Merge branch 'maddyrtc' into slowcord

6 files changed, 273 insertions, 87 deletions

diff --git a/webrtc/package-lock.json b/webrtc/package-lock.json
index afba7e76..e6b10d69 100644
--- a/webrtc/package-lock.json
+++ b/webrtc/package-lock.json
@@ -9,7 +9,10 @@
 			"version": "1.0.0",
 			"license": "ISC",
 			"dependencies": {
+				"@types/libsodium-wrappers": "^0.7.9",
 				"dotenv": "^12.0.4",
+				"libsodium": "^0.7.10",
+				"libsodium-wrappers": "^0.7.10",
 				"mediasoup": "^3.9.5",
 				"node-turn": "^0.0.6",
 				"sdp-transform": "^2.14.1",
@@ -74,6 +77,11 @@
 			"resolved": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz",
 			"integrity": "sha1-7ihweulOEdK4J7y+UnC86n8+ce4="
 		},
+		"node_modules/@types/libsodium-wrappers": {
+			"version": "0.7.9",
+			"resolved": "https://registry.npmjs.org/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.9.tgz",
+			"integrity": "sha512-LisgKLlYQk19baQwjkBZZXdJL0KbeTpdEnrAfz5hQACbklCY0gVFnsKUyjfNWF1UQsCSjw93Sj5jSbiO8RPfdw=="
+		},
 		"node_modules/@types/node": {
 			"version": "15.6.1",
 			"resolved": "https://registry.npmjs.org/@types/node/-/node-15.6.1.tgz",
@@ -323,6 +331,19 @@
 				"graceful-fs": "^4.1.6"
 			}
 		},
+		"node_modules/libsodium": {
+			"version": "0.7.10",
+			"resolved": "https://registry.npmjs.org/libsodium/-/libsodium-0.7.10.tgz",
+			"integrity": "sha512-eY+z7hDrDKxkAK+QKZVNv92A5KYkxfvIshtBJkmg5TSiCnYqZP3i9OO9whE79Pwgm4jGaoHgkM4ao/b9Cyu4zQ=="
+		},
+		"node_modules/libsodium-wrappers": {
+			"version": "0.7.10",
+			"resolved": "https://registry.npmjs.org/libsodium-wrappers/-/libsodium-wrappers-0.7.10.tgz",
+			"integrity": "sha512-pO3F1Q9NPLB/MWIhehim42b/Fwb30JNScCNh8TcQ/kIc+qGLQch8ag8wb0keK3EP5kbGakk1H8Wwo7v+36rNQg==",
+			"dependencies": {
+				"libsodium": "^0.7.0"
+			}
+		},
 		"node_modules/log4js": {
 			"version": "6.3.0",
 			"resolved": "https://registry.npmjs.org/log4js/-/log4js-6.3.0.tgz",
@@ -609,6 +630,11 @@
 			"resolved": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz",
 			"integrity": "sha1-7ihweulOEdK4J7y+UnC86n8+ce4="
 		},
+		"@types/libsodium-wrappers": {
+			"version": "0.7.9",
+			"resolved": "https://registry.npmjs.org/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.9.tgz",
+			"integrity": "sha512-LisgKLlYQk19baQwjkBZZXdJL0KbeTpdEnrAfz5hQACbklCY0gVFnsKUyjfNWF1UQsCSjw93Sj5jSbiO8RPfdw=="
+		},
 		"@types/node": {
 			"version": "15.6.1",
 			"resolved": "https://registry.npmjs.org/@types/node/-/node-15.6.1.tgz",
@@ -771,6 +797,19 @@
 				"graceful-fs": "^4.1.6"
 			}
 		},
+		"libsodium": {
+			"version": "0.7.10",
+			"resolved": "https://registry.npmjs.org/libsodium/-/libsodium-0.7.10.tgz",
+			"integrity": "sha512-eY+z7hDrDKxkAK+QKZVNv92A5KYkxfvIshtBJkmg5TSiCnYqZP3i9OO9whE79Pwgm4jGaoHgkM4ao/b9Cyu4zQ=="
+		},
+		"libsodium-wrappers": {
+			"version": "0.7.10",
+			"resolved": "https://registry.npmjs.org/libsodium-wrappers/-/libsodium-wrappers-0.7.10.tgz",
+			"integrity": "sha512-pO3F1Q9NPLB/MWIhehim42b/Fwb30JNScCNh8TcQ/kIc+qGLQch8ag8wb0keK3EP5kbGakk1H8Wwo7v+36rNQg==",
+			"requires": {
+				"libsodium": "^0.7.0"
+			}
+		},
 		"log4js": {
 			"version": "6.3.0",
 			"resolved": "https://registry.npmjs.org/log4js/-/log4js-6.3.0.tgz",
diff --git a/webrtc/package.json b/webrtc/package.json
index 78518405..a8fc054d 100644
--- a/webrtc/package.json
+++ b/webrtc/package.json
@@ -19,7 +19,10 @@
 		"typescript": "^4.3.2"
 	},
 	"dependencies": {
+		"@types/libsodium-wrappers": "^0.7.9",
 		"dotenv": "^12.0.4",
+		"libsodium": "^0.7.10",
+		"libsodium-wrappers": "^0.7.10",
 		"mediasoup": "^3.9.5",
 		"node-turn": "^0.0.6",
 		"sdp-transform": "^2.14.1",
diff --git a/webrtc/src/Server.ts b/webrtc/src/Server.ts
index 42b82c6a..7a1070b9 100644
--- a/webrtc/src/Server.ts
+++ b/webrtc/src/Server.ts
@@ -5,8 +5,9 @@ import OPCodeHandlers, { Payload } from "./opcodes";
 import { setHeartbeat } from "./util";
 import * as mediasoup from "mediasoup";
 import { types as MediasoupTypes } from "mediasoup";
-
 import udp from "dgram";
+import sodium from "libsodium-wrappers";
+import { assert } from "console";
 
 var port = Number(process.env.PORT);
 if (isNaN(port)) port = 3004;
@@ -19,6 +20,9 @@ export class Server {
 	public mediasoupProducers: MediasoupTypes.Producer[] = [];
 	public mediasoupConsumers: MediasoupTypes.Consumer[] = [];
 
+	public decryptKey: Uint8Array;
+	public testUdp = udp.createSocket("udp6");
+
 	constructor() {
 		this.ws = new WebSocketServer({
 			port,
@@ -43,8 +47,79 @@ export class Server {
 					socket.close(CLOSECODES.Unknown_opcode);
 				}
 			});
+
+			socket.on("close", (code: number, reason: string) => {
+				console.log(`client closed ${code} ${reason}`);
+				for (var consumer of this.mediasoupConsumers)  consumer.close();
+				for (var producer of this.mediasoupProducers) producer.close();
+				for (var transport of this.mediasoupTransports) transport.close();
+
+				this.mediasoupConsumers = [];
+				this.mediasoupProducers = [];
+				this.mediasoupTransports = [];
+			})
 		});
 
+		this.testUdp.bind(60000);
+		this.testUdp.on("message", (msg, rinfo) => {
+			//random key from like, the libsodium examples on npm lol
+
+			//give me my remote port?
+			if (sodium.to_hex(msg) == "0001004600000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") {
+				this.testUdp.send(Buffer.from([rinfo.port, 0]), rinfo.port, rinfo.address);
+				console.log(`got magic packet to send remote port? ${rinfo.address}:${rinfo.port}`);
+				return;
+			}
+
+			//Hello
+			if (sodium.to_hex(msg) == "0100000000000000") {
+				console.log(`[UDP] client helloed`);
+				return;
+			}
+
+			const nonce = Buffer.concat([msg.slice(-4), Buffer.from("\x00".repeat(20))]);
+			console.log(`[UDP] nonce for this message: ${nonce.toString("hex")}`);
+
+			console.log(`[UDP] message: ${sodium.to_hex(msg)}`);
+
+			// let encrypted;
+			// if (Buffer.from(msg).indexOf("\x81\xc9") == 0) {
+			// 	encrypted = msg.slice(0x18, -4);
+			// }
+			// else if (Buffer.from(msg).indexOf("\x90\x78") == 0) {
+			// 	encrypted = msg.slice(0x1C, -4);
+			// }
+			// else {
+			// 	encrypted = msg.slice(0x18, -4);
+			// 	console.log(`wtf header received: ${encrypted.toString("hex")}`);
+			// }
+
+			let encrypted = msg;
+
+			if (sodium.to_hex(msg).indexOf("80c8000600000001") == 0) {
+				//call status
+
+				encrypted = encrypted.slice(8, -4);
+				assert(encrypted.length == 40);
+
+				try {
+					const decrypted = sodium.crypto_secretbox_open_easy(encrypted, nonce, Buffer.from(this.decryptKey));
+					console.log("[UDP] [ call status ]" + decrypted);
+				}
+				catch (e) {
+					console.error(`[UDP] decrypt failure\n${e}\n${encrypted.toString("base64")}`);
+				}
+				return;
+			}
+
+			// try {
+			// 	const decrypted = sodium.crypto_secretbox_open_easy(encrypted, nonce, Buffer.from(this.decryptKey.map(x => String.fromCharCode(x)).join("")));
+			// 	console.log("[UDP] " + decrypted);
+			// }
+			// catch (e) {
+			// 	console.error(`[UDP] decrypt failure\n${e}\n${msg.toString("base64")}`);
+			// }
+		});
 	}
 
 	async listen(): Promise<void> {
@@ -59,7 +134,7 @@ export class Server {
 	async createWorkers(): Promise<void> {
 		const numWorkers = 1;
 		for (let i = 0; i < numWorkers; i++) {
-			const worker = await mediasoup.createWorker({ logLevel: "debug" });
+			const worker = await mediasoup.createWorker({ logLevel: "debug", logTags: ["dtls", "ice", "info", "message", "bwe"] });
 			if (!worker) return;
 
 			worker.on("died", () => {
@@ -76,9 +151,23 @@ export class Server {
 
 					await transport.enableTraceEvent();
 
+					transport.on('dtlsstatechange', (dtlsstate) => {
+						console.log(dtlsstate);
+					});
+
+					transport.on("sctpstatechange", (sctpstate) => {
+						console.log(sctpstate);
+					});
+
+					router.observer.on("newrtpobserver", (rtpObserver: MediasoupTypes.RtpObserver) => {
+						console.log("new RTP observer created [id:%s]", rtpObserver.id);
+
+						// rtpObserver.observer.on("")
+					});
+
 					transport.on("connect", () => {
-						console.log("transport connect")
-					})
+						console.log("transport connect");
+					});
 
 					transport.observer.on("newproducer", (producer: MediasoupTypes.Producer) => {
 						console.log("new producer created [id:%s]", producer.id);
@@ -114,9 +203,10 @@ export class Server {
 						kind: "audio",
 						mimeType: "audio/opus",
 						clockRate: 48000,
-						channels: 2
+						channels: 2,
+						preferredPayloadType: 111,
 					},
-				]
+				],
 			});
 
 			this.mediasoupWorkers.push(worker);
diff --git a/webrtc/src/opcodes/Identify.ts b/webrtc/src/opcodes/Identify.ts
index 9baa16e3..ef0386a7 100644
--- a/webrtc/src/opcodes/Identify.ts
+++ b/webrtc/src/opcodes/Identify.ts
@@ -34,17 +34,14 @@ export async function onIdentify(this: Server, socket: WebSocket, data: Identify
 		return socket.close(CLOSECODES.Invalid_intent);
 
 	var transport = this.mediasoupTransports[0] || await this.mediasoupRouters[0].createWebRtcTransport({
-		listenIps: [{ ip: "10.22.64.69" }],
+		listenIps: [{ ip: "10.22.64.146" }],
 		enableUdp: true,
-		enableTcp: true,
-		preferUdp: true,
-		enableSctp: true,
 	});
 
 	socket.send(JSON.stringify({
 		op: VoiceOPCodes.READY,
 		d: {
-			streams: [...data.d.streams.map(x => ({ ...x, rtx_ssrc: Math.floor(Math.random() * 10000), ssrc: Math.floor(Math.random() * 10000), active: false, }))],
+			streams: data.d.streams ? [...data.d.streams.map(x => ({ ...x, rtx_ssrc: Math.floor(Math.random() * 10000), ssrc: Math.floor(Math.random() * 10000), active: true, }))] : undefined,
 			ssrc: Math.floor(Math.random() * 10000),
 			ip: transport.iceCandidates[0].ip,
 			port: transport.iceCandidates[0].port,
diff --git a/webrtc/src/opcodes/SelectProtocol.ts b/webrtc/src/opcodes/SelectProtocol.ts
index dc9d2b88..72fb9c79 100644
--- a/webrtc/src/opcodes/SelectProtocol.ts
+++ b/webrtc/src/opcodes/SelectProtocol.ts
@@ -5,7 +5,25 @@ import { Server } from "../Server";
 import * as mediasoup from "mediasoup";
 import { RtpCodecCapability } from "mediasoup/node/lib/RtpParameters";
 import * as sdpTransform from 'sdp-transform';
+import sodium from "libsodium-wrappers";
 
+export interface CodecPayload {
+	name: string,
+	type: "audio" | "video",
+	priority: number,
+	payload_type: number,
+	rtx_payload_type: number | null,
+}
+
+export interface SelectProtocolPayload extends Payload {
+	d: {
+		codecs: Array<CodecPayload>,
+		data: string,	// SDP if webrtc
+		protocol: string,
+		rtc_connection_id: string,
+		sdp?: string,	// same as data
+	};
+}
 
 /*
 
@@ -68,83 +86,121 @@ import * as sdpTransform from 'sdp-transform';
 		"rtc_connection_id": "3faa0b80-b3e2-4bae-b291-273801fbb7ab"
 	}
 }
+*/
 
-Sent by server:
+export async function onSelectProtocol(this: Server, socket: WebSocket, data: SelectProtocolPayload) {
+	if (data.d.sdp) {
+		const rtpCapabilities = this.mediasoupRouters[0].rtpCapabilities;
+		const codecs = rtpCapabilities.codecs as RtpCodecCapability[];
 
-{
-	"op": 4,
-	"d": {
-		"video_codec": "H264",
-		"sdp": "
-			m=audio 50001 ICE/SDP
-			a=fingerprint:sha-256 4A:79:94:16:44:3F:BD:05:41:5A:C7:20:F3:12:54:70:00:73:5D:33:00:2D:2C:80:9B:39:E1:9F:2D:A7:49:87
-			c=IN IP4 109.200.214.158
-			a=rtcp:50001
-			a=ice-ufrag:CLzn
-			a=ice-pwd:qEmIcNwigd07mu46Ok0XCh
-			a=fingerprint:sha-256 4A:79:94:16:44:3F:BD:05:41:5A:C7:20:F3:12:54:70:00:73:5D:33:00:2D:2C:80:9B:39:E1:9F:2D:A7:49:87
-			a=candidate:1 1 UDP 4261412862 109.200.214.158 50001 typ host
-		",
-		"media_session_id": "807955cb953e98c5b90704cf048e81ec",
-		"audio_codec": "opus"
+		const transport = this.mediasoupTransports[0];	//whatever
+
+		const res = sdpTransform.parse(data.d.sdp);
+
+		const videoCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "video");
+		const audioCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "audio");
+
+		const producer = this.mediasoupProducers[0] || await transport.produce({
+			kind: "audio",
+			rtpParameters: {
+				mid: "audio",
+				codecs: [{
+					clockRate: audioCodec!.clockRate,
+					payloadType: audioCodec!.preferredPayloadType as number,
+					mimeType: audioCodec!.mimeType,
+					channels: audioCodec?.channels,
+				}],
+				headerExtensions: res.ext?.map(x => ({
+					id: x.value,
+					uri: x.uri,
+				})),
+			},
+			paused: false,
+		});
+
+		console.log("can consume: " + this.mediasoupRouters[0].canConsume({ producerId: producer.id, rtpCapabilities: rtpCapabilities }));
+
+		const consumer = this.mediasoupConsumers[0] || await transport.consume({
+			producerId: producer.id,
+			paused: false,
+			rtpCapabilities,
+		});
+
+		transport.connect({
+			dtlsParameters: {
+				fingerprints: transport.dtlsParameters.fingerprints,
+				role: "server",
+			}
+		});
+
+		socket.send(JSON.stringify({
+			op: VoiceOPCodes.SESSION_DESCRIPTION,
+			d: {
+				video_codec: videoCodec?.mimeType?.substring(6) || undefined,
+				// mode: "xsalsa20_poly1305_lite",
+				media_session_id: transport.id,
+				audio_codec: audioCodec?.mimeType.substring(6),
+				secret_key: sodium.from_hex("724b092810ec86d7e35c9d067702b31ef90bc43a7b598626749914d6a3e033ed").buffer,
+				sdp: `m=audio ${50001} ICE/SDP\n`
+					+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
+					+ `c=IN IP4 ${transport.iceCandidates[0].ip}\n`
+					+ `t=0 0\n`
+					+ `a=ice-lite\n`
+					+ `a=rtcp-mux\n`
+					+ `a=rtcp:${50001}\n`
+					+ `a=ice-ufrag:${transport.iceParameters.usernameFragment}\n`
+					+ `a=ice-pwd:${transport.iceParameters.password}\n`
+					+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
+					+ `a=candidate:1 1 ${transport.iceCandidates[0].protocol.toUpperCase()} ${transport.iceCandidates[0].priority} ${transport.iceCandidates[0].ip} ${50001} typ ${transport.iceCandidates[0].type}`
+			}
+		}));
+		return;
 	}
-}
+	else {
+		/*
+			{
+				"video_codec":"H264",
+				"sdp":
+				"
+					m=audio 50010 ICE/SDP
+					a=fingerprint:sha-256 4A:79:94:16:44:3F:BD:05:41:5A:C7:20:F3:12:54:70:00:73:5D:33:00:2D:2C:80:9B:39:E1:9F:2D:A7:49:87
+					c=IN IP4 109.200.214.158
+					a=rtcp:50010
+					a=ice-ufrag:+npq
+					a=ice-pwd:+jf7jAesMeHHby43FRqWTy
+					a=fingerprint:sha-256 4A:79:94:16:44:3F:BD:05:41:5A:C7:20:F3:12:54:70:00:73:5D:33:00:2D:2C:80:9B:39:E1:9F:2D:A7:49:87
+					a=candidate:1 1 UDP 4261412862 109.200.214.158 50010 typ host",
+					"media_session_id":"59265c94fa13e313492c372c4c8da801
+				",
+				"audio_codec":"opus"
+			}
+		*/
 
-*/
 
+		/*
+			{
+				"video_codec": "H264",
+				"secret_key": [36, 80, 96, 53, 95, 149, 253, 16, 137, 186, 238, 222, 251, 180, 94, 150, 112, 137, 192, 109, 69, 79, 218, 111, 217, 197, 56, 74, 18, 41, 51, 140],
+				"mode": "aead_aes256_gcm_rtpsize",
+				"media_session_id": "797575a97a87b63e81e2399348b97ad1",
+				"audio_codec": "opus"
+			};
+		*/
+
+		this.decryptKey = sodium.randombytes_buf(sodium.crypto_secretbox_KEYBYTES);
 
-export async function onSelectProtocol(this: Server, socket: WebSocket, data: Payload) {
-	const rtpCapabilities = this.mediasoupRouters[0].rtpCapabilities;
-	const codecs = rtpCapabilities.codecs as RtpCodecCapability[];
-
-	const transport = this.mediasoupTransports[0];	//whatever
-
-	const res = sdpTransform.parse(data.d.sdp);
-
-	const videoCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "video");
-	const audioCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "audio");
-
-	const producer = this.mediasoupProducers[0] || await transport.produce({
-		kind: "audio",
-		rtpParameters: {
-			mid: "audio",
-			codecs: [{
-				clockRate: audioCodec!.clockRate,
-				payloadType: audioCodec!.preferredPayloadType as number,
-				mimeType: audioCodec!.mimeType,
-				channels: audioCodec?.channels,
-			}],
-			headerExtensions: res.ext?.map(x => ({
-				id: x.value,
-				uri: x.uri,
-			})),
-		},
-		paused: false,
-	});
-
-	console.log("can consume: " + this.mediasoupRouters[0].canConsume({ producerId: producer.id, rtpCapabilities: rtpCapabilities }));
-
-	const consumer = this.mediasoupConsumers[0] || await transport.consume({
-		producerId: producer.id,
-		paused: false,
-		rtpCapabilities,
-	});
-
-	socket.send(JSON.stringify({
-		op: VoiceOPCodes.SESSION_DESCRIPTION,
-		d: {
-			video_codec: videoCodec?.mimeType?.substring(6) || undefined,
-			mode: "xsalsa20_poly1305_lite",
-			media_session_id: transport.id,
-			audio_codec: audioCodec?.mimeType.substring(6),
-			sdp: `m=audio ${transport.iceCandidates[0].port} ICE/SDP\n`
-				+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
-				+ `c=IN IPV4 ${transport.iceCandidates[0].ip}\n`
-				+ `a=rtcp: ${transport.iceCandidates[0].port}\n`
-				+ `a=ice-ufrag:${transport.iceParameters.usernameFragment}\n`
-				+ `a=ice-pwd:${transport.iceParameters.password}\n`
-				+ `a=fingerprint:sha-1 ${transport.dtlsParameters.fingerprints[0].value}\n`
-				+ `a=candidate:1 1 ${transport.iceCandidates[0].protocol} ${transport.iceCandidates[0].priority} ${transport.iceCandidates[0].ip} ${transport.iceCandidates[0].port} typ ${transport.iceCandidates[0].type}`
-		}
-	}));
+		// this.decryptKey = new Array(sodium.crypto_secretbox_KEYBYTES).fill(null).map((x, i) => i + 1);
+		console.log(this.decryptKey);
+
+		socket.send(JSON.stringify({
+			op: VoiceOPCodes.SESSION_DESCRIPTION,
+			d: {
+				video_codec: "H264",
+				secret_key: [...this.decryptKey.values()],
+				mode: "aead_aes256_gcm_rtpsize",
+				media_session_id: "blah blah blah",
+				audio_codec: "opus",
+			}
+		}));
+	}
 }
\ No newline at end of file
diff --git a/webrtc/src/start.ts b/webrtc/src/start.ts
index 98f06ad5..f902ec1b 100644
--- a/webrtc/src/start.ts
+++ b/webrtc/src/start.ts
@@ -1,9 +1,10 @@
-//testing
-process.env.DATABASE = "../bundle/database.db";
-
 import { config } from "dotenv";
 config();
 
+//testing
+process.env.DATABASE = "../bundle/database.db";
+process.env.DEBUG = "mediasoup*"
+
 import { Server } from "./Server";
 
 const server = new Server();