[tor-commits] [pluggable-transports/snowflake] branch main updated: Use Pion's Setting Engine to reduce Multicast DNS noise
gitolite role
git at cupani.torproject.org
Mon Sep 26 15:54:18 UTC 2022
This is an automated email from the git hooks/post-receive script.
itchyonion pushed a commit to branch main
in repository pluggable-transports/snowflake.
The following commit(s) were added to refs/heads/main by this push:
new 9ce1de4 Use Pion's Setting Engine to reduce Multicast DNS noise
9ce1de4 is described below
commit 9ce1de4eee4e23c918c7c5e96666ff5c6ddc654e
Author: Tommaso Gragnato <gragnato.tommaso at icloud.com>
AuthorDate: Sun Aug 14 14:34:57 2022 +0200
Use Pion's Setting Engine to reduce Multicast DNS noise
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/issues/40123
The purpose of the patch is to prevent Pion from opening the mDNS port,
thus preventing snowflake from directly leaking .local candidates.
What this doesn't prevent is the resolution of .local candidates
once they are passed on to the system DNS.
---
client/lib/webrtc.go | 6 +++++-
proxy/lib/snowflake.go | 11 +++++++++--
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/client/lib/webrtc.go b/client/lib/webrtc.go
index d5264a9..01990e0 100644
--- a/client/lib/webrtc.go
+++ b/client/lib/webrtc.go
@@ -10,6 +10,7 @@ import (
"time"
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/event"
+ "github.com/pion/ice/v2"
"github.com/pion/webrtc/v3"
)
@@ -189,7 +190,10 @@ func (c *WebRTCPeer) connect(config *webrtc.Configuration, broker *BrokerChannel
// after ICE candidate gathering is complete..
func (c *WebRTCPeer) preparePeerConnection(config *webrtc.Configuration) error {
var err error
- c.pc, err = webrtc.NewPeerConnection(*config)
+ s := webrtc.SettingEngine{}
+ s.SetICEMulticastDNSMode(ice.MulticastDNSModeDisabled)
+ api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
+ c.pc, err = api.NewPeerConnection(*config)
if err != nil {
log.Printf("NewPeerConnection ERROR: %s", err)
return err
diff --git a/proxy/lib/snowflake.go b/proxy/lib/snowflake.go
index 34f8abe..f9bcddb 100644
--- a/proxy/lib/snowflake.go
+++ b/proxy/lib/snowflake.go
@@ -47,6 +47,7 @@ import (
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/util"
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/websocketconn"
"github.com/gorilla/websocket"
+ "github.com/pion/ice/v2"
"github.com/pion/webrtc/v3"
)
@@ -355,7 +356,10 @@ func (sf *SnowflakeProxy) makePeerConnectionFromOffer(sdp *webrtc.SessionDescrip
dataChan chan struct{},
handler func(conn *webRTCConn, remoteAddr net.Addr)) (*webrtc.PeerConnection, error) {
- pc, err := webrtc.NewPeerConnection(config)
+ s := webrtc.SettingEngine{}
+ s.SetICEMulticastDNSMode(ice.MulticastDNSModeDisabled)
+ api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
+ pc, err := api.NewPeerConnection(config)
if err != nil {
return nil, fmt.Errorf("accept: NewPeerConnection: %s", err)
}
@@ -442,7 +446,10 @@ func (sf *SnowflakeProxy) makePeerConnectionFromOffer(sdp *webrtc.SessionDescrip
func (sf *SnowflakeProxy) makeNewPeerConnection(config webrtc.Configuration,
dataChan chan struct{}) (*webrtc.PeerConnection, error) {
- pc, err := webrtc.NewPeerConnection(config)
+ s := webrtc.SettingEngine{}
+ s.SetICEMulticastDNSMode(ice.MulticastDNSModeDisabled)
+ api := webrtc.NewAPI(webrtc.WithSettingEngine(s))
+ pc, err := api.NewPeerConnection(config)
if err != nil {
return nil, fmt.Errorf("accept: NewPeerConnection: %s", err)
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tor-commits
mailing list