Skip to content

Commit

Permalink
Add more client/proxy-specific in-proxy tactics parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
@rod-hynes
rod-hynes committed Jul 3, 2024
1 parent 7d419b4 commit c75a9b0
Show file tree
Hide file tree
Showing 3 changed files with 150 additions and 14 deletions.
22 changes: 20 additions & 2 deletions psiphon/common/parameters/parameters.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -418,7 +418,16 @@ const (
InproxyDisablePortMapping = "InproxyDisablePortMapping"
InproxyDisableInboundForMobileNetworks = "InproxyDisableInboundForMobileNetworks"
InproxyDisableIPv6ICECandidates = "InproxyDisableIPv6ICECandidates"
InproxyDiscoverNATTimeout = "InproxyDiscoverNATTimeout"
InproxyProxyDisableSTUN = "InproxyProxyDisableSTUN"
InproxyProxyDisablePortMapping = "InproxyProxyDisablePortMapping"
InproxyProxyDisableInboundForMobileNetworks = "InproxyProxyDisableInboundForMobileNetworks"
InproxyProxyDisableIPv6ICECandidates = "InproxyProxyDisableIPv6ICECandidates"
InproxyClientDisableSTUN = "InproxyClientDisableSTUN"
InproxyClientDisablePortMapping = "InproxyClientDisablePortMapping"
InproxyClientDisableInboundForMobileNetworks = "InproxyClientDisableInboundForMobileNetworks"
InproxyClientDisableIPv6ICECandidates = "InproxyClientDisableIPv6ICECandidates"
InproxyProxyDiscoverNATTimeout = "InproxyProxyDiscoverNATTimeout"
InproxyClientDiscoverNATTimeout = "InproxyClientDiscoverNATTimeout"
InproxyWebRTCAnswerTimeout = "InproxyWebRTCAnswerTimeout"
InproxyProxyWebRTCAwaitDataChannelTimeout = "InproxyProxyWebRTCAwaitDataChannelTimeout"
InproxyClientWebRTCAwaitDataChannelTimeout = "InproxyClientWebRTCAwaitDataChannelTimeout"
Expand Down Expand Up @@ -901,7 +910,16 @@ var defaultParameters = map[string]struct {
InproxyDisablePortMapping: {value: false},
InproxyDisableInboundForMobileNetworks: {value: false},
InproxyDisableIPv6ICECandidates: {value: false},
InproxyDiscoverNATTimeout: {value: 10 * time.Second, minimum: time.Duration(0), flags: useNetworkLatencyMultiplier},
InproxyProxyDisableSTUN: {value: false},
InproxyProxyDisablePortMapping: {value: false},
InproxyProxyDisableInboundForMobileNetworks: {value: false},
InproxyProxyDisableIPv6ICECandidates: {value: false},
InproxyClientDisableSTUN: {value: false},
InproxyClientDisablePortMapping: {value: false},
InproxyClientDisableInboundForMobileNetworks: {value: false},
InproxyClientDisableIPv6ICECandidates: {value: false},
InproxyProxyDiscoverNATTimeout: {value: 10 * time.Second, minimum: time.Duration(0), flags: useNetworkLatencyMultiplier},
InproxyClientDiscoverNATTimeout: {value: 10 * time.Second, minimum: time.Duration(0), flags: useNetworkLatencyMultiplier},
InproxyWebRTCAnswerTimeout: {value: 20 * time.Second, minimum: time.Duration(0), flags: useNetworkLatencyMultiplier},
InproxyProxyWebRTCAwaitDataChannelTimeout: {value: 30 * time.Second, minimum: time.Duration(0), flags: useNetworkLatencyMultiplier},
InproxyClientWebRTCAwaitDataChannelTimeout: {value: 20 * time.Second, minimum: time.Duration(0), flags: useNetworkLatencyMultiplier},
Expand Down
93 changes: 87 additions & 6 deletions psiphon/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1032,7 +1032,16 @@ type Config struct {
InproxyDisablePortMapping *bool
InproxyDisableInboundForMobileNetworks *bool
InproxyDisableIPv6ICECandidates *bool
InproxyDiscoverNATTimeoutMilliseconds *int
InproxyProxyDisableSTUN *bool
InproxyProxyDisablePortMapping *bool
InproxyProxyDisableInboundForMobileNetworks *bool
InproxyProxyDisableIPv6ICECandidates *bool
InproxyClientDisableSTUN *bool
InproxyClientDisablePortMapping *bool
InproxyClientDisableInboundForMobileNetworks *bool
InproxyClientDisableIPv6ICECandidates *bool
InproxyProxyDiscoverNATTimeoutMilliseconds *int
InproxyClientDiscoverNATTimeoutMilliseconds *int
InproxyWebRTCAnswerTimeoutMilliseconds *int
InproxyProxyWebRTCAwaitDataChannelTimeoutMilliseconds *int
InproxyClientWebRTCAwaitDataChannelTimeoutMilliseconds *int
Expand Down Expand Up @@ -2502,8 +2511,44 @@ func (config *Config) makeConfigParameters() map[string]interface{} {
applyParameters[parameters.InproxyDisableIPv6ICECandidates] = *config.InproxyDisableIPv6ICECandidates
}

if config.InproxyDiscoverNATTimeoutMilliseconds != nil {
applyParameters[parameters.InproxyDiscoverNATTimeout] = fmt.Sprintf("%dms", *config.InproxyDiscoverNATTimeoutMilliseconds)
if config.InproxyProxyDisableSTUN != nil {
applyParameters[parameters.InproxyProxyDisableSTUN] = *config.InproxyProxyDisableSTUN
}

if config.InproxyProxyDisablePortMapping != nil {
applyParameters[parameters.InproxyProxyDisablePortMapping] = *config.InproxyProxyDisablePortMapping
}

if config.InproxyProxyDisableInboundForMobileNetworks != nil {
applyParameters[parameters.InproxyProxyDisableInboundForMobileNetworks] = *config.InproxyProxyDisableInboundForMobileNetworks
}

if config.InproxyProxyDisableIPv6ICECandidates != nil {
applyParameters[parameters.InproxyProxyDisableIPv6ICECandidates] = *config.InproxyProxyDisableIPv6ICECandidates
}

if config.InproxyClientDisableSTUN != nil {
applyParameters[parameters.InproxyClientDisableSTUN] = *config.InproxyClientDisableSTUN
}

if config.InproxyClientDisablePortMapping != nil {
applyParameters[parameters.InproxyClientDisablePortMapping] = *config.InproxyClientDisablePortMapping
}

if config.InproxyClientDisableInboundForMobileNetworks != nil {
applyParameters[parameters.InproxyClientDisableInboundForMobileNetworks] = *config.InproxyClientDisableInboundForMobileNetworks
}

if config.InproxyClientDisableIPv6ICECandidates != nil {
applyParameters[parameters.InproxyClientDisableIPv6ICECandidates] = *config.InproxyClientDisableIPv6ICECandidates
}

if config.InproxyProxyDiscoverNATTimeoutMilliseconds != nil {
applyParameters[parameters.InproxyProxyDiscoverNATTimeout] = fmt.Sprintf("%dms", *config.InproxyProxyDiscoverNATTimeoutMilliseconds)
}

if config.InproxyClientDiscoverNATTimeoutMilliseconds != nil {
applyParameters[parameters.InproxyClientDiscoverNATTimeout] = fmt.Sprintf("%dms", *config.InproxyClientDiscoverNATTimeoutMilliseconds)
}

if config.InproxyWebRTCAnswerTimeoutMilliseconds != nil {
Expand Down Expand Up @@ -3258,9 +3303,45 @@ func (config *Config) setDialParametersHash() {
hash.Write([]byte("InproxyDisableIPv6ICECandidates"))
binary.Write(hash, binary.LittleEndian, *config.InproxyDisableIPv6ICECandidates)
}
if config.InproxyDiscoverNATTimeoutMilliseconds != nil {
hash.Write([]byte("InproxyDiscoverNATTimeoutMilliseconds"))
binary.Write(hash, binary.LittleEndian, int64(*config.InproxyDiscoverNATTimeoutMilliseconds))
if config.InproxyProxyDisableSTUN != nil {
hash.Write([]byte("InproxyProxyDisableSTUN"))
binary.Write(hash, binary.LittleEndian, *config.InproxyProxyDisableSTUN)
}
if config.InproxyProxyDisablePortMapping != nil {
hash.Write([]byte("InproxyProxyDisablePortMapping"))
binary.Write(hash, binary.LittleEndian, *config.InproxyProxyDisablePortMapping)
}
if config.InproxyProxyDisableInboundForMobileNetworks != nil {
hash.Write([]byte("InproxyProxyDisableInboundForMobileNetworks"))
binary.Write(hash, binary.LittleEndian, *config.InproxyProxyDisableInboundForMobileNetworks)
}
if config.InproxyProxyDisableIPv6ICECandidates != nil {
hash.Write([]byte("InproxyProxyDisableIPv6ICECandidates"))
binary.Write(hash, binary.LittleEndian, *config.InproxyProxyDisableIPv6ICECandidates)
}
if config.InproxyClientDisableSTUN != nil {
hash.Write([]byte("InproxyClientDisableSTUN"))
binary.Write(hash, binary.LittleEndian, *config.InproxyClientDisableSTUN)
}
if config.InproxyClientDisablePortMapping != nil {
hash.Write([]byte("InproxyClientDisablePortMapping"))
binary.Write(hash, binary.LittleEndian, *config.InproxyClientDisablePortMapping)
}
if config.InproxyClientDisableInboundForMobileNetworks != nil {
hash.Write([]byte("InproxyClientDisableInboundForMobileNetworks"))
binary.Write(hash, binary.LittleEndian, *config.InproxyClientDisableInboundForMobileNetworks)
}
if config.InproxyClientDisableIPv6ICECandidates != nil {
hash.Write([]byte("InproxyClientDisableIPv6ICECandidates"))
binary.Write(hash, binary.LittleEndian, *config.InproxyClientDisableIPv6ICECandidates)
}
if config.InproxyProxyDiscoverNATTimeoutMilliseconds != nil {
hash.Write([]byte("InproxyProxyDiscoverNATTimeoutMilliseconds"))
binary.Write(hash, binary.LittleEndian, int64(*config.InproxyProxyDiscoverNATTimeoutMilliseconds))
}
if config.InproxyClientDiscoverNATTimeoutMilliseconds != nil {
hash.Write([]byte("InproxyClientDiscoverNATTimeoutMilliseconds"))
binary.Write(hash, binary.LittleEndian, int64(*config.InproxyClientDiscoverNATTimeoutMilliseconds))
}
if config.InproxyWebRTCAnswerTimeoutMilliseconds != nil {
hash.Write([]byte("InproxyWebRTCAnswerTimeoutMilliseconds"))
Expand Down
49 changes: 43 additions & 6 deletions psiphon/inproxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1465,10 +1465,43 @@ func NewInproxyWebRTCDialInstance(
}
}

var awaitDataChannelTimeout time.Duration
disableSTUN := p.Bool(parameters.InproxyDisableSTUN)
disablePortMapping := p.Bool(parameters.InproxyDisablePortMapping)
disableInboundForMobileNetworks := p.Bool(parameters.InproxyDisableInboundForMobileNetworks)
disableIPv6ICECandidates := p.Bool(parameters.InproxyDisableIPv6ICECandidates)

var discoverNATTimeout, awaitDataChannelTimeout time.Duration

if isProxy {

disableSTUN = disableSTUN || p.Bool(parameters.InproxyProxyDisableSTUN)

disablePortMapping = disablePortMapping || p.Bool(parameters.InproxyProxyDisablePortMapping)

disableInboundForMobileNetworks = disableInboundForMobileNetworks ||
p.Bool(parameters.InproxyProxyDisableInboundForMobileNetworks)

disableIPv6ICECandidates = disableIPv6ICECandidates ||
p.Bool(parameters.InproxyProxyDisableIPv6ICECandidates)

discoverNATTimeout = p.Duration(parameters.InproxyProxyDiscoverNATTimeout)

awaitDataChannelTimeout = p.Duration(parameters.InproxyProxyWebRTCAwaitDataChannelTimeout)

} else {

disableSTUN = disableSTUN || p.Bool(parameters.InproxyClientDisableSTUN)

disablePortMapping = disablePortMapping || p.Bool(parameters.InproxyClientDisablePortMapping)

disableInboundForMobileNetworks = disableInboundForMobileNetworks ||
p.Bool(parameters.InproxyClientDisableInboundForMobileNetworks)

disableIPv6ICECandidates = disableIPv6ICECandidates ||
p.Bool(parameters.InproxyClientDisableIPv6ICECandidates)

discoverNATTimeout = p.Duration(parameters.InproxyClientDiscoverNATTimeout)

awaitDataChannelTimeout = p.Duration(parameters.InproxyClientWebRTCAwaitDataChannelTimeout)
}

Expand All @@ -1484,12 +1517,16 @@ func NewInproxyWebRTCDialInstance(
stunDialParameters: stunDialParameters,
webRTCDialParameters: webRTCDialParameters,

// discoverNAT is ignored by proxies, which always attempt discovery.
// webRTCAnswerTimeout and proxyDestinationDialTimeout are used only
// by proxies.

discoverNAT: p.WeightedCoinFlip(parameters.InproxyClientDiscoverNATProbability),
disableSTUN: p.Bool(parameters.InproxyDisableSTUN),
disablePortMapping: p.Bool(parameters.InproxyDisablePortMapping),
disableInboundForMobileNetworks: p.Bool(parameters.InproxyDisableInboundForMobileNetworks),
disableIPv6ICECandidates: p.Bool(parameters.InproxyDisableIPv6ICECandidates),
discoverNATTimeout: p.Duration(parameters.InproxyDiscoverNATTimeout),
disableSTUN: disableSTUN,
disablePortMapping: disablePortMapping,
disableInboundForMobileNetworks: disableInboundForMobileNetworks,
disableIPv6ICECandidates: disableIPv6ICECandidates,
discoverNATTimeout: discoverNATTimeout,
webRTCAnswerTimeout: p.Duration(parameters.InproxyWebRTCAnswerTimeout),
awaitDataChannelTimeout: awaitDataChannelTimeout,
proxyDestinationDialTimeout: p.Duration(parameters.InproxyProxyDestinationDialTimeout),
Expand Down

0 comments on commit c75a9b0

Please sign in to comment.