Add RFC 6062 TURN TCP relay support (server + client)#1532
Open
CraziestPower wants to merge 4 commits intosipsorcery-org:masterfrom
Open
Add RFC 6062 TURN TCP relay support (server + client)#1532CraziestPower wants to merge 4 commits intosipsorcery-org:masterfrom
CraziestPower wants to merge 4 commits intosipsorcery-org:masterfrom
Conversation
Extends the lightweight TurnServer with RFC 6062 TCP relay: - Allocate with RequestedTransport=TCP creates a TCP relay listener - Connect (0x000a): server opens TCP to peer, returns ConnectionId - ConnectionBind (0x000b): pairs data connection with peer, starts bidirectional raw byte relay - ConnectionAttemptIndication (0x001c): sent when peer connects to the relay listener - Unsupported transport returns 442 Client-side ICE changes: - IceServer.IceRelayProtocol and RTCIceServer.X_ICERelayProtocol configuration for requesting TCP relay - IceChecklistEntry TCP relay state machine - RtpIceChannel TCP relay send/receive paths - IceTcpReceiver.RawMode for post-ConnectionBind passthrough STUN layer: - Add ConnectSuccessResponse, ConnectErrorResponse, ConnectionBindSuccessResponse, ConnectionBindErrorResponse, ConnectionAttemptIndication enum values - Fix GetSTUNMessageTypeForId crash on unknown message type IDs 15 new tests including end-to-end TCP relay with TLS. Fixes sipsorcery-org#1531. Based on client-side work by @ha-ves (sipsorcery-org#1362). Co-Authored-By: Haves Irfan <haves@users.noreply.github.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The self-signed certificate from CreateSelfSigned() needs to be exported/reimported as PFX with Exportable flag for SslStream to access the private key on Windows. Also increases handshake timeout to 10s and adds diagnostic info on timeout failure. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The X509Certificate2(byte[], string, flags) constructor is obsolete (SYSLIB0057) on .NET 10. Use X509CertificateLoader.LoadPkcs12 on net10.0+ with a preprocessor guard. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
X509CertificateLoader was introduced in .NET 9 and the obsolete X509Certificate2 constructor is an error on both net9 and net10. Widen the preprocessor guard from NET10_0_OR_GREATER to NET9_0_OR_GREATER. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Member
|
Thanks for the PR. A code restructure has taken place and the source files for this PR are now in src/SIPSorcery. Can this PR be rebased? |
1 similar comment
Member
|
Thanks for the PR. A code restructure has taken place and the source files for this PR are now in src/SIPSorcery. Can this PR be rebased? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Server-side (TurnServer)
AllocatewithRequestedTransport=TCP(0x06) creates a TCP relay listenerConnect(0x000a): opens TCP connection to peer, returnsConnectionIdConnectionBind(0x000b): pairs a client data connection with a peer connection, starts bidirectional raw byte relayConnectionAttemptIndication(0x001c): sent to client when a peer connects to the TCP relay listenerClient-side (ICE)
RTCIceServer.X_ICERelayProtocolconfiguration option to request TCP relayIceServer.IceRelayProtocolproperty wired throughIceServerResolverIceChecklistEntryTCP relay state machine (Connect → ConnectionBind → raw data)RtpIceChannelTCP relay send/receive pathsIceTcpReceiver.RawModefor post-ConnectionBind raw byte passthroughSTUN layer
ConnectSuccessResponse,ConnectErrorResponse,ConnectionBindSuccessResponse,ConnectionBindErrorResponse,ConnectionAttemptIndicationenum valuesGetSTUNMessageTypeForIdcrash on unknown message type IDs (now returns 0 instead of throwing)Tests (15 new)
GetSTUNMessageTypeForId_UnknownValue_ReturnsZeroGetSTUNMessageTypeForId_ConnectSuccessResponse_ReturnsCorrectEnumTcpAllocateSucceedsConnectWithoutAllocationReturns437ConnectToPeerSucceedsConnectionBindPairsDataConnectionRawDataRelaysAfterConnectionBindConnectionAttemptIndicationSentOnPeerConnectAllocateUnsupportedTransportReturns442ChecklistEntryHandlesConnectSuccessChecklistEntryHandlesConnectionBindSuccessTcpRelayEndToEnd_ClientInitiatedConnectTcpRelayEndToEnd_PeerInitiatedConnectTcpRelayEndToEnd_LargePayloadTcpRelayEndToEnd_WithTlsAcknowledgements
Client-side ICE-TCP/TURN-TCP work is based on @ha-ves's draft PR #1362. Thank you for the foundational work on the client-side RFC 6062 implementation.
References
Fixes #1531. Fixes #1294. Related: #1362.
🤖 Generated with Claude Code