-
Notifications
You must be signed in to change notification settings - Fork 0
/
stun.go
122 lines (115 loc) · 2.63 KB
/
stun.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
package stun
import (
"crypto/md5"
"crypto/tls"
"errors"
"net"
"net/url"
"strings"
)
func Discover(uri string) (net.PacketConn, net.Addr, error) {
conn, err := Dial(uri, nil)
if err != nil {
return nil, nil, err
}
addr, err := conn.Discover()
if err != nil {
conn.Close()
return nil, nil, err
}
// TODO: hijack
return conn.Conn.(net.PacketConn), addr, nil
}
type AuthMethod func(sess *Session) error
// LongTermAuthMethod returns AuthMethod for long-term credentials.
// Key = MD5(username ":" realm ":" SASLprep(password)).
// SASLprep is defined in RFC 4013.
func LongTermAuthMethod(username, password string) AuthMethod {
return func(sess *Session) error {
h := md5.New()
h.Write([]byte(username + ":" + sess.Realm + ":" + password))
sess.Username = username
sess.Key = h.Sum(nil)
return nil
}
}
// ShotTermAuthMethod returns AuthMethod for short-term credentials.
// Key = SASLprep(password).
// SASLprep is defined in RFC 4013.
func ShortTermAuthMethod(password string) AuthMethod {
key := []byte(password)
return func(sess *Session) error {
sess.Key = key
return nil
}
}
func Dial(uri string, config *Config) (*Conn, error) {
secure, network, addr, auth, err := parseURI(uri)
if err != nil {
return nil, err
}
var conn net.Conn
if secure {
conn, err = tls.Dial(network, addr, nil)
} else {
if strings.HasPrefix(network, "udp") {
conn, err = dialUDP(network, addr)
} else {
conn, err = dialTCP(network, addr)
}
}
if err != nil {
return nil, err
}
if auth != nil {
config = config.Clone()
config.AuthMethod = auth
}
return NewConn(conn, config), nil
}
func parseURI(uri string) (secure bool, network, addr string, auth AuthMethod, err error) {
var u *url.URL
if u, err = url.Parse(uri); err != nil {
return
}
host, port, e := net.SplitHostPort(u.Opaque)
if e != nil {
host = u.Opaque
}
if a := u.User; a != nil {
if password, ok := a.Password(); ok {
auth = LongTermAuthMethod(a.Username(), password)
} else {
auth = ShortTermAuthMethod(a.Username())
}
}
network = u.Query().Get("transport")
if network == "" {
network = "udp"
}
switch u.Scheme {
case "stun", "turn":
if port == "" {
port = "3478"
}
switch network {
case "udp", "udp4", "udp6", "tcp", "tcp4", "tcp6":
default:
err = errors.New("stun: unsupported transport: " + network)
}
case "stuns", "turns":
if port == "" {
port = "5478"
}
secure = true
switch network {
case "tcp", "tcp4", "tcp6":
default:
err = errors.New("stun: unsupported transport: " + network)
}
default:
err = errors.New("stun: unsupported scheme " + u.Scheme)
}
addr = net.JoinHostPort(host, port)
return
}