address == remote_addr) {
1088       port->HandleIncomingPacket(socket, data, size, remote_addr, packet_time);
1089       turn_port_found = true;
1090       break;
1091     }
1092   }
1093 
1094   if (udp_port_) {
1095     const ServerAddresses& stun_servers = udp_port_->server_addresses();
1096 
1097     // Pass the packet to the UdpPort if there is no matching TurnPort, or if
1098     // the TURN server is also a STUN server.
1099     if (!turn_port_found ||
1100         stun_servers.find(remote_addr) != stun_servers.end()) {
1101       udp_port_->HandleIncomingPacket(
1102           socket, data, size, remote_addr, packet_time);
1103     }
1104   }
1105 }
1106 
OnPortDestroyed(PortInterface * port)1107 void AllocationSequence::OnPortDestroyed(PortInterface* port) {
1108   if (udp_port_ == port) {
1109     udp_port_ = NULL;
1110     return;
1111   }
1112 
1113   auto it = std::find(turn_ports_.begin(), turn_ports_.end(), port);
1114   if (it != turn_ports_.end()) {
1115     turn_ports_.erase(it);
1116   } else {
1117     LOG(LS_ERROR) << "Unexpected OnPortDestroyed for nonexistent port.";
1118     ASSERT(false);
1119   }
1120 }
1121 
1122 // PortConfiguration
PortConfiguration(const rtc::SocketAddress & stun_address,const std::string & username,const std::string & password)1123 PortConfiguration::PortConfiguration(
1124     const rtc::SocketAddress& stun_address,
1125     const std::string& username,
1126     const std::string& password)
1127     : stun_address(stun_address), username(username), password(password) {
1128   if (!stun_address.IsNil())
1129     stun_servers.insert(stun_address);
1130 }
1131 
PortConfiguration(const ServerAddresses & stun_servers,const std::string & username,const std::string & password)1132 PortConfiguration::PortConfiguration(const ServerAddresses& stun_servers,
1133                                      const std::string& username,
1134                                      const std::string& password)
1135     : stun_servers(stun_servers),
1136       username(username),
1137       password(password) {
1138   if (!stun_servers.empty())
1139     stun_address = *(stun_servers.begin());
1140 }
1141 
StunServers()1142 ServerAddresses PortConfiguration::StunServers() {
1143   if (!stun_address.IsNil() &&
1144       stun_servers.find(stun_address) == stun_servers.end()) {
1145     stun_servers.insert(stun_address);
1146   }
1147   // Every UDP TURN server should also be used as a STUN server.
1148   ServerAddresses turn_servers = GetRelayServerAddresses(RELAY_TURN, PROTO_UDP);
1149   for (const rtc::SocketAddress& turn_server : turn_servers) {
1150     if (stun_servers.find(turn_server) == stun_servers.end()) {
1151       stun_servers.insert(turn_server);
1152     }
1153   }
1154   return stun_servers;
1155 }
1156 
AddRelay(const RelayServerConfig & config)1157 void PortConfiguration::AddRelay(const RelayServerConfig& config) {
1158   relays.push_back(config);
1159 }
1160 
SupportsProtocol(const RelayServerConfig & relay,ProtocolType type) const1161 bool PortConfiguration::SupportsProtocol(
1162     const RelayServerConfig& relay, ProtocolType type) const {
1163   PortList::const_iterator relay_port;
1164   for (relay_port = relay.ports.begin();
1165         relay_port != relay.ports.end();
1166         ++relay_port) {
1167     if (relay_port->proto == type)
1168       return true;
1169   }
1170   return false;
1171 }
1172 
SupportsProtocol(RelayType turn_type,ProtocolType type) const1173 bool PortConfiguration::SupportsProtocol(RelayType turn_type,
1174                                          ProtocolType type) const {
1175   for (size_t i = 0; i < relays.size(); ++i) {
1176     if (relays[i].type == turn_type &&
1177         SupportsProtocol(relays[i], type))
1178       return true;
1179   }
1180   return false;
1181 }
1182 
GetRelayServerAddresses(RelayType turn_type,ProtocolType type) const1183 ServerAddresses PortConfiguration::GetRelayServerAddresses(
1184     RelayType turn_type, ProtocolType type) const {
1185   ServerAddresses servers;
1186   for (size_t i = 0; i < relays.size(); ++i) {
1187     if (relays[i].type == turn_type && SupportsProtocol(relays[i], type)) {
1188       servers.insert(relays[i].ports.front().address);
1189     }
1190   }
1191   return servers;
1192 }
1193 
1194 }  // namespace cricket
1195