quicp2p/puncher.nim

import asyncdispatch, asyncnet, net, port_prediction, strformat

from nativesockets import
  SockAddr,
  SockAddr_storage,
  SockLen,
  getSockOptInt,
  setSockOptInt
from sequtils import any, map

type
  Attempt* = object
    ## A hole punching attempt.
    socks*: seq[AsyncSocket]
    dstIp*: IpAddress
    dstPorts*: seq[Port]
    future*: Future[(AsyncSocket, Port)]

  Puncher* = ref object
    socks*: seq[AsyncSocket]
    natProps*: NatProperties
    attempts*: seq[Attempt]

  PunchHoleError* = object of ValueError

var IPPROTO_IP {.importc: "IPPROTO_IP", header: "<netinet/in.h>".}: cint
var IP_TTL {.importc: "IP_TTL", header: "<netinet/in.h>".}: cint

const Timeout = 3000
const InitiatorMaxOutPacketCount = 1000
const ResponderMaxOutPacketCount = 70
const MaxOutPacketCount = max(InitiatorMaxOutPacketCount,
                              ResponderMaxOutPacketCount)

proc srcPort(sock: AsyncSocket): Port =
  result = sock.getLocalAddr[1]

proc `==`(a, b: Attempt): bool =
  ## ``==`` for hole punching attempts.
  ##
  ## Two hole punching attempts are considered equal if their ``dstIp`` is
  ## equal and their ``dstPorts`` overlap.
  a.dstIp == b.dstIp and a.dstPorts.any(proc (p: Port): bool = p in b.dstPorts)

proc initPuncher*(sock: AsyncSocket, probedSrcPorts: seq[Port]): Puncher =
  # TODO: determine IP_TTL
  let (_, primarySrcPort) = sock.getLocalAddr()
  let natProps = getNatProperties(primarySrcPort, probedSrcPorts)
  result = Puncher(socks: @[sock], natProps: natProps)
  if result.natProps.natType == SymmetricRandom:
    # our NAT is of the evil symmetric type with random port allocation. We are
    # trying to help the other peer by allocating a lot of auxillary sockets
    # for punching more holes
    result.socks.setLen(MaxOutPacketCount)
    for i in 1 .. MaxOutPacketCount - 1:
      result.socks[i] = newAsyncSocket(sockType = SOCK_DGRAM,
                                       protocol = IPPROTO_UDP, buffered = false)
      result.socks[i].bindAddr(Port(0))

proc primarySrcPort*(puncher: Puncher): Port =
  puncher.socks[0].srcPort

proc punch(puncher: Puncher, peerIp: IpAddress, peerPort: Port,
           peerProbedPorts: seq[Port], isInitiating: bool, msg: string):
          Future[Attempt] {.async.} =
  let punchFuture = newFuture[(AsyncSocket, Port)]("punch")
  let peerNatProps = getNatProperties(peerPort, peerProbedPorts)
  let maxOutPacketCount = if isInitiating:
    InitiatorMaxOutPacketCount
  else:
    ResponderMaxOutPacketCount
  var sockCount = 1
  if puncher.natProps.natType == SymmetricRandom:
    if peerNatProps.natType == SymmetricRandom:
      # If both peers are behind a SymmetricRandom NAT we give up.
      raise newException(PunchHoleError,
                         "both peers behind symmetric NAT with random port allocation")
    sockCount = maxOutPacketCount
  let predictedDstPorts = predictPortRange(peerNatProps, maxOutPacketCount.uint16)
  result = Attempt(dstIp: peerIp, dstPorts: predictedDstPorts,
                   future: punchFuture)
  if puncher.attempts.contains(result):
    raise newException(PunchHoleError,
                       "hole punching to given destination already active")
  puncher.attempts.add(result)
  let srcPorts = puncher.socks[0 .. sockCount - 1].map(srcPort)
  echo &"sending msg {msg} to {peerIp}, srcPorts: {srcPorts}, dstPorts: {result.dstPorts}"
  var peerAddr: Sockaddr_storage
  var peerSockLen: SockLen
  try:
    var defaultTTL: int
    for i in 0 .. sockCount - 1:
      let sock = puncher.socks[i]
      if isInitiating:
        defaultTTL = sock.getFd.getSockOptInt(IPPROTO_IP, IP_TTL)
        sock.getFd.setSockOptInt(IPPROTO_IP, IP_TTL, 2)
      for dstPort in result.dstPorts:
        toSockAddr(result.dstIp, dstPort, peerAddr, peerSockLen)
        # TODO: replace asyncdispatch.sendTo with asyncnet.sendTo (Nim 1.4 required)
        await sendTo(sock.getFd.AsyncFD, msg.cstring, msg.len,
                     cast[ptr SockAddr](addr peerAddr), peerSockLen)
      if isInitiating:
        sock.getFd.setSockOptInt(IPPROTO_IP, IP_TTL, defaultTTL)
  except OSError as e:
    raise newException(PunchHoleError, e.msg)

proc initiate*(puncher: Puncher, peerIp: IpAddress, peerPort: Port,
               peerProbedPorts: seq[Port]): Future[Attempt] =
  punch(puncher, peerIp, peerPort, peerProbedPorts, true, "SYN")
  
proc respond*(puncher: Puncher, peerIp: IpAddress, peerPort: Port,
              peerProbedPorts: seq[Port]): Future[Attempt] =
  punch(puncher, peerIp, peerPort, peerProbedPorts, false, "ACK")

proc finalize*(attempt: Attempt): Future[(AsyncSocket, Port)] {.async.} =
  await attempt.future or sleepAsync(Timeout)
  if attempt.future.finished:
    result = attempt.future.read()
  else:
    raise newException(PunchHoleError, "timeout")

proc handleMsg*(puncher: Puncher, msg: string, sock: AsyncSocket,
                peerIp: IpAddress, peerPort: Port) =
  ## Handles an incoming UDP message which may complete the Futures returned by
  ## ``initiate`` and ``respond``.
  if msg == "SYN":
    # We received a SYN packet. We ignore it because we expected it to be
    # filtered by our NAT.
    return
  let query = Attempt(dstIp: peerIp, dstPorts: @[peerPort])
  let i = puncher.attempts.find(query)
  if i != -1:
    if msg == "ACK":
      echo &"handling ACK message from {peerIp}:{peerPort}"
    else:
      echo &"handling QUIC message from {peerIp}:{peerPort}"
    puncher.attempts[i].future.complete((sock, peerPort))
    puncher.attempts.del(i)
  else:
    echo &"received unexpected packet from {peerIp}:{peerPort}"

proc handleMsg*(puncher: Puncher, msg: string, sock: AsyncSocket,
                peerAddr: SockAddr | Sockaddr_storage, peerSockLen: SockLen) =
  var peerIp: IpAddress
  var peerPort: Port
  fromSockAddr(peerAddr, peerSockLen, peerIp, peerPort)
  handleMsg(puncher, msg, sock, peerIp, peerPort)
add debug output 2020-11-17 22:50:00 +01:00			`import asyncdispatch, asyncnet, net, port_prediction, strformat`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
try IP_TTL = 2 for ACK packets 2020-11-18 09:31:09 +01:00			`from nativesockets import`
			`SockAddr,`
			`SockAddr_storage,`
			`SockLen,`
			`getSockOptInt,`
			`setSockOptInt`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`from sequtils import any, map`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
			`type`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`Attempt* = object`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`## A hole punching attempt.`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`socks*: seq[AsyncSocket]`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`dstIp*: IpAddress`
			`dstPorts*: seq[Port]`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`future*: Future[(AsyncSocket, Port)]`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
			`Puncher* = ref object`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`socks*: seq[AsyncSocket]`
			`natProps*: NatProperties`
			`attempts*: seq[Attempt]`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
			`PunchHoleError* = object of ValueError`

try IP_TTL = 2 for ACK packets 2020-11-18 09:31:09 +01:00			`var IPPROTO_IP {.importc: "IPPROTO_IP", header: "<netinet/in.h>".}: cint`
			`var IP_TTL {.importc: "IP_TTL", header: "<netinet/in.h>".}: cint`

add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`const Timeout = 3000`
fix maximum number of outbound packets and maximum number of sockets 2020-11-22 14:06:25 +01:00			`const InitiatorMaxOutPacketCount = 1000`
			`const ResponderMaxOutPacketCount = 70`
			`const MaxOutPacketCount = max(InitiatorMaxOutPacketCount,`
			`ResponderMaxOutPacketCount)`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00
			`proc srcPort(sock: AsyncSocket): Port =`
			`result = sock.getLocalAddr[1]`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
			proc `==`(a, b: Attempt): bool =
			## ``==`` for hole punching attempts.
			`##`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			## Two hole punching attempts are considered equal if their ``dstIp`` is
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			## equal and their ``dstPorts`` overlap.
			`a.dstIp == b.dstIp and a.dstPorts.any(proc (p: Port): bool = p in b.dstPorts)`

			`proc initPuncher*(sock: AsyncSocket, probedSrcPorts: seq[Port]): Puncher =`
			`# TODO: determine IP_TTL`
			`let (_, primarySrcPort) = sock.getLocalAddr()`
			`let natProps = getNatProperties(primarySrcPort, probedSrcPorts)`
			`result = Puncher(socks: @[sock], natProps: natProps)`
			`if result.natProps.natType == SymmetricRandom:`
			`# our NAT is of the evil symmetric type with random port allocation. We are`
			`# trying to help the other peer by allocating a lot of auxillary sockets`
			`# for punching more holes`
fix maximum number of outbound packets and maximum number of sockets 2020-11-22 14:06:25 +01:00			`result.socks.setLen(MaxOutPacketCount)`
			`for i in 1 .. MaxOutPacketCount - 1:`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`result.socks[i] = newAsyncSocket(sockType = SOCK_DGRAM,`
			`protocol = IPPROTO_UDP, buffered = false)`
			`result.socks[i].bindAddr(Port(0))`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`proc primarySrcPort*(puncher: Puncher): Port =`
			`puncher.socks[0].srcPort`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
			`proc punch(puncher: Puncher, peerIp: IpAddress, peerPort: Port,`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`peerProbedPorts: seq[Port], isInitiating: bool, msg: string):`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`Future[Attempt] {.async.} =`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`let punchFuture = newFuture[(AsyncSocket, Port)]("punch")`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`let peerNatProps = getNatProperties(peerPort, peerProbedPorts)`
fix maximum number of outbound packets and maximum number of sockets 2020-11-22 14:06:25 +01:00			`let maxOutPacketCount = if isInitiating:`
			`InitiatorMaxOutPacketCount`
			`else:`
			`ResponderMaxOutPacketCount`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`var sockCount = 1`
			`if puncher.natProps.natType == SymmetricRandom:`
			`if peerNatProps.natType == SymmetricRandom:`
fix maximum number of outbound packets and maximum number of sockets 2020-11-22 14:06:25 +01:00			`# If both peers are behind a SymmetricRandom NAT we give up.`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`raise newException(PunchHoleError,`
			`"both peers behind symmetric NAT with random port allocation")`
fix maximum number of outbound packets and maximum number of sockets 2020-11-22 14:06:25 +01:00			`sockCount = maxOutPacketCount`
			`let predictedDstPorts = predictPortRange(peerNatProps, maxOutPacketCount.uint16)`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`result = Attempt(dstIp: peerIp, dstPorts: predictedDstPorts,`
			`future: punchFuture)`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`if puncher.attempts.contains(result):`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`raise newException(PunchHoleError,`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`"hole punching to given destination already active")`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`puncher.attempts.add(result)`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`let srcPorts = puncher.socks[0 .. sockCount - 1].map(srcPort)`
			`echo &"sending msg {msg} to {peerIp}, srcPorts: {srcPorts}, dstPorts: {result.dstPorts}"`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`var peerAddr: Sockaddr_storage`
			`var peerSockLen: SockLen`
			`try:`
try IP_TTL = 2 for ACK packets 2020-11-18 09:31:09 +01:00			`var defaultTTL: int`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`for i in 0 .. sockCount - 1:`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`let sock = puncher.socks[i]`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`if isInitiating:`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`defaultTTL = sock.getFd.getSockOptInt(IPPROTO_IP, IP_TTL)`
			`sock.getFd.setSockOptInt(IPPROTO_IP, IP_TTL, 2)`
			`for dstPort in result.dstPorts:`
			`toSockAddr(result.dstIp, dstPort, peerAddr, peerSockLen)`
			`# TODO: replace asyncdispatch.sendTo with asyncnet.sendTo (Nim 1.4 required)`
			`await sendTo(sock.getFd.AsyncFD, msg.cstring, msg.len,`
			`cast[ptr SockAddr](addr peerAddr), peerSockLen)`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`if isInitiating:`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`sock.getFd.setSockOptInt(IPPROTO_IP, IP_TTL, defaultTTL)`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`except OSError as e:`
			`raise newException(PunchHoleError, e.msg)`

			`proc initiate*(puncher: Puncher, peerIp: IpAddress, peerPort: Port,`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`peerProbedPorts: seq[Port]): Future[Attempt] =`
try IP_TTL = 2 for ACK packets 2020-11-18 09:31:09 +01:00			`punch(puncher, peerIp, peerPort, peerProbedPorts, true, "SYN")`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
			`proc respond*(puncher: Puncher, peerIp: IpAddress, peerPort: Port,`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`peerProbedPorts: seq[Port]): Future[Attempt] =`
try IP_TTL = 2 for ACK packets 2020-11-18 09:31:09 +01:00			`punch(puncher, peerIp, peerPort, peerProbedPorts, false, "ACK")`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`proc finalize*(attempt: Attempt): Future[(AsyncSocket, Port)] {.async.} =`
change puncher API so we can notify the peer after sending out the SYN packets 2020-11-18 16:34:14 +01:00			`await attempt.future or sleepAsync(Timeout)`
			`if attempt.future.finished:`
			`result = attempt.future.read()`
			`else:`
			`raise newException(PunchHoleError, "timeout")`

use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`proc handleMsg*(puncher: Puncher, msg: string, sock: AsyncSocket,`
			`peerIp: IpAddress, peerPort: Port) =`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`## Handles an incoming UDP message which may complete the Futures returned by`
			## ``initiate`` and ``respond``.
only ignore SYN packet because it can be the start of a QUIC handshake too 2020-11-18 00:10:36 +01:00			`if msg == "SYN":`
			`# We received a SYN packet. We ignore it because we expected it to be`
			`# filtered by our NAT.`
only handle ACK messages, not SYN (we expect them to be filtered by our NAT) 2020-11-17 23:44:13 +01:00			`return`
let puncher additional sockets; implement initiating from behind SymmetricRandom NAT using 1000 sockets (untested) 2020-11-22 12:57:46 +01:00			`let query = Attempt(dstIp: peerIp, dstPorts: @[peerPort])`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`let i = puncher.attempts.find(query)`
			`if i != -1:`
better debug output 2020-11-18 17:12:18 +01:00			`if msg == "ACK":`
			`echo &"handling ACK message from {peerIp}:{peerPort}"`
			`else:`
			`echo &"handling QUIC message from {peerIp}:{peerPort}"`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`puncher.attempts[i].future.complete((sock, peerPort))`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`puncher.attempts.del(i)`
more debug output 2020-11-18 18:24:19 +01:00			`else:`
			`echo &"received unexpected packet from {peerIp}:{peerPort}"`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`proc handleMsg*(puncher: Puncher, msg: string, sock: AsyncSocket,`
add UDP hole punching (untested) 2020-11-17 20:40:30 +01:00			`peerAddr: SockAddr \| Sockaddr_storage, peerSockLen: SockLen) =`
			`var peerIp: IpAddress`
			`var peerPort: Port`
			`fromSockAddr(peerAddr, peerSockLen, peerIp, peerPort)`
use multiple sockets for punching multiple holes if behind a SymmetricRandom NAT 2020-11-20 22:04:35 +01:00			`handleMsg(puncher, msg, sock, peerIp, peerPort)`