commit 84860feac470d0afdb694b6503cefdb8861656c8 Author: Keenan Tims Date: Thu Feb 13 18:35:24 2025 -0800 initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ea8c4bf --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/target diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 0000000..2e99516 --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,413 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "anstream" +version = "0.6.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8acc5369981196006228e28809f761875c0327210a891e941f4c683b3a99529b" +dependencies = [ + "anstyle", + "anstyle-parse", + "anstyle-query", + "anstyle-wincon", + "colorchoice", + "is_terminal_polyfill", + "utf8parse", +] + +[[package]] +name = "anstyle" +version = "1.0.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9" + +[[package]] +name = "anstyle-parse" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" +dependencies = [ + "utf8parse", +] + +[[package]] +name = "anstyle-query" +version = "1.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" +dependencies = [ + "windows-sys", +] + +[[package]] +name = "anstyle-wincon" +version = "3.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3534e77181a9cc07539ad51f2141fe32f6c3ffd4df76db8ad92346b003ae4e" +dependencies = [ + "anstyle", + "once_cell", + "windows-sys", +] + +[[package]] +name = "bitflags" +version = "2.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f68f53c83ab957f72c32642f3868eec03eb974d1fb82e453128456482613d36" + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "clap" +version = "4.5.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8acebd8ad879283633b343856142139f2da2317c96b05b4dd6181c61e2480184" +dependencies = [ + "clap_builder", + "clap_derive", +] + +[[package]] +name = "clap_builder" +version = "4.5.29" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6ba32cbda51c7e1dfd49acc1457ba1a7dec5b64fe360e828acb13ca8dc9c2f9" +dependencies = [ + "anstream", + "anstyle", + "clap_lex", + "strsim", +] + +[[package]] +name = "clap_derive" +version = "4.5.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf4ced95c6f4a675af3da73304b9ac4ed991640c36374e4b46795c49e17cf1ed" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" + +[[package]] +name = "colorchoice" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" + +[[package]] +name = "crc32fast" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "getrandom" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a49c392881ce6d5c3b8cb70f98717b7c07aabbdff06687b9030dbfbe2725f8" +dependencies = [ + "cfg-if", + "libc", + "wasi", + "windows-targets", +] + +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + +[[package]] +name = "is_terminal_polyfill" +version = "1.70.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" + +[[package]] +name = "libc" +version = "0.2.169" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a" + +[[package]] +name = "log" +version = "0.4.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04cbf5b083de1c7e0222a7a51dbfdba1cbe1c6ab0b15e29fff3f6c077fd9cd9f" + +[[package]] +name = "memchr" +version = "2.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" + +[[package]] +name = "nom" +version = "8.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df9761775871bdef83bee530e60050f7e54b1105350d6884eb0fb4f46c2f9405" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.20.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "945462a4b81e43c4e3ba96bd7b49d834c6f61198356aa858733bc4acf3cbe62e" + +[[package]] +name = "ppv-lite86" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" +dependencies = [ + "zerocopy 0.7.35", +] + +[[package]] +name = "proc-macro2" +version = "1.0.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60946a68e5f9d28b0dc1c21bb8a97ee7d018a8b322fa57838ba31cc878e22d99" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e4dccaaaf89514f546c693ddc140f729f958c247918a13380cccc6078391acc" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "rand" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3779b94aeb87e8bd4e834cee3650289ee9e0d5677f976ecdb6d219e5f4f6cd94" +dependencies = [ + "rand_chacha", + "rand_core", + "zerocopy 0.8.17", +] + +[[package]] +name = "rand_chacha" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b08f3c9802962f7e1b25113931d94f43ed9725bebc59db9d0c3e9a23b67e15ff" +dependencies = [ + "getrandom", + "zerocopy 0.8.17", +] + +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "syn" +version = "2.0.98" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36147f1a48ae0ec2b5b3bc5b537d267457555a10dc06f3dbc8cb11ba3006d3b1" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "tailstun" +version = "0.1.0" +dependencies = [ + "clap", + "crc32fast", + "log", + "nom", + "rand", +] + +[[package]] +name = "unicode-ident" +version = "1.0.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a210d160f08b701c8721ba1c726c11662f877ea6b7094007e1ca9a1041945034" + +[[package]] +name = "utf8parse" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821" + +[[package]] +name = "wasi" +version = "0.13.3+wasi-0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26816d2e1a4a36a2940b96c5296ce403917633dff8f3440e9b236ed6f6bacad2" +dependencies = [ + "wit-bindgen-rt", +] + +[[package]] +name = "windows-sys" +version = "0.59.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" +dependencies = [ + "windows-targets", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_gnullvm", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "wit-bindgen-rt" +version = "0.33.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3268f3d866458b787f390cf61f4bbb563b922d091359f9608842999eaee3943c" +dependencies = [ + "bitflags", +] + +[[package]] +name = "zerocopy" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" +dependencies = [ + "byteorder", + "zerocopy-derive 0.7.35", +] + +[[package]] +name = "zerocopy" +version = "0.8.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa91407dacce3a68c56de03abe2760159582b846c6a4acd2f456618087f12713" +dependencies = [ + "zerocopy-derive 0.8.17", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "zerocopy-derive" +version = "0.8.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06718a168365cad3d5ff0bb133aad346959a2074bd4a85c121255a11304a8626" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..9fe70f6 --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "tailstun" +version = "0.1.0" +edition = "2021" + +[dependencies] +clap = { version = "4.5.29", features = ["derive"] } +crc32fast = "1.4.2" +log = "0.4.25" +nom = "8.0.0" +rand = "0.9.0" diff --git a/README.md b/README.md new file mode 100644 index 0000000..a25d7e2 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +A trivial test client for Tailscale's derper STUN service, which doesn't respond to generic STUN requests. diff --git a/src/main.rs b/src/main.rs new file mode 100644 index 0000000..991bbb9 --- /dev/null +++ b/src/main.rs @@ -0,0 +1,503 @@ +use clap; +use std::fmt; +use std::net::{IpAddr, Ipv4Addr, SocketAddr, UdpSocket}; +use std::ops::Index; + +use crc32fast::hash; +use log::warn; +use nom::bytes::complete::{tag, take}; +use nom::error::ParseError; +use nom::multi::{many, many0}; +use nom::number::complete::{be_u128, be_u16, be_u32, be_u8}; +use nom::{AsBytes, IResult, Parser}; +use rand::RngCore; + +// https://github.com/tailscale/tailscale/blob/main/net/stun/stun.go + +const ATTR_NUM_SOFTWARE: u16 = 0x8022; +const ATTR_NUM_FINGERPRINT: u16 = 0x8028; +const ATTR_MAPPED_ADDRESS: u16 = 0x0001; +const ATTR_XOR_MAPPED_ADDRESS: u16 = 0x0020; +// This alternative attribute type is not +// mentioned in the RFC, but the shift into +// the "comprehension-optional" range seems +// like an easy mistake for a server to make. +// And servers appear to send it. +const ATTR_XOR_MAPPED_ADDRESS_ALT: u16 = 0x8020; +const ATTR_SOURCE_ADDRESS: u16 = 0x0004; +const ATTR_CHANGED_ADDRESS: u16 = 0x0005; +const ATTR_USERNAME: u16 = 0x0006; +const ATTR_MESSAGE_INTEGRITY: u16 = 0x0008; +const ATTR_ERROR_CODE: u16 = 0x0009; +const ATTR_UNKNOWN_ATTRIBUTES: u16 = 0x000a; +const ATTR_REALM: u16 = 0x0014; +const ATTR_NONCE: u16 = 0x0015; +const ATTR_ALTERNATE_SERVER: u16 = 0x8023; + +const SOFTWARE: [u8; 8] = *b"tailnode"; +const BINDING_REQUEST: [u8; 2] = [0x00, 0x01]; +const MAGIC_COOKIE: [u8; 4] = [0x21, 0x12, 0xa4, 0x42]; +const LEN_FINGERPRINT: u16 = 8; +const HEADER_LEN: u16 = 20; + +#[derive(Debug, Clone)] +struct TxId([u8; 12]); + +impl TxId { + fn new() -> Self { + let mut tx_id = [0; 12]; + rand::rng().fill_bytes(&mut tx_id); + Self(tx_id) + } + + fn from_bytes(bytes: &[u8]) -> Self { + let mut tx_id = [0; 12]; + tx_id.copy_from_slice(bytes); + Self(tx_id) + } + + fn as_bytes(&self) -> &[u8] { + &self.0 + } + + fn make_request(&self) -> Vec { + const LEN_ATTR_SOFTWARE: u16 = 4 + SOFTWARE.len() as u16; + let mut buf = + Vec::with_capacity((HEADER_LEN + LEN_ATTR_SOFTWARE + LEN_FINGERPRINT) as usize); + buf.extend(&BINDING_REQUEST); + buf.extend((LEN_ATTR_SOFTWARE + LEN_FINGERPRINT).to_be_bytes()); + buf.extend(&MAGIC_COOKIE); + buf.extend(self.as_bytes()); + buf.extend(ATTR_NUM_SOFTWARE.to_be_bytes()); + buf.extend((SOFTWARE.len() as u16).to_be_bytes()); + buf.extend(&SOFTWARE); + + let fp = fingerprint(&buf); + buf.extend(ATTR_NUM_FINGERPRINT.to_be_bytes()); + buf.extend((4 as u16).to_be_bytes()); + buf.extend(&fp.to_be_bytes()); + + buf + } +} + +impl From<&TxId> for u128 { + fn from(value: &TxId) -> Self { + let mut padded = [0u8; 16]; + padded[4..].copy_from_slice(&value.0); + u128::from_be_bytes(padded) + } +} + +fn fingerprint(msg: &[u8]) -> u32 { + hash(msg) ^ 0x5354554e +} + +#[derive(clap::Parser)] +#[command(version, about, long_about = None)] +#[command(about = "Test a Tailscale derp node's stun service")] +struct Cli { + host: String, + port: Option, + #[clap(long, short, default_value_t = false)] + debug: bool, +} + +#[derive(Debug, Clone, Copy)] +enum StunClass { + Request = 0, + Indication = 1, + SuccessResponse = 2, + ErrorResponse = 3, +} + +#[derive(Debug, Clone, Copy)] +enum StunMethod { + Binding = 1, +} + +#[derive(Debug, Clone)] +enum StunAttribute { + MappedAddress((IpAddr, u16)), + XorMappedAddress((IpAddr, u16)), + SourceAddress((IpAddr, u16)), + ChangedAddress((IpAddr, u16)), + Username(String), + MessageIntegrity([u8; 20]), + Fingerprint(u32), + ErrorCode((u16, String)), + Realm(String), + Nonce(String), + UnknownAttributes(Vec), + Software(String), + AlternateServer((IpAddr, u16)), + Unknown((u16, Vec)), +} + +fn addr_family(addr: &IpAddr) -> &'static str { + match addr { + IpAddr::V4(_) => "IPv4", + IpAddr::V6(_) => "IPv6", + } +} + +impl fmt::Display for StunAttribute { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + match self { + StunAttribute::MappedAddress((addr, port)) => { + write!( + f, + " MappedAddress ({}) {}:{}", + addr_family(addr), + addr, + port + ) + } + StunAttribute::SourceAddress((addr, port)) => { + write!( + f, + " SourceAddress ({}) {}:{}", + addr_family(addr), + addr, + port + ) + } + StunAttribute::ChangedAddress((addr, port)) => { + write!( + f, + " ChangedAddress ({}) {}:{}", + addr_family(addr), + addr, + port + ) + } + StunAttribute::XorMappedAddress((addr, port)) => { + write!( + f, + " XorMappedAddress ({}) {}:{}", + addr_family(addr), + addr, + port + ) + } + StunAttribute::Username(username) => writeln!(f, " Username {}", username), + StunAttribute::MessageIntegrity(msg_integrity) => { + write!(f, " MessageIntegrity {:?}", msg_integrity) + } + StunAttribute::Fingerprint(fingerprint) => { + write!(f, " Fingerprint 0x{:08x}", fingerprint) + } + StunAttribute::ErrorCode((err_num, error)) => { + write!(f, " ErrorCode {} ({})", err_num, error) + } + StunAttribute::Realm(realm) => writeln!(f, " Realm {}", realm), + StunAttribute::Nonce(nonce) => writeln!(f, " Nonce {}", nonce), + StunAttribute::UnknownAttributes(unknown_attrs) => { + write!(f, " UnknownAttributes {:?}", unknown_attrs) + } + StunAttribute::Software(software) => writeln!(f, " Software {}", software), + StunAttribute::AlternateServer((addr, port)) => { + write!( + f, + " AlternateServer ({}) {}:{}", + addr_family(addr), + addr, + port + ) + } + StunAttribute::Unknown((attr_type, data)) => { + write!(f, " Unknown ({}) {:?}", attr_type, data) + } + } + } +} + +#[derive(Debug)] +struct StunMessageType { + class: StunClass, + method: StunMethod, +} + +#[derive(Debug)] +struct StunHeader { + msg_type: StunMessageType, + msg_length: u16, + tx_id: TxId, +} + +impl fmt::Display for StunHeader { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + writeln!(f, " Header")?; + writeln!( + f, + " MessageType class={:?} (0x{:02x}) method={:?} (0x{:04x})", + self.msg_type.class, + self.msg_type.class as usize, + self.msg_type.method, + self.msg_type.method as usize + ) + } +} + +#[derive(Debug)] +struct StunAttributes(Vec); + +#[derive(Debug)] +struct StunMessage { + h: StunHeader, + attributes: StunAttributes, +} + +impl fmt::Display for StunMessage { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + writeln!(f, "StunMessage")?; + write!(f, "{}", self.h)?; + write!(f, "{}", self.attributes) + } +} + +impl fmt::Display for StunAttributes { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + writeln!(f, " Attributes")?; + for attr in &self.0 { + writeln!(f, " {}", attr)?; + } + Ok(()) + } +} + +fn take_txid<'a, E: ParseError<&'a [u8]>>(bytes: &'a [u8]) -> IResult<&[u8], TxId, E> { + let (bytes, tx_id) = take(12usize)(bytes)?; + Ok((bytes, TxId::from_bytes(tx_id))) +} + +fn parse_stun_message<'a, E: ParseError<&'a [u8]>>( + bytes: &'a [u8], +) -> IResult<&'a [u8], StunMessage, E> { + let (bytes, h) = parse_stun_header(bytes)?; + + let (bytes, attributes) = many0(parse_stun_attribute::<&[u8], E>(&h.tx_id)).parse(bytes)?; + let attributes = StunAttributes(attributes.iter().filter_map(|i| i.clone()).collect()); + + Ok((bytes, StunMessage { h, attributes })) +} + +fn parse_stun_message_type<'a, E: ParseError<&'a [u8]>>( + bytes: &'a [u8], +) -> IResult<&'a [u8], StunMessageType, E> { + let (bytes, msg_type_raw) = be_u16(bytes)?; + if msg_type_raw & 0b11000000 != 0 { + panic!("Invalid STUN message type"); + } + let class_raw = ((msg_type_raw & (1 << 4)) >> 4) | ((msg_type_raw & (1 << 8)) >> 7); + let class = match class_raw { + 0 => StunClass::Request, + 1 => StunClass::Indication, + 2 => StunClass::SuccessResponse, + 3 => StunClass::ErrorResponse, + _ => panic!("Invalid STUN message class"), + }; + let method_raw = msg_type_raw & 0x0f | msg_type_raw & 0xe0 >> 1 | msg_type_raw & 0x3e >> 2; + let method = match method_raw { + 1 => StunMethod::Binding, + _ => panic!("Invalid STUN message method"), + }; + Ok((bytes, StunMessageType { class, method })) +} + +fn parse_stun_address>(bytes: I) -> IResult +where + I: nom::Input, +{ + let (bytes, _) = take(1usize)(bytes)?; + let (bytes, family) = be_u8(bytes)?; + let (bytes, port) = be_u16(bytes)?; + let (bytes, addr) = match family { + 0x01 => { + let (bytes, val) = be_u32(bytes)?; + (bytes, (IpAddr::V4(val.into()), port)) + } + 0x02 => { + let (bytes, val) = be_u128(bytes)?; + (bytes, (IpAddr::V6(val.into()), port)) + } + _ => panic!("Invalid address family"), + }; + Ok((bytes, addr)) +} + +fn parse_stun_xor_address>( + bytes: I, + tx_id: &TxId, +) -> IResult +where + I: nom::Input, +{ + let (bytes, addr) = parse_stun_address(bytes)?; + let xor_port = addr.1 ^ 0x2112; + let xor_addr = match addr.0 { + IpAddr::V4(v4) => { + let v4 = u32::from(v4); + let xor_v4 = v4 ^ 0x2112a442; + IpAddr::V4(xor_v4.into()) + } + IpAddr::V6(v6) => { + let v6 = u128::from(v6); + let xor_v6: u128 = v6 ^ (0x2112a442 << 96 | u128::from(tx_id)); + IpAddr::V6(xor_v6.into()) + } + }; + Ok((bytes, (xor_addr, xor_port))) +} + +fn parse_stun_attribute>( + tx_id: &TxId, +) -> impl Fn(I) -> IResult, E> +where + I: nom::Input + nom::Compare + AsBytes, +{ + let tx_id = tx_id.clone(); + move |bytes| parse_stun_attribute_impl(bytes, &tx_id) +} + +fn parse_stun_attribute_impl>( + bytes: I, + tx_id: &TxId, +) -> IResult, E> +where + I: nom::Input + nom::Compare + AsBytes, +{ + let (bytes, attr_type) = be_u16(bytes)?; + let (bytes, attr_len) = be_u16(bytes)?; + let (bytes, attr_data) = take(attr_len)(bytes)?; + + if attr_len == 0 { + return Ok((bytes, None)); + } + + let attr = match attr_type { + ATTR_MAPPED_ADDRESS => { + let (_residual, addr) = parse_stun_address(attr_data)?; + StunAttribute::MappedAddress(addr) + } + ATTR_SOURCE_ADDRESS => { + let (_residual, addr) = parse_stun_address(attr_data)?; + StunAttribute::SourceAddress(addr) + } + ATTR_CHANGED_ADDRESS => { + let (_residual, addr) = parse_stun_address(attr_data)?; + StunAttribute::ChangedAddress(addr) + } + ATTR_XOR_MAPPED_ADDRESS | ATTR_XOR_MAPPED_ADDRESS_ALT => { + let (_residual, addr) = parse_stun_xor_address(attr_data, tx_id)?; + + StunAttribute::XorMappedAddress(addr) + } + ATTR_USERNAME => { + let username = String::from_iter(attr_data.iter_elements().map(|b| b as char)); + StunAttribute::Username(username) + } + ATTR_MESSAGE_INTEGRITY => { + let mut msg_integrity = [0u8; 20]; + msg_integrity.copy_from_slice(attr_data.as_bytes()); + StunAttribute::MessageIntegrity(msg_integrity) + } + ATTR_ERROR_CODE => { + let (attr_data, zeros) = take(2usize)(attr_data)?; + if zeros.iter_elements().any(|b| b != 0) { + panic!("Invalid STUN error code"); + } + let (attr_data, err_num) = be_u16(attr_data)?; + if err_num & 0b1111100000000000 != 0 { + panic!("Invalid STUN error code"); + } + let error = String::from_iter(attr_data.iter_elements().map(|b| b as char)); + StunAttribute::ErrorCode((err_num, error)) + } + ATTR_UNKNOWN_ATTRIBUTES => { + let (_residual, unknown_attrs) = + many((attr_len / 2) as usize, be_u16).parse(attr_data)?; + StunAttribute::UnknownAttributes(unknown_attrs) + } + ATTR_NUM_FINGERPRINT => { + let (_residual, fingerprint) = be_u32(attr_data)?; + StunAttribute::Fingerprint(fingerprint) + } + ATTR_REALM => { + let realm = String::from_iter(attr_data.iter_elements().map(|b| b as char)); + StunAttribute::Realm(realm) + } + ATTR_NONCE => { + let nonce = String::from_iter(attr_data.iter_elements().map(|b| b as char)); + StunAttribute::Nonce(nonce) + } + ATTR_NUM_SOFTWARE => { + let software = String::from_iter(attr_data.iter_elements().map(|b| b as char)); + StunAttribute::Software(software) + } + ATTR_ALTERNATE_SERVER => { + let (_residual, addr) = parse_stun_address(attr_data)?; + StunAttribute::AlternateServer(addr) + } + + t => { + warn!("Unknown STUN attribute type {t}"); + StunAttribute::Unknown((t, attr_data.iter_elements().collect())) + } + }; + + Ok((bytes, Some(attr))) +} + +fn parse_stun_header<'a, E: ParseError<&'a [u8]>>( + bytes: &'a [u8], +) -> IResult<&'a [u8], StunHeader, E> { + let (bytes, msg_type) = parse_stun_message_type(bytes)?; + let (bytes, msg_length) = be_u16(bytes)?; + let (bytes, _) = tag(MAGIC_COOKIE.as_slice())(bytes)?; + let (bytes, tx_id) = take_txid(bytes)?; + Ok(( + bytes, + StunHeader { + msg_type, + msg_length, + tx_id, + }, + )) +} + +fn main() { + let cli = ::parse(); + + let dest = cli.host + ":" + &cli.port.unwrap_or(3478).to_string(); + let socket = UdpSocket::bind("[::]:0").expect("Unable to bind a UDP socket"); + socket + .connect(dest) + .expect("Unable to connect to the destination"); + if cli.debug { + println!( + "Connected to {:?} from {:?}", + socket.peer_addr(), + socket.local_addr() + ); + } + + let req = TxId::new().make_request(); + if cli.debug { + println!("Sending request {:?}", &req); + } + socket.send(&req).expect("Unable to send request"); + + let mut buf = [0u8; 1500]; + + if let Ok(received) = socket.recv(&mut buf) { + if cli.debug { + println!("Received response: {:?}", &buf[..received]); + } + let (_residual, msg) = parse_stun_message::>(&buf).unwrap(); + println!("Parsed message from {}:", socket.peer_addr().unwrap()); + println!("{}", msg); + } else if let Err(e) = socket.recv(&mut buf) { + println!("recv function failed: {e:?}"); + } +}