diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..5e7ec82 --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,271 @@ +version: "2" + +run: + timeout: 5m + tests: true + build-tags: + - race + +linters: + enable: + - errcheck + - govet + - staticcheck + - unused + - ineffassign + - asasalint + - asciicheck + - bidichk + - bodyclose + - canonicalheader + - containedctx + - contextcheck + - copyloopvar + - cyclop + - decorder + - dogsled + - dupl + - dupword + - durationcheck + - err113 + - errchkjson + - errname + - errorlint + - exhaustive + - fatcontext + - forbidigo + - forcetypeassert + - gocheckcompilerdirectives + - gochecknoglobals + - gochecknoinits + - gochecksumtype + - gocognit + - goconst + - gocritic + - gocyclo + - godot + - godox + - goprintffuncname + - gosec + - grouper + - iface + - inamedparam + - interfacebloat + - intrange + - ireturn + - lll + - loggercheck + - maintidx + - makezero + - mirror + - misspell + - musttag + - nakedret + - nestif + - nilerr + - nilnesserr + - nilnil + - noctx + - nolintlint + - nonamedreturns + - nosprintfhostport + - perfsprint + - prealloc + - predeclared + - promlinter + - reassign + - recvcheck + - revive + - rowserrcheck + - sloglint + - spancheck + - sqlclosecheck + - tagalign + - tagliatelle + - testableexamples + - testifylint + - thelper + - tparallel + - unconvert + - unparam + - usestdlibvars + - wastedassign + - whitespace + - wrapcheck + - zerologlint + +linters-settings: + errcheck: + check-blank: true + check-type-assertions: true + exclude-functions: + - (io.Closer).Close + + govet: + enable-all: true + settings: + shadow: + strict: true + + gosec: + severity: medium + confidence: medium + excludes: + - G104 + - G114 + + gocritic: + enabled-tags: + - diagnostic + - style + - performance + - experimental + - opinionated + + revive: + severity: warning + enable-all-rules: false + rules: + - name: atomic + - name: blank-imports + - name: bool-literal-in-expr + - name: call-to-gc + - name: constant-logical-expr + - name: context-as-argument + - name: context-keys-type + - name: datarace + - name: defer + - name: dot-imports + - name: duplicated-imports + - name: early-return + - name: empty-block + - name: empty-lines + - name: error-naming + - name: error-return + - name: error-strings + - name: errorf + - name: exported + - name: identical-branches + - name: if-return + - name: increment-decrement + - name: indent-error-flow + - name: modifies-parameter + - name: modifies-value-receiver + - name: range + - name: range-val-address + - name: range-val-in-closure + - name: receiver-naming + - name: redefines-builtin-id + - name: string-of-int + - name: struct-tag + - name: superfluous-else + - name: time-equal + - name: time-naming + - name: unconditional-recursion + - name: unexported-naming + - name: unexported-return + - name: unhandled-error + - name: unnecessary-stmt + - name: unreachable-code + - name: unused-parameter + - name: unused-receiver + - name: use-any + - name: useless-break + - name: var-declaration + - name: var-naming + - name: waitgroup-by-value + + stylecheck: + checks: ["all"] + + staticcheck: + checks: ["all"] + + unparam: + check-exported: true + + nakedret: + max-func-lines: 0 + + cyclop: + max-complexity: 10 + + gocyclo: + min-complexity: 10 + + gocognit: + min-complexity: 15 + + nestif: + min-complexity: 4 + + lll: + line-length: 120 + + maintidx: + under: 20 + + funlen: + lines: 80 + statements: 50 + + gochecknoglobals: + check-no-globals: true + + goconst: + min-len: 3 + min-occurrences: 3 + + dupl: + threshold: 100 + + forbidigo: + forbid: + - ^print.*$ + - ^fmt\.Print.*$ + + tagliatelle: + case: + rules: + json: snake + yaml: snake + xml: camel + bson: camel + avro: snake + mapstructure: kebab + + varnamelen: + min-name-length: 2 + ignore-names: + - err + - i + - j + - k + - v + - id + - ok + - db + - tx + - wg + - mu + + ireturn: + allow: + - anon + - error + - empty + - stdlib + + wrapcheck: + ignoreSigs: + - .Errorf( + - errors.New( + - errors.Unwrap( + - .Wrap( + - .Wrapf( + - .WithMessage( + +issues: + max-issues-per-linter: 0 + max-same-issues: 0 + exclude-use-default: false diff --git a/cmd/olcrtc/main.go b/cmd/olcrtc/main.go index 8b3201b..c27bb61 100644 --- a/cmd/olcrtc/main.go +++ b/cmd/olcrtc/main.go @@ -27,6 +27,8 @@ func main() { dataDir string duo bool dnsServer string + socksProxyAddr string + socksProxyPort int ) flag.StringVar(&mode, "mode", "", "Mode: srv or cnc") @@ -38,6 +40,8 @@ func main() { flag.StringVar(&dataDir, "data", "data", "Path to data directory") flag.BoolVar(&duo, "duo", false, "Use dual channels for 2x throughput") flag.StringVar(&dnsServer, "dns", "1.1.1.1:53", "DNS server (default: Cloudflare 1.1.1.1)") + flag.StringVar(&socksProxyAddr, "socks-proxy", "", "SOCKS5 proxy address (server only)") + flag.IntVar(&socksProxyPort, "socks-proxy-port", 1080, "SOCKS5 proxy port (server only)") flag.Parse() if debug { @@ -85,7 +89,7 @@ func main() { go func() { switch mode { case "srv": - errCh <- server.Run(ctx, roomURL, keyHex, duo, dnsServer) + errCh <- server.Run(ctx, roomURL, keyHex, duo, dnsServer, socksProxyAddr, socksProxyPort) case "cnc": errCh <- client.Run(ctx, roomURL, keyHex, socksPort, duo, "", "") } diff --git a/code/init.fish b/code/init.sh similarity index 53% rename from code/init.fish rename to code/init.sh index a368128..51086ca 100755 --- a/code/init.fish +++ b/code/init.sh @@ -1,8 +1,7 @@ -#!/usr/bin/fish - +#!/bin/bash python -m venv venv -source venv/bin/activate.fish +source venv/bin/activate pip install -r requirements.txt diff --git a/doc/YTWA.md b/doc/YTWA.md deleted file mode 100644 index 7e0168a..0000000 --- a/doc/YTWA.md +++ /dev/null @@ -1,1185 +0,0 @@ -=========================================== -AI GENERATED / AI GENERATED / AI GENERATED -=========================================== - - -# Yandex Telemost WebRTC API Documentation - YTWA - -## Overview - -Yandex Telemost implements a Selective Forwarding Unit (SFU) architecture for WebRTC conferencing. The system supports audio, video, and SCTP DataChannel transport over WebRTC with separate publisher and subscriber peer connections. - -**Project includes practical implementations:** -- `dcsend.py` - HTTP requests via DataChannel with chunking (verified: 892B in 1 chunk) -- `dcstream.py` - High-speed streaming (verified: 42.35 MB at 45.75 Mbps) -- `vcsend.py` - Data transfer via video QR codes (verified: 892B in 3 frames) -- `invicible.py` - Encrypted dual-channel transfer (ChaCha20-Poly1305 over DC+VC) -- `flood.py` - Stress testing connections (verified: 40 peers max, 409 after) -- `limits.py` - Limits and performance verification (verified: all tests pass) -- `info.py` - Conference information gathering (verified: full WebRTC details) -- `poc.py` - Basic proof-of-concept - -## Architecture - -### Connection Model - -- SFU-based routing (not P2P) -- Separate PeerConnections for publishing and subscribing -- WebSocket signaling channel -- STUN/TURN infrastructure for NAT traversal - -### Transport Capabilities - -- Audio: Opus codec (48kHz, stereo, DTX, FEC) -- Video: VP8, VP9, H.264, AV1 codecs with simulcast support -- DataChannel: SCTP over DTLS (max message size: 1023MB, port: 5000) - -## API Endpoints - -### Base URL - -``` -https://cloud-api.yandex.ru/telemost_front/v2/telemost -``` - -### 1. Connection Initialization - -**Endpoint:** `GET /conferences/{encoded_conference_url}/connection` - -**Parameters:** -- `next_gen_media_platform_allowed`: boolean (string "true") -- `display_name`: string (URL-encoded participant name) -- `waiting_room_supported`: boolean (string "true") - -**Headers:** -- `User-Agent`: Browser user agent string -- `Accept`: "*/*" -- `content-type`: "application/json" -- `Client-Instance-Id`: UUID v4 -- `X-Telemost-Client-Version`: Version string (e.g., "187.1.0") -- `idempotency-key`: UUID v4 -- `Origin`: "https://telemost.yandex.ru" -- `Referer`: "https://telemost.yandex.ru/" - -**Response:** -```json -{ - "connection_type": "CONFERENCE", - "uri": "https://telemost.yandex.ru/j/{conference_id}", - "room_id": "uuid", - "safe_room_id": "uuid", - "peer_id": "uuid", - "session_id": "uuid", - "peer_session_id": "uuid", - "credentials": "string", - "expiration_time": 1775424866469, - "conference_limit": 40, - "media_platform": "GOLOOM", - "client_configuration": { - "media_server_url": "wss://goloom.strm.yandex.net/join", - "service_name": "telemost", - "ice_servers": [ - { - "urls": ["stun:stun.rtc.yandex.net:3478"] - } - ], - "goloom_session_open_ms": 120000, - "wait_time_to_reconnect_ms": 3553 - } -} -``` - -## WebSocket Protocol - -### Connection - -**URL:** Obtained from `client_configuration.media_server_url` - -**Protocol:** WSS (WebSocket Secure) - -### Message Format - -All messages are JSON objects with a `uid` field (UUID v4) and one message-specific field. - -### Message Types - -#### 1. Client Hello - -**Direction:** Client → Server - -**Structure:** -```json -{ - "uid": "uuid", - "hello": { - "participantMeta": { - "name": "string", - "role": "SPEAKER", - "description": "string", - "sendAudio": boolean, - "sendVideo": boolean - }, - "participantAttributes": { - "name": "string", - "role": "SPEAKER", - "description": "string" - }, - "sendAudio": boolean, - "sendVideo": boolean, - "sendSharing": boolean, - "participantId": "uuid", - "roomId": "uuid", - "serviceName": "telemost", - "credentials": "string", - "capabilitiesOffer": { - "offerAnswerMode": ["SEPARATE"], - "initialSubscriberOffer": ["ON_HELLO"], - "slotsMode": ["FROM_CONTROLLER"], - "simulcastMode": ["DISABLED", "STATIC"], - "selfVadStatus": ["FROM_SERVER", "FROM_CLIENT"], - "dataChannelSharing": ["TO_RTP"] - }, - "sdkInfo": { - "implementation": "string", - "version": "string", - "userAgent": "string", - "hwConcurrency": integer - }, - "sdkInitializationId": "uuid", - "disablePublisher": boolean, - "disableSubscriber": boolean, - "disableSubscriberAudio": boolean - } -} -``` - -#### 2. Server Hello - -**Direction:** Server → Client - -**Structure:** -```json -{ - "uid": "uuid", - "serverHello": { - "capabilitiesAnswer": { - "offerAnswerMode": "SEPARATE", - "initialSubscriberOffer": "ON_HELLO", - "slotsMode": "FROM_CONTROLLER", - "simulcastMode": "DISABLED", - "selfVadStatus": "FROM_SERVER", - "dataChannelSharing": "TO_RTP", - "videoEncoderConfig": "NO_CONFIG", - "dataChannelVideoCodec": "UNIQUE_CODEC_FROM_TRACK_DESCRIPTION", - "bandwidthLimitationReason": "BANDWIDTH_REASON_ENABLED", - "publisherVp9": "PUBLISH_VP9_ENABLED", - "svcMode": "SVC_MODE_L3T3_KEY" - }, - "servingComponents": [ - { - "type": "BORDER|WEBRTC_SERVER|CONTROLLER", - "host": "string", - "version": "string" - } - ], - "sessionSecret": "uuid", - "sfuPeerInitializationId": "uuid", - "rtcConfiguration": { - "iceServers": [ - { - "urls": ["stun:turn.tel.yandex.net", "stun:stun.rtc.yandex.net"], - "credential": "", - "username": "" - }, - { - "urls": ["turn:turn.tel.yandex.net:443"], - "credential": "string", - "username": "string" - } - ] - }, - "pingPongConfiguration": { - "pingInterval": 5000, - "ackTimeout": 9000 - }, - "telemetryConfiguration": { - "sendingInterval": 20000 - } - } -} -``` - -#### 3. Acknowledgment - -**Direction:** Client → Server - -**Structure:** -```json -{ - "uid": "uuid", - "ack": { - "status": { - "code": "OK", - "description": "string" - } - } -} -``` - -#### 4. Subscriber SDP Offer - -**Direction:** Server → Client - -**Structure:** -```json -{ - "uid": "uuid", - "subscriberSdpOffer": { - "pcSeq": integer, - "sdp": "string" - } -} -``` - -**SDP Format:** Standard WebRTC SDP with bundled media streams. Includes: -- Video tracks (m=video) with VP8, VP9, H.264, AV1 codecs -- Audio tracks (m=audio) with Opus, PCMA, PCMU, G722 codecs -- Application track (m=application) for SCTP DataChannel - -#### 5. Subscriber SDP Answer - -**Direction:** Client → Server - -**Structure:** -```json -{ - "uid": "uuid", - "subscriberSdpAnswer": { - "pcSeq": integer, - "sdp": "string" - } -} -``` - -#### 6. Publisher SDP Offer - -**Direction:** Client → Server - -**Structure:** -```json -{ - "uid": "uuid", - "publisherSdpOffer": { - "pcSeq": integer, - "sdp": "string" - } -} -``` - -#### 7. Publisher SDP Answer - -**Direction:** Server → Client - -**Structure:** -```json -{ - "uid": "uuid", - "publisherSdpAnswer": { - "pcSeq": integer, - "sdp": "string" - } -} -``` - -#### 8. ICE Candidate - -**Direction:** Bidirectional - -**Structure:** -```json -{ - "uid": "uuid", - "webrtcIceCandidate": { - "candidate": "string", - "sdpMid": "string", - "sdpMlineIndex": integer, - "usernameFragment": "string", - "target": "PUBLISHER|SUBSCRIBER", - "pcSeq": integer - } -} -``` - -**Candidate Format:** Standard ICE candidate string -``` -candidate:{foundation} {component} {protocol} {priority} {ip} {port} typ {type} [tcptype {tcptype}] -``` - -#### 9. VAD Activity - -**Direction:** Server → Client - -**Structure:** -```json -{ - "uid": "uuid", - "vadActivity": { - "active": boolean - } -} -``` - -#### 10. Update Description - -**Direction:** Server → Client - -**Structure:** -```json -{ - "uid": "uuid", - "updateDescription": { - "description": [ - { - "id": "peer-uuid", - "meta": { - "name": "string", - "role": "SPEAKER", - "description": "string", - "sendAudio": boolean, - "sendVideo": boolean - }, - "participantAttributes": { - "name": "string", - "role": "SPEAKER", - "description": "string" - }, - "sendSharing": boolean, - "tracks": [] - } - ] - } -} -``` - -**Description:** Sent by server when participants join/leave or change their media state. Contains full state of all participants in the conference. - -## Connection Flow - -### 1. Initialization Phase - -1. Client requests connection info via REST API -2. Server responds with room credentials and WebSocket URL -3. Client establishes WebSocket connection - -### 2. Handshake Phase - -1. Client sends `hello` message with capabilities -2. Server responds with `serverHello` containing negotiated capabilities -3. Client acknowledges with `ack` message - -### 3. Subscriber Setup - -1. Server sends `subscriberSdpOffer` with remote media tracks -2. Client creates answer and sends `subscriberSdpAnswer` -3. Client acknowledges offer -4. ICE candidates exchanged for subscriber PeerConnection - -### 4. Publisher Setup - -1. Client creates offer and sends `publisherSdpOffer` -2. Server responds with `publisherSdpAnswer` -3. Client acknowledges answer -4. ICE candidates exchanged for publisher PeerConnection - -### 5. Media Exchange - -1. DataChannel opens on publisher PeerConnection -2. Audio/video tracks activated based on configuration -3. Bidirectional media flow through SFU - -## DataChannel Specifications - -### Configuration - -- **Protocol:** SCTP over DTLS -- **Port:** 5000 -- **Max Message Size (Advertised):** 1,073,741,823 bytes (1023 MB) -- **Max Message Size (Actual):** 8,192 bytes (8 KB) -- **Ordered:** Configurable (recommended: true) -- **Label:** Custom (e.g., "dcsend", "olcrtc", "limits_test") - -### SDP Attributes - -``` -m=application 9 UDP/DTLS/SCTP webrtc-datachannel -a=sctp-port:5000 -a=max-message-size:1073741823 -``` - -### Message Size Limitations - -**CRITICAL LIMITATION:** GOLOOM media server enforces SCTP message limit to 8KB despite advertising 1023MB in SDP. Messages over 8KB are silently dropped. - -**Verified limits (from `limits.py`):** -- + 8KB (8,192 bytes): Delivered -- X 10KB (10,240 bytes): Dropped -- X 12KB+ : Dropped - -**Root cause:** SCTP fragmentation limit. Messages requiring more than ~6-7 UDP packets (MTU 1500) exceed server's reassembly buffer. - -### Large Data Transfer - -Для данных свыше 8KB используйте чанкинг на уровне приложения: - -**Implementation from `dcsend.py`:** -```python -CHUNK_SIZE = 7168 -HEADER_SIZE = 1024 - -def chunk_data(data, transfer_id): - total_size = len(data) - chunk_count = (total_size + CHUNK_SIZE - 1) // CHUNK_SIZE - packets = [] - - for i in range(chunk_count): - start = i * CHUNK_SIZE - end = min(start + CHUNK_SIZE, total_size) - chunk = data[start:end] - - header = {"tid": transfer_id, "idx": i, "total": chunk_count, "size": total_size} - header_json = json.dumps(header).encode() - header_padded = header_json.ljust(HEADER_SIZE, b'\x00') - - packets.append(header_padded + chunk) - - return packets - -class ChunkedReceiver: - def handle_chunk(self, packet): - header_bytes = packet[:HEADER_SIZE].rstrip(b'\x00') - chunk_data = packet[HEADER_SIZE:] - - header = json.loads(header_bytes) - tid, idx, total = header["tid"], header["idx"], header["total"] - - if tid not in self.buffers: - self.buffers[tid] = {"chunks": {}, "total": total, "received": 0} - - buf = self.buffers[tid] - if idx not in buf["chunks"]: - buf["chunks"][idx] = chunk_data - buf["received"] += 1 - - if buf["received"] == buf["total"]: - complete = b"".join(buf["chunks"][i] for i in range(buf["total"])) - self.completed[tid] = complete - del self.buffers[tid] - return tid - - return None -``` - -**Verified Performance (from `dcsend.py` and `limits.py`):** -- 892 bytes: 1 chunk, instant delivery -- 64KB: 2,128ms (246 Kbps) -- 128KB: 2,163ms (485 Kbps) -- 256KB: 2,203ms (952 Kbps) - -**Throttling to prevent overflow:** -```python -while datachannel.bufferedAmount > CHUNK_SIZE * 2: - await asyncio.sleep(0.001) -datachannel.send(chunk) -``` - -**Latency characteristics (RTT from `limits.py`):** -- 100 bytes: 42-53ms avg -- 1KB: 42-116ms avg (59ms typical) -- 4KB: 42-106ms avg (57ms typical) -- 8KB: 87-128ms avg (103ms typical) - -## Video Channel Data Transfer - -### QR Code Video Streaming - -**Alternative data transfer method via video stream (from `vcsend.py`):** - -```python -QR_SIZE = 600 -CHUNK_SIZE = 400 -FRAME_RATE = 1 - -def chunk_data(data, tid): - b64 = base64.b64encode(data).decode() - n = (len(b64) + CHUNK_SIZE - 1) // CHUNK_SIZE - return [json.dumps({"tid": tid, "idx": i, "total": n, - "data": b64[i * CHUNK_SIZE:(i + 1) * CHUNK_SIZE]}) - for i in range(n)] - -class QRVideoTrack(MediaStreamTrack): - kind = "video" - - def set_data(self, chunks): - self._frames = [make_qr_frame(c, i) for i, c in enumerate(chunks)] - - async def recv(self): - await asyncio.sleep(1.0 / FRAME_RATE) - frame = self._frames[self._idx] - frame.pts = self._pts - frame.time_base = Fraction(1, FRAME_RATE) - self._pts += 1 - self._idx = (self._idx + 1) % len(self._frames) - return frame -``` - -**Decoding on receiver:** -```python -class QRReceiver: - def feed_frame(self, frame): - arr = frame.to_ndarray(format="rgb24") - gray = cv2.cvtColor(arr, cv2.COLOR_RGB2GRAY) - - variants = [ - gray, - cv2.resize(gray, (w * 2, h * 2), interpolation=cv2.INTER_CUBIC), - cv2.threshold(gray, 0, 255, cv2.THRESH_BINARY + cv2.THRESH_OTSU)[1], - cv2.resize(threshold, (w * 2, h * 2), interpolation=cv2.INTER_NEAREST) - ] - - for variant in variants: - for code in pyzbar.decode(variant): - decoded_data = code.data.decode('utf-8') - val, _, _ = cv2.QRCodeDetector().detectAndDecode(variant) -``` - -**Verified Performance (from `vcsend.py`):** -- 892 bytes: 3 QR frames, decoded in ~3 seconds -- Frame resolution: 600x600 pixels -- Successful decode with both pyzbar and cv2.QRCodeDetector -- Frames saved to /tmp/qr_recv_*.png for debugging - -**Characteristics:** -- QR size: 600x600 pixels -- Frame rate: 1 FPS -- Chunk size: 400 bytes (base64) -- Error correction: ERROR_CORRECT_M - -**Critical Requirements:** -- Receiver must send `setSlots` message to request video routing from server -- Video track must be added to publisher PeerConnection -- Proper ICE/DTLS negotiation required for video transport - -**Advantages:** -- Works even when DataChannel is blocked -- Visual debugging (frame saving to /tmp/) -- Resilient to packet loss -- Dual decoder (pyzbar + OpenCV) for reliability - -## Security and Encryption - -### Encrypted Dual-Channel Transfer (`invicible.py`) - -**ChaCha20-Poly1305 AEAD encryption over both DataChannel and Video QR:** - -```python -SHARED_KEY = os.urandom(32) - -def encrypt_payload(tag_str, data_bytes): - nonce = os.urandom(12) - chacha = ChaCha20Poly1305(SHARED_KEY) - ciphertext = chacha.encrypt(nonce, data_bytes, None) - blob = nonce + ciphertext - tag_bytes = tag_str.encode('ascii').ljust(4, b'\x00')[:4] - len_bytes = len(blob).to_bytes(4, 'big') - return tag_bytes + len_bytes + blob - -def decrypt_payload(envelope): - tag = envelope[:4].decode('ascii').strip('\x00') - length = int.from_bytes(envelope[4:8], 'big') - blob = envelope[8:8+length] - nonce = blob[:12] - ciphertext = blob[12:] - chacha = ChaCha20Poly1305(SHARED_KEY) - data = chacha.decrypt(nonce, ciphertext, None) - return tag, data -``` - -**Envelope Format:** -``` -[4 bytes: TAG] [4 bytes: LENGTH] [12 bytes: NONCE] [N bytes: CIPHERTEXT + AUTH_TAG] -``` - -**Dual-Channel Architecture:** -- Text data → DataChannel (instant delivery) -- Binary data → Video QR codes (resilient to DC failures) -- Both channels encrypted with same key -- Independent decryption on receiver - -**Verified Results:** -- Text payload: UTF-8 string encrypted and transmitted via DC -- Video payload: 2KB binary encrypted and transmitted via QR -- Both payloads successfully decrypted on receiver -- Authentication tags verified (AEAD integrity) - -**Use Cases:** -- Secure file transfer over untrusted SFU -- Covert communication (video channel appears as QR codes) -- Redundant transmission (DC primary, VC fallback) -- End-to-end encryption without server cooperation - -## Practical Implementations - -### HTTP Proxy via DataChannel (`dcsend.py`) - -**Client-server architecture with verified performance:** -```python -client["dc_pub"].send(f"GET {url}") - -async def handle_request(url, dc, stats): - response = requests.get(url, timeout=10) - data = response.content - - transfer_id = generate_uuid() - packets = chunk_data(data, transfer_id) - - for packet in packets: - while dc.bufferedAmount > CHUNK_SIZE * 2: - await asyncio.sleep(0.001) - dc.send(packet) -``` - -**Verified Results:** -- 892 bytes: 1 chunk, instant delivery, complete success -- Request: `GET zarazaex.xyz/curl.txt` -- Response received and decoded successfully -- Total time: ~3 seconds (including peer setup) - -### Stress Testing (`flood.py`) - -**Mass peer connections with verified limits:** -```python -for i in range(1, 412): - name = f"STOP LET'S BE FRIENDS... {suffix}" - task = asyncio.create_task(connect_peer(name, i)) - await asyncio.sleep(0.5) -``` - -**Verified Results:** -- Successfully connected: 40 peers (conference limit) -- Connection failures: 41st peer onwards receive HTTP 409 CONFLICT -- Connection time: ~0.5s per peer -- Stability: WebSocket keep-alive mandatory -- Error message: "409 Client Error: CONFLICT" when limit exceeded - -### Limits Analysis (`limits.py`) - -**Automatic verification of all limitations with real tests:** -```python -async def check_all_limits(): - dc_limits = await check_datachannel_limits() - conf_limits = await check_conference_limits() - audio_limits = await check_audio_limits() - video_limits = await check_video_limits() - ice_limits = await check_ice_limits() - - test_results = await test_message_size_limits() - test_results.extend(await test_latency_microbench()) - test_results.extend(await test_throughput_limits()) - test_results.extend(await test_chunked_transfer()) -``` - -**Verified Results:** -- DataChannel max size: 1,073,741,823 bytes (advertised) ✓ -- SCTP port: 5000 ✓ -- Max participants: 40 ✓ -- Session timeout: 120,000ms ✓ -- Ping interval: 5,000ms ✓ -- ACK timeout: 9,000ms ✓ - -**Real Transfer Tests:** -- 1KB: SUCCESS ✓ -- 6KB: SUCCESS ✓ -- 8KB: SUCCESS ✓ -- 10KB: FAILED (never reached server) ✗ -- Throughput: 73.96 Kbps (50 messages, 5.54s) ✓ -- 64KB chunked: SUCCESS (2,128ms) ✓ -- 128KB chunked: SUCCESS (2,163ms) ✓ -- 256KB chunked: SUCCESS (2,203ms) ✓ -- Multi-peer: 3 peers connected successfully ✓ - -**Conclusion:** ALL LIMITS VERIFIED - Documentation is accurate! - -### Information Gathering (`info.py`) - -**Complete conference analysis with verified output:** -```python -info = await collect_webrtc_info() -print_full_report(info) -``` - -**Verified Collected Data:** -- Connection info: room_id, peer_id, session_id, media platform (GOLOOM) -- Conference limits: 40 participants, 120s timeout, 2-4s reconnect wait -- Participants: Empty conference (0 participants in test) -- Audio codecs: Opus (48kHz, stereo), RED, PCMA, PCMU, G722 -- Video codecs: H264, AV1, VP8, VP9, FLEXFEC-03 -- DataChannel: SCTP port 5000, max 1024MB (advertised) -- ICE servers: 1 STUN, 3 TURN (with credentials) -- Server components: BORDER, WEBRTC_SERVER, CONTROLLER (with versions) -- SDP statistics: 255 lines, 9,011-9,026 bytes -- RTP extensions: 4 extensions (abs-send-time) -- Ping config: 5000ms interval, 9000ms timeout -- Telemetry: 20000ms sending interval - -**Conference State (from REST API):** -- Access level: PUBLIC -- Local recording: allowed -- Cloud recording: not allowed -- Chat: allowed -- Control: allowed -- Broadcast: not allowed - -## Audio Codec Configuration - -- **Sample Rate:** 48000 Hz -- **Channels:** 2 (stereo) -- **Parameters:** - - `minptime=10` - - `useinbandfec=1` (Forward Error Correction) - - `usedtx=1` (Discontinuous Transmission) - -### RED (Redundant Audio Data) - -- **Payload Type:** 101 -- **Format:** `111/111` (Opus redundancy) - -### Audio Channel Limitations - -**WARNING:** Audio channels are completely unsuitable for data transmission through Yandex Telemost SFU. - -**Critical Issue - Mandatory Opus Conversion:** - -Yandex Telemost's GOLOOM media server performs mandatory audio codec conversion at the SFU level. Regardless of the codec negotiated in the WebRTC SDP (PCMU, G.722, etc.), all audio streams are internally converted to Opus before being forwarded to other participants. This conversion is non-negotiable and happens transparently on the server side. - -**Why This Breaks Data Encoding:** - -1. **Lossy Codec Transformation:** Opus is a lossy codec optimized for human speech. It applies aggressive psychoacoustic filtering that destroys non-voice signals. - -2. **Irreversible Signal Degradation:** - - Transmitted signal energy: 0.4973 (normalized) - - Received signal energy: 0.0031-0.0125 (99% loss) - - Frequency content outside speech range (300-3400 Hz) is heavily attenuated - -3. **Voice Activity Detection (VAD):** Server-side VAD silences frames detected as non-speech, eliminating data-carrying tones entirely. - -4. **Discontinuous Transmission (DTX):** Opus DTX mode collapses silence periods, making timing-based encoding impossible. - -5. **Codec Parameters:** Opus configuration includes: - - `usedtx=1` (Discontinuous Transmission enabled) - - `useinbandfec=1` (Forward Error Correction for voice) - - These parameters are optimized for voice, not data - -**Attempted Workarounds - All Failed:** - -- **PCMU/G.711 Encoding:** Server converts to Opus anyway; PCMU tones become unrecognizable -- **DTMF Tones:** Completely destroyed by Opus processing -- **FSK Modulation:** Frequency shifts filtered out by codec -- **ggwave Encoding:** Ultrasonic and subsonic components removed -- **Tone-Based Schemes:** All non-voice frequencies attenuated below detection threshold - -**Test Results (acsend.py):** -``` -Sender: Transmitted PCMU-encoded data tones -Receiver: Received silence (max_amp=0 across all frames) -Conclusion: No recoverable signal after Opus conversion -``` - -**Recommendation:** - -Use DataChannel for reliable data transmission. Audio channels must only be used for actual voice communication. The Opus codec conversion is a fundamental architectural constraint of the GOLOOM SFU and cannot be bypassed. - -## Video Codec Configuration - -### Supported Codecs - -1. **VP8** - - Payload type: 96 - - RTX support: 97 - - NACK, PLI, REMB feedback - -2. **VP9** - - Payload type: 98 - - Profile: 0 - - RTX support: 99 - - NACK, PLI, REMB feedback - -3. **H.264** - - Multiple profiles supported: - - Baseline (42001f, 42e01f) - - Main (4d001f) - - High (64001f) - - Packetization modes: 0, 1 - - Level asymmetry allowed - -4. **AV1** - - Payload type: 45 - - RTX support: 46 - -### RTP Extensions - -- `http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time` - -## ICE Configuration - -### STUN Servers - -- `stun:stun.rtc.yandex.net:3478` -- `stun:turn.tel.yandex.net` - -### TURN Servers - -- `turn:turn.tel.yandex.net:443` -- `turn:turn.tel.yandex.net:443?transport=tcp` - -Credentials are time-limited and provided in `serverHello.rtcConfiguration.iceServers`. - -## Error Handling - -### Connection Errors - -- Retry with exponential backoff -- Maximum wait time: `wait_time_to_reconnect_ms` (typically 3553ms) - -### Session Timeout - -- Session open timeout: `goloom_session_open_ms` (typically 120000ms) -- Expiration time provided in connection response - -### Ping/Pong - -- Ping interval: 5000ms -- ACK timeout: 9000ms -- Connection considered dead if no ACK received - -**WebSocket Keep-Alive Implementation:** - -```python -async def send_pings(ws): - while True: - await asyncio.sleep(30) - try: - await ws.ping() - except Exception as e: - log.error(f"Ping failed: {e}") - break - -async def handle_pong(ws): - ws.pong_received = True -``` - -**Critical:** WebSocket connections close after ~1-2 minutes of inactivity. Implement periodic ping messages to maintain connection: - -```go -func (p *Peer) keepAlive() { - ticker := time.NewTicker(30 * time.Second) - defer ticker.Stop() - - for { - select { - case <-ticker.C: - if p.ws != nil { - if err := p.ws.WriteControl(websocket.PingMessage, []byte{}, time.Now().Add(10*time.Second)); err != nil { - log.Printf("Ping error: %v", err) - return - } - } - case <-p.closeCh: - return - } - } -} -``` - -**Pong Handler:** - -```go -ws.SetPongHandler(func(string) error { - ws.SetReadDeadline(time.Now().Add(60 * time.Second)) - return nil -}) -``` - -**Observed Behavior:** -- Without pings: Connection closes with `websocket: close 4008` after ~90-120 seconds -- With pings: Connection remains stable indefinitely -- Recommended ping interval: 30 seconds -- Pong timeout: 10 seconds - -## Security Considerations - -### Authentication - -- Credentials obtained from REST API -- Time-limited session tokens -- Peer ID and room ID validation - -### Transport Security - -- WSS (WebSocket Secure) for signaling -- DTLS for media transport -- SRTP for audio/video encryption - -### Guest Access - -**Important:** The system allows anonymous access to conferences: -- No authentication required for participants -- Only conference initiator needs an account -- Display name can be arbitrary -- Possible flood attacks (see `flood.py`) - -### Rate Limiting - -**Recommendations based on testing:** -- Limit connection attempts per IP -- Exponential backoff on failures -- Respect session expiration times -- Throttle WebSocket messages - -## Implementation Notes - -### Conference Limits - -**Verified limits (from `limits.py`):** -- Maximum participants: 40 (default) -- Session timeout: 120,000ms (2 minutes) -- Ping interval: 5,000ms -- ACK timeout: 9,000ms - -### User Agent Spoofing - -- Server may validate `User-Agent` and `sdkInfo` -- Recommended to use realistic browser signatures -- Example from code: `"Mozilla/5.0 (X11; Linux x86_64; rv:149.0) Gecko/20100101 Firefox/149.0"` - -### DataChannel Availability - -- DataChannel support is not guaranteed -- Check SDP for `m=application` line before assuming availability -- Server may disable DataChannel without notice -- Fallback to video QR codes (see `vcsend.py`) - -### Error Handling - -**Common errors and solutions:** - -```python -# Connection timeout -try: - await asyncio.wait_for(dc_pub_open.wait(), timeout=10.0) -except asyncio.TimeoutError: - # Retry with exponential backoff - -# Buffer overflow -while dc.bufferedAmount > CHUNK_SIZE * 2: - await asyncio.sleep(0.001) - -# WebSocket connection loss -async def ws_handler(): - try: - async for message in ws: - # Processing... - except websockets.exceptions.ConnectionClosed: - # Reconnection -``` - -### DataChannel Message Size Workaround - -**8KB limit bypass using chunking (from `dcsend.py`):** - -1. Split payload into 7KB chunks (accounting for headers) -2. Add sequence headers (chunk index, total chunks, transfer ID) -3. Implement reassembly buffer on receiver -4. Use bufferedAmount throttling to prevent congestion - -**Throughput:** ~950 Kbps sustained for 256KB transfers with 32 sequential 8KB messages. - -**Alternative method - QR Video (`vcsend.py`):** -- Encode data into QR codes -- Transmit via 1 FPS video stream -- Decode using pyzbar + OpenCV -- Resilient to losses with visual debugging - -## Rate Limits - -**Not explicitly documented. Recommended approach from testing:** -- Limit connection attempts per IP -- Exponential backoff on failures -- Respect session expiration times -- Connection interval: 0.5s (from `flood.py`) - -## Testing Tools - -### Running tests - -```bash -pip install -r requirements.txt - -# HTTP proxy via DataChannel (892 bytes in 1 chunk) -python code/dcsend.py - -# High-speed streaming (42.35 MB in 7.8s at 45.75 Mbps) -python code/dcstream.py - -# QR code transfer via video (892 bytes in 3 QR frames) -python code/vcsend.py - -# Encrypted dual-channel transfer (ChaCha20-Poly1305) -python code/invicible.py - -# Stress test connections (40 peers max, 409 CONFLICT after) -python code/flood.py - -# Verify all limits (all tests pass) -python code/limits.py - -# Conference analysis (full WebRTC info) -python code/info.py - -# Basic PoC -python code/poc.py -``` - -### Configuration - -All scripts use the same conference: -```python -CONFERENCE_ID = "75047680642749" -CONFERENCE_URL = f"https://telemost.yandex.ru/j/{CONFERENCE_ID}" -``` - -For testing, create your own conference and update `CONFERENCE_ID`. - -### Dependencies - -``` -websockets>=12.0 -requests>=2.31.0 -aiortc>=1.9.0 -numpy>=1.24.0 -ggwave>=0.4.2 -qrcode>=7.4.2 -pillow>=10.0.0 -opencv-python>=4.8.0 -pyzbar>=0.1.9 -cryptography>=41.0.0 -imageio[ffmpeg]>=2.31.0 -``` - -Install via: -```bash -python -m venv venv -source venv/bin/activate # or venv/bin/activate.fish -pip install -r code/requirements.txt -``` - -## Implementation Details - -### Code Structure - -``` -code/ -├── poc.py - Basic proof-of-concept (echo server) -├── dcsend.py - HTTP proxy with chunking -├── dcstream.py - High-speed file streaming -├── vcsend.py - QR code video transfer -├── invicible.py - Encrypted dual-channel -├── flood.py - Connection stress testing -├── limits.py - Comprehensive limits verification -├── info.py - Conference information collector -├── requirements.txt - Python dependencies -└── init.fish - Setup script for Fish shell -``` - -### Common Patterns - -**Connection Setup:** -```python -conn_info = get_connection_info(display_name) -pc_sub = RTCPeerConnection(RTCConfiguration(iceServers=[...])) -pc_pub = RTCPeerConnection(RTCConfiguration(iceServers=[...])) -dc_pub = pc_pub.createDataChannel(label, ordered=True) -``` - -**WebSocket Handshake:** -```python -hello = {"uid": uuid, "hello": {...}} -await ws.send(json.dumps(hello)) -# Wait for serverHello -# Exchange SDP offers/answers -# Exchange ICE candidates -``` - -**DataChannel Throttling:** -```python -while dc.bufferedAmount > THRESHOLD: - await asyncio.sleep(0.001) -dc.send(data) -``` - -**Video Track Setup:** -```python -class CustomVideoTrack(MediaStreamTrack): - kind = "video" - async def recv(self): - frame = VideoFrame.from_ndarray(array, format="rgb24") - frame.pts = self._pts - frame.time_base = Fraction(1, FRAME_RATE) - return frame - -pc_pub.addTrack(video_track) -``` - -### Error Handling - -**Connection Failures:** -- HTTP 409: Conference limit reached (40 participants) -- WebSocket close: Network interruption or server restart -- ICE failure: NAT traversal issues (use TURN) -- DataChannel close: Peer disconnection - -**Data Transfer Failures:** -- Message > 8KB: Silent drop (use chunking) -- Buffer overflow: Throttle sends with bufferedAmount -- Incomplete transfer: Implement ACK/retry mechanism -- Timeout: Set reasonable timeouts (10-30s) - -## Bandwidth Configuration - -### Video Layers - -- **L1:** 1000 kbps (single layer) -- **L2:** 120 kbps (low), 360 kbps (med) -- **L3:** 120 kbps (low), 360 kbps (med), 800 kbps (hi) -- **L4:** 120 kbps (low), 360 kbps (med), 800 kbps (hi), 1000 kbps (ultra) - -### Screen Sharing (4K) - -- **Codec:** VP8 -- **Min Bitrate:** 300 kbps -- **Max Bitrate:** 2000 kbps -- **Min Framerate:** 8 fps -- **Max Framerate:** 30 fps -- **Content Hint:** detail - -## Telemetry - -- Sending interval: 20000ms -- Endpoint: `logEndpoint` (if provided in serverHello) -- Format: Not documented - -## Version Information - -- **API Version:** v2 -- **Client Version:** 187.1.0 (as of documentation date) -- **Media Platform:** GOLOOM -- **SDK Version:** Configurable in `sdkInfo` diff --git a/internal/server/server.go b/internal/server/server.go index cd8483f..e4222e4 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -6,6 +6,7 @@ import ( "encoding/hex" "encoding/json" "fmt" + "io" "log" "net" "sync" @@ -21,18 +22,20 @@ import ( ) type Server struct { - peers []*telemost.Peer - cipher *crypto.Cipher - mux *mux.Multiplexer - connections map[uint16]net.Conn - connMu sync.RWMutex - streamPumps map[uint16]net.Conn - pumpMu sync.Mutex - peerIdx atomic.Uint32 - wg sync.WaitGroup - dnsServer string - dnsCache sync.Map - resolver *net.Resolver + peers []*telemost.Peer + cipher *crypto.Cipher + mux *mux.Multiplexer + connections map[uint16]net.Conn + connMu sync.RWMutex + streamPumps map[uint16]net.Conn + pumpMu sync.Mutex + peerIdx atomic.Uint32 + wg sync.WaitGroup + dnsServer string + dnsCache sync.Map + resolver *net.Resolver + socksProxyAddr string + socksProxyPort int } type ConnectRequest struct { @@ -41,10 +44,9 @@ type ConnectRequest struct { Port int `json:"port"` } -func Run(ctx context.Context, roomURL, keyHex string, duo bool, dnsServer string) error { +func Run(ctx context.Context, roomURL, keyHex string, duo bool, dnsServer, socksProxyAddr string, socksProxyPort int) error { runCtx, cancel := context.WithCancel(ctx) defer cancel() - var key []byte var err error @@ -75,11 +77,13 @@ func Run(ctx context.Context, roomURL, keyHex string, duo bool, dnsServer string } s := &Server{ - cipher: cipher, - connections: make(map[uint16]net.Conn), - streamPumps: make(map[uint16]net.Conn), - peers: make([]*telemost.Peer, 0), - dnsServer: dnsServer, + cipher: cipher, + connections: make(map[uint16]net.Conn), + streamPumps: make(map[uint16]net.Conn), + peers: make([]*telemost.Peer, 0), + dnsServer: dnsServer, + socksProxyAddr: socksProxyAddr, + socksProxyPort: socksProxyPort, } if dnsServer == "" { @@ -189,6 +193,39 @@ func Run(ctx context.Context, roomURL, keyHex string, duo bool, dnsServer string return err } +func (s *Server) socks5Connect(conn net.Conn, targetAddr string, targetPort int) error { + if _, err := conn.Write([]byte{5, 1, 0}); err != nil { + return err + } + + resp := make([]byte, 2) + if _, err := io.ReadFull(conn, resp); err != nil { + return err + } + if resp[0] != 5 || resp[1] != 0 { + return fmt.Errorf("SOCKS5 auth failed") + } + + req := []byte{5, 1, 0, 3} + req = append(req, byte(len(targetAddr))) + req = append(req, []byte(targetAddr)...) + req = append(req, byte(targetPort>>8), byte(targetPort)) + + if _, err := conn.Write(req); err != nil { + return err + } + + resp = make([]byte, 10) + if _, err := io.ReadFull(conn, resp); err != nil { + return err + } + if resp[0] != 5 || resp[1] != 0 { + return fmt.Errorf("SOCKS5 connect failed: %d", resp[1]) + } + + return nil +} + func (s *Server) onData(data []byte) { plaintext, err := s.cipher.Decrypt(data) if err != nil { @@ -246,7 +283,6 @@ func (s *Server) run(ctx context.Context) error { case <-ticker.C: } - sids := s.mux.GetStreams() for _, sid := range sids { @@ -337,14 +373,32 @@ func (s *Server) handleConnect(ctx context.Context, sid uint16, req ConnectReque s.connMu.Unlock() dialStart := time.Now() + var conn net.Conn + var err error - dialer := &net.Dialer{ - Timeout: 10 * time.Second, - KeepAlive: 30 * time.Second, - Resolver: s.resolver, + if s.socksProxyAddr == "" { + dialer := &net.Dialer{ + Timeout: 10 * time.Second, + KeepAlive: 30 * time.Second, + Resolver: s.resolver, + } + conn, err = dialer.Dial("tcp4", addr) + logger.Verbose("TCP dial took %v for sid=%d (direct)", time.Since(dialStart), sid) + } else { + proxyAddr := fmt.Sprintf("%s:%d", s.socksProxyAddr, s.socksProxyPort) + dialer := &net.Dialer{ + Timeout: 10 * time.Second, + KeepAlive: 30 * time.Second, + } + conn, err = dialer.Dial("tcp4", proxyAddr) + if err == nil { + if err := s.socks5Connect(conn, req.Addr, req.Port); err != nil { + conn.Close() + err = fmt.Errorf("SOCKS5 connect failed: %v", err) + } + } + logger.Verbose("SOCKS5 proxy dial took %v for sid=%d", time.Since(dialStart), sid) } - - conn, err := dialer.Dial("tcp4", addr) dialElapsed := time.Since(dialStart) if err != nil { @@ -354,7 +408,6 @@ func (s *Server) handleConnect(ctx context.Context, sid uint16, req ConnectReque } logger.Verbose("TCP dial took %v for sid=%d", dialElapsed, sid) - s.connMu.Lock() s.connections[sid] = conn s.connMu.Unlock() diff --git a/readme.md b/readme.md index 1dd9786..bcd2eab 100644 --- a/readme.md +++ b/readme.md @@ -28,10 +28,18 @@ or wait for the release or at least a beta ```bash # server ( podman, pre configured, easy ) -./srv.sh +./script/srv.sh # client ( podman, pre configured, easy -./cnc.sh +./script/cnc.sh + + +# Also there's a client UI version (currently in beta) +./script/ui.sh + +# And then +./build/olcrtc-ui + # or native ( no podman ) linux GOOS=linux GOARCH=amd64 go build ./cmd/olcrtc @@ -49,7 +57,6 @@ GOOS=windows GOARCH=amd64 go build ./cmd/olcrtc --- -### Contact Telegram: [zarazaex](https://t.me/zarazaexe)
diff --git a/cnc.sh b/script/cnc.sh similarity index 100% rename from cnc.sh rename to script/cnc.sh diff --git a/script/srv.sh b/script/srv.sh new file mode 100755 index 0000000..e293c05 --- /dev/null +++ b/script/srv.sh @@ -0,0 +1,145 @@ +#!/bin/bash + +echo "ЕСЛИ У ВАС ЕСТЬ ПРОБЛЕМЫ - Я В КУРСЕ, ПРОЕКТ В БЕТЕ, ПО ПРОБЛЕМАМ В ЧАТ t.me/openlibrecommunity ИЛИ ВООБЩЕ НЕКУДА, ЖДИТЕ РЕЛИЗА" + +set -e + +CONTAINER_NAME="olcrtc-server" +IMAGE_NAME="docker.io/library/golang:1.26-alpine" +REPO_URL="https://github.com/openlibrecommunity/olcrtc.git" +WORK_DIR="/tmp/olcrtc-deploy" + +echo "=== OlcRTC Server Deployment Script ===" +echo "" + +if ! command -v podman &> /dev/null; then + echo "[!] Installing Podman..." + + if command -v apt &> /dev/null; then + echo "[*] Detected apt (Debian/Ubuntu)" + sudo apt update + sudo apt install -y podman + elif command -v dnf &> /dev/null; then + echo "[*] Detected dnf (Fedora/RHEL)" + sudo dnf install -y podman + elif command -v yum &> /dev/null; then + echo "[*] Detected yum (CentOS/RHEL)" + sudo yum install -y podman + elif command -v pacman &> /dev/null; then + echo "[*] Detected pacman (Arch)" + sudo pacman -Sy --noconfirm podman + else + echo "[X] Unsupported package manager. Install podman manually." + exit 1 + fi +fi + +echo "[+] Using Podman" +echo "" +read -p "Enter Telemost Room ID: " ROOM_ID + +if [ -z "$ROOM_ID" ]; then + echo "[X] Room ID cannot be empty" + exit 1 +fi + +echo "" +read -p "Use SOCKS5 proxy for egress? (y/N): " USE_PROXY + +SOCKS_PROXY_ADDR="" +SOCKS_PROXY_PORT="" + +if [[ "$USE_PROXY" =~ ^[Yy]$ ]]; then + read -p "Enter SOCKS5 proxy address [default: 127.0.0.1]: " PROXY_ADDR_INPUT + SOCKS_PROXY_ADDR=${PROXY_ADDR_INPUT:-127.0.0.1} + + read -p "Enter SOCKS5 proxy port [default: 1080]: " PROXY_PORT_INPUT + SOCKS_PROXY_PORT=${PROXY_PORT_INPUT:-1080} + + echo "[*] Will use SOCKS5 proxy: $SOCKS_PROXY_ADDR:$SOCKS_PROXY_PORT" +fi + +echo "" +echo "[*] Stopping old instance..." +podman stop $CONTAINER_NAME 2>/dev/null || true +podman rm $CONTAINER_NAME 2>/dev/null || true + +echo "[*] Cleaning workspace..." +rm -rf $WORK_DIR +mkdir -p $WORK_DIR + +echo "[*] Cloning repository..." +git clone --depth 1 $REPO_URL $WORK_DIR + +echo "[*] Pulling Go image..." +podman pull $IMAGE_NAME + +echo "[*] Building OlcRTC..." +podman run --rm \ + -v $WORK_DIR:/app:Z \ + -w /app \ + $IMAGE_NAME \ + sh -c "go mod tidy && go build -o olcrtc cmd/olcrtc/main.go" + +if [ ! -f "$WORK_DIR/olcrtc" ]; then + echo "[X] Build failed" + exit 1 +fi + +KEY_FILE="$HOME/.olcrtc_key" + +if [ -f "$KEY_FILE" ]; then + echo "[*] Loading existing encryption key..." + KEY=$(cat "$KEY_FILE") +else + echo "[*] Generating new encryption key..." + KEY=$(openssl rand -hex 32) + echo "$KEY" > "$KEY_FILE" + chmod 600 "$KEY_FILE" + echo "" + echo "==========================================" + echo "NEW ENCRYPTION KEY (saved to $KEY_FILE):" + echo "$KEY" + echo "==========================================" + echo "" +fi + +# Build server command with optional proxy parameters +SERVER_CMD="./olcrtc -mode srv -id \"$ROOM_ID\" -key \"$KEY\"" + +if [ ! -z "$SOCKS_PROXY_ADDR" ]; then + SERVER_CMD="$SERVER_CMD -socks-proxy \"$SOCKS_PROXY_ADDR\" -socks-proxy-port $SOCKS_PROXY_PORT" +fi + +echo "[*] Starting OlcRTC server..." +podman run -d \ + --name $CONTAINER_NAME \ + --restart unless-stopped \ + -v $WORK_DIR:/app:Z \ + -w /app \ + $IMAGE_NAME \ + sh -c "$SERVER_CMD" + +sleep 2 + +echo "" +echo "[+] Server started successfully!" +echo "" +echo "Container name: $CONTAINER_NAME" +echo "Room ID: $ROOM_ID" +echo "Encryption key: $KEY" + +if [ ! -z "$SOCKS_PROXY_ADDR" ]; then + echo "SOCKS5 proxy: $SOCKS_PROXY_ADDR:$SOCKS_PROXY_PORT" +fi + +echo "" +echo "View logs:" +echo " podman logs -f $CONTAINER_NAME" +echo "" +echo "Stop server:" +echo " podman stop $CONTAINER_NAME" +echo "" +echo "Client command:" +echo " ./olcrtc -mode cnc -id \"$ROOM_ID\" -key \"$KEY\" -socks-port 1080" +echo "" diff --git a/script/ui.sh b/script/ui.sh new file mode 100755 index 0000000..23b7513 --- /dev/null +++ b/script/ui.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +set -e + +SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" +PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" +BUILD_DIR="$PROJECT_ROOT/build" + +mkdir -p "$BUILD_DIR" + +echo "=== Building OlcRTC ===" +echo "" + +echo "[1/2] Building olcrtc binary..." +cd "$PROJECT_ROOT" +go build -o "$BUILD_DIR/olcrtc" ./cmd/olcrtc/main.go +echo "✓ olcrtc binary built: $BUILD_DIR/olcrtc" + +echo "" +echo "[2/2] Building UI binary..." +cd "$PROJECT_ROOT/ui" +go build -o "$BUILD_DIR/olcrtc-ui" . +echo "✓ UI binary built: $BUILD_DIR/olcrtc-ui" + +echo "" +echo "=== Build Complete ===" +echo "Binaries ready:" +echo " - $BUILD_DIR/olcrtc" +echo " - $BUILD_DIR/olcrtc-ui" diff --git a/srv.sh b/srv.sh deleted file mode 100755 index baaa6cc..0000000 --- a/srv.sh +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/bash - - -echo "ЕСЛИ У ВАС ЕСТЬ ПРОБЛЕМЫ - Я В КУРСЕ, ПРОЕКТ В БЕТЕ, ПО ПРОБЛЕМАМ В ЧАТ t.me/openlibrecommunity ИЛИ ВООБЩЕ НЕКУДА, ЖДИТЕ РЕЛИЗА" - -set -e - -CONTAINER_NAME="olcrtc-server" -IMAGE_NAME="docker.io/library/golang:1.26-alpine" -REPO_URL="https://github.com/openlibrecommunity/olcrtc.git" -WORK_DIR="/tmp/olcrtc-deploy" - -echo "=== OlcRTC Server Deployment Script ===" -echo "" - -if ! command -v podman &> /dev/null; then - echo "[!] Installing Podman..." - - if command -v apt &> /dev/null; then - echo "[*] Detected apt (Debian/Ubuntu)" - sudo apt update - sudo apt install -y podman - elif command -v dnf &> /dev/null; then - echo "[*] Detected dnf (Fedora/RHEL)" - sudo dnf install -y podman - elif command -v yum &> /dev/null; then - echo "[*] Detected yum (CentOS/RHEL)" - sudo yum install -y podman - elif command -v pacman &> /dev/null; then - echo "[*] Detected pacman (Arch)" - sudo pacman -Sy --noconfirm podman - else - echo "[X] Unsupported package manager. Install podman manually." - exit 1 - fi -fi - -echo "[+] Using Podman" -echo "" -read -p "Enter Telemost Room ID: " ROOM_ID - -if [ -z "$ROOM_ID" ]; then - echo "[X] Room ID cannot be empty" - exit 1 -fi - -echo "" -echo "[*] Stopping old instance..." -podman stop $CONTAINER_NAME 2>/dev/null || true -podman rm $CONTAINER_NAME 2>/dev/null || true - -echo "[*] Cleaning workspace..." -rm -rf $WORK_DIR -mkdir -p $WORK_DIR - -echo "[*] Cloning repository..." -git clone --depth 1 $REPO_URL $WORK_DIR - -echo "[*] Pulling Go image..." -podman pull $IMAGE_NAME - -echo "[*] Building OlcRTC..." -podman run --rm \ - -v $WORK_DIR:/app:Z \ - -w /app \ - $IMAGE_NAME \ - sh -c "go mod tidy && go build -o olcrtc cmd/olcrtc/main.go" - -if [ ! -f "$WORK_DIR/olcrtc" ]; then - echo "[X] Build failed" - exit 1 -fi - -KEY_FILE="$HOME/.olcrtc_key" - -if [ -f "$KEY_FILE" ]; then - echo "[*] Loading existing encryption key..." - KEY=$(cat "$KEY_FILE") -else - echo "[*] Generating new encryption key..." - KEY=$(openssl rand -hex 32) - echo "$KEY" > "$KEY_FILE" - chmod 600 "$KEY_FILE" - echo "" - echo "==========================================" - echo "NEW ENCRYPTION KEY (saved to $KEY_FILE):" - echo "$KEY" - echo "==========================================" - echo "" -fi - -echo "[*] Starting OlcRTC server..." -podman run -d \ - --name $CONTAINER_NAME \ - --restart unless-stopped \ - -v $WORK_DIR:/app:Z \ - -w /app \ - $IMAGE_NAME \ - ./olcrtc -mode srv -id "$ROOM_ID" -key "$KEY" - -sleep 2 - -echo "" -echo "[+] Server started successfully!" -echo "" -echo "Container name: $CONTAINER_NAME" -echo "Room ID: $ROOM_ID" -echo "Encryption key: $KEY" -echo "" -echo "View logs:" -echo " podman logs -f $CONTAINER_NAME" -echo "" -echo "Stop server:" -echo " podman stop $CONTAINER_NAME" -echo "" -echo "Client command:" -echo " ./olcrtc -mode cnc -id \"$ROOM_ID\" -key \"$KEY\" -socks-port 1080" -echo "" diff --git a/ui/config.go b/ui/config.go new file mode 100644 index 0000000..3a076f9 --- /dev/null +++ b/ui/config.go @@ -0,0 +1,134 @@ +package main + +import ( + "encoding/json" + "fmt" + "os" + "path/filepath" + "regexp" + "strconv" + "strings" +) + +type Config struct { + Os string + DNS string `json:"dns"` // todo + EncryptionKey string `json:"encryption_key"` + SocksPort string `json:"socks_port"` + ConferenceID string `json:"conference_id"` +} + +func isValidPort(portStr string) bool { + portStr = strings.TrimSpace(portStr) + if portStr == "" { + return false + } + port, err := strconv.Atoi(portStr) + if err != nil { + return false + } + return port > 0 && port <= 65535 +} + +func isValidConferenceID(conferenceID string) bool { + conferenceID = strings.TrimSpace(conferenceID) + if conferenceID == "" { + return false + } + matched, err := regexp.MatchString(`^\d+$`, conferenceID) + if err != nil { + return false + } + return matched +} + +func (p *Program) getConfigPath() string { + dir, err := os.UserConfigDir() + if err != nil { + log("WARNING: Could not get system config directory: %v", err) + return "config.json" + } + configDir := filepath.Join(dir, "olcrtc") + if err := os.MkdirAll(configDir, 0755); err != nil { + log("WARNING: Could not create config directory: %v", err) + } + return filepath.Join(configDir, "config.json") + +} + +func (p *Program) loadConfig() *Config { + configPath := p.getConfigPath() + log("Loading config from: %s", configPath) + // default values + cfg := &Config{ + DNS: "1.1.1.1", + EncryptionKey: "", + SocksPort: "1080", + ConferenceID: "", + } + data, err := os.ReadFile(configPath) + if err != nil { + if os.IsNotExist(err) { + log("Config file not found. Using default configuration.") + } else { + log("WARNING: Could not read config file: %v", err) + } + return cfg + } + if err := json.Unmarshal(data, cfg); err != nil { + log("WARNING: Could not parse config file: %v", err) + return cfg + } + cfg.ConferenceID = strings.ReplaceAll(cfg.ConferenceID, " ", "") + if !isValidConferenceID(cfg.ConferenceID) { + log("WARNING: Invalid conference ID in config (must be numbers only)") + cfg.ConferenceID = "" + } + if !isValidPort(cfg.SocksPort) { + log("WARNING: Invalid port in config, using default: 1080") + cfg.SocksPort = "1080" + } + log("Config loaded successfully") + return cfg +} + +func (p *Program) saveConfig(dns, encryptionKey, socksPort, conferenceID string) { + log("Saving configuration...") + + conferenceID = strings.ReplaceAll(conferenceID, " ", "") + + if !isValidPort(socksPort) { + log("ERROR: Invalid port: %s", socksPort) + p.showError(fmt.Errorf("invalid port: must be between 1 and 65535")) + return + } + + if !isValidConferenceID(conferenceID) { + log("ERROR: Invalid conference ID: %s", conferenceID) + p.showError(fmt.Errorf("invalid conference ID: must contain only numbers")) + return + } + + p.Config = &Config{ + DNS: dns, + EncryptionKey: encryptionKey, + SocksPort: socksPort, + ConferenceID: conferenceID, + } + + configPath := p.getConfigPath() + data, err := json.MarshalIndent(p.Config, "", " ") + if err != nil { + log("ERROR: Could not marshal config: %v", err) + p.showError(err) + return + } + + if err := os.WriteFile(configPath, data, 0644); err != nil { + log("ERROR: Could not write config file: %v", err) + p.showError(err) + return + } + + log("Configuration saved to: %s", configPath) +} diff --git a/ui/go.mod b/ui/go.mod new file mode 100644 index 0000000..020ef0e --- /dev/null +++ b/ui/go.mod @@ -0,0 +1,40 @@ +module github.com/openlibrecommunity/olcrtc/ui + +go 1.26.1 + +require fyne.io/fyne/v2 v2.7.3 + +require ( + fyne.io/systray v1.12.0 // indirect + github.com/BurntSushi/toml v1.5.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/fredbi/uri v1.1.1 // indirect + github.com/fsnotify/fsnotify v1.9.0 // indirect + github.com/fyne-io/gl-js v0.2.0 // indirect + github.com/fyne-io/glfw-js v0.3.0 // indirect + github.com/fyne-io/image v0.1.1 // indirect + github.com/fyne-io/oksvg v0.2.0 // indirect + github.com/go-gl/gl v0.0.0-20231021071112-07e5d0ea2e71 // indirect + github.com/go-gl/glfw/v3.3/glfw v0.0.0-20240506104042-037f3cc74f2a // indirect + github.com/go-text/render v0.2.0 // indirect + github.com/go-text/typesetting v0.3.3 // indirect + github.com/godbus/dbus/v5 v5.1.0 // indirect + github.com/hack-pad/go-indexeddb v0.3.2 // indirect + github.com/hack-pad/safejs v0.1.0 // indirect + github.com/jeandeaual/go-locale v0.0.0-20250612000132-0ef82f21eade // indirect + github.com/jsummers/gobmp v0.0.0-20230614200233-a9de23ed2e25 // indirect + github.com/kr/text v0.2.0 // indirect + github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 // indirect + github.com/nicksnyder/go-i18n/v2 v2.5.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/rymdport/portal v0.4.2 // indirect + github.com/srwiley/oksvg v0.0.0-20221011165216-be6e8873101c // indirect + github.com/srwiley/rasterx v0.0.0-20220730225603-2ab79fcdd4ef // indirect + github.com/stretchr/testify v1.11.1 // indirect + github.com/yuin/goldmark v1.7.8 // indirect + golang.org/x/image v0.24.0 // indirect + golang.org/x/net v0.35.0 // indirect + golang.org/x/sys v0.30.0 // indirect + golang.org/x/text v0.22.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) diff --git a/ui/go.sum b/ui/go.sum new file mode 100644 index 0000000..7988b55 --- /dev/null +++ b/ui/go.sum @@ -0,0 +1,80 @@ +fyne.io/fyne/v2 v2.7.3 h1:xBT/iYbdnNHONWO38fZMBrVBiJG8rV/Jypmy4tVfRWE= +fyne.io/fyne/v2 v2.7.3/go.mod h1:gu+dlIcZWSzKZmnrY8Fbnj2Hirabv2ek+AKsfQ2bBlw= +fyne.io/systray v1.12.0 h1:CA1Kk0e2zwFlxtc02L3QFSiIbxJ/P0n582YrZHT7aTM= +fyne.io/systray v1.12.0/go.mod h1:RVwqP9nYMo7h5zViCBHri2FgjXF7H2cub7MAq4NSoLs= +github.com/BurntSushi/toml v1.5.0 h1:W5quZX/G/csjUnuI8SUYlsHs9M38FC7znL0lIO+DvMg= +github.com/BurntSushi/toml v1.5.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/felixge/fgprof v0.9.3 h1:VvyZxILNuCiUCSXtPtYmmtGvb65nqXh2QFWc0Wpf2/g= +github.com/felixge/fgprof v0.9.3/go.mod h1:RdbpDgzqYVh/T9fPELJyV7EYJuHB55UTEULNun8eiPw= +github.com/fredbi/uri v1.1.1 h1:xZHJC08GZNIUhbP5ImTHnt5Ya0T8FI2VAwI/37kh2Ko= +github.com/fredbi/uri v1.1.1/go.mod h1:4+DZQ5zBjEwQCDmXW5JdIjz0PUA+yJbvtBv+u+adr5o= +github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= +github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= +github.com/fyne-io/gl-js v0.2.0 h1:+EXMLVEa18EfkXBVKhifYB6OGs3HwKO3lUElA0LlAjs= +github.com/fyne-io/gl-js v0.2.0/go.mod h1:ZcepK8vmOYLu96JoxbCKJy2ybr+g1pTnaBDdl7c3ajI= +github.com/fyne-io/glfw-js v0.3.0 h1:d8k2+Y7l+zy2pc7wlGRyPfTgZoqDf3AI4G+2zOWhWUk= +github.com/fyne-io/glfw-js v0.3.0/go.mod h1:Ri6te7rdZtBgBpxLW19uBpp3Dl6K9K/bRaYdJ22G8Jk= +github.com/fyne-io/image v0.1.1 h1:WH0z4H7qfvNUw5l4p3bC1q70sa5+YWVt6HCj7y4VNyA= +github.com/fyne-io/image v0.1.1/go.mod h1:xrfYBh6yspc+KjkgdZU/ifUC9sPA5Iv7WYUBzQKK7JM= +github.com/fyne-io/oksvg v0.2.0 h1:mxcGU2dx6nwjJsSA9PCYZDuoAcsZ/OuJlvg/Q9Njfo8= +github.com/fyne-io/oksvg v0.2.0/go.mod h1:dJ9oEkPiWhnTFNCmRgEze+YNprJF7YRbpjgpWS4kzoI= +github.com/go-gl/gl v0.0.0-20231021071112-07e5d0ea2e71 h1:5BVwOaUSBTlVZowGO6VZGw2H/zl9nrd3eCZfYV+NfQA= +github.com/go-gl/gl v0.0.0-20231021071112-07e5d0ea2e71/go.mod h1:9YTyiznxEY1fVinfM7RvRcjRHbw2xLBJ3AAGIT0I4Nw= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20240506104042-037f3cc74f2a h1:vxnBhFDDT+xzxf1jTJKMKZw3H0swfWk9RpWbBbDK5+0= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20240506104042-037f3cc74f2a/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-text/render v0.2.0 h1:LBYoTmp5jYiJ4NPqDc2pz17MLmA3wHw1dZSVGcOdeAc= +github.com/go-text/render v0.2.0/go.mod h1:CkiqfukRGKJA5vZZISkjSYrcdtgKQWRa2HIzvwNN5SU= +github.com/go-text/typesetting v0.3.3 h1:ihGNJU9KzdK2QRDy1Bm7FT5RFQoYb+3n3EIhI/4eaQc= +github.com/go-text/typesetting v0.3.3/go.mod h1:vIRUT25mLQaSh4C8H/lIsKppQz/Gdb8Pu/tNwpi52ts= +github.com/go-text/typesetting-utils v0.0.0-20250618110550-c820a94c77b8 h1:4KCscI9qYWMGTuz6BpJtbUSRzcBrUSSE0ENMJbNSrFs= +github.com/go-text/typesetting-utils v0.0.0-20250618110550-c820a94c77b8/go.mod h1:3/62I4La/HBRX9TcTpBj4eipLiwzf+vhI+7whTc9V7o= +github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= +github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/google/pprof v0.0.0-20211214055906-6f57359322fd h1:1FjCyPC+syAzJ5/2S8fqdZK1R22vvA0J7JZKcuOIQ7Y= +github.com/google/pprof v0.0.0-20211214055906-6f57359322fd/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg= +github.com/hack-pad/go-indexeddb v0.3.2 h1:DTqeJJYc1usa45Q5r52t01KhvlSN02+Oq+tQbSBI91A= +github.com/hack-pad/go-indexeddb v0.3.2/go.mod h1:QvfTevpDVlkfomY498LhstjwbPW6QC4VC/lxYb0Kom0= +github.com/hack-pad/safejs v0.1.0 h1:qPS6vjreAqh2amUqj4WNG1zIw7qlRQJ9K10eDKMCnE8= +github.com/hack-pad/safejs v0.1.0/go.mod h1:HdS+bKF1NrE72VoXZeWzxFOVQVUSqZJAG0xNCnb+Tio= +github.com/jeandeaual/go-locale v0.0.0-20250612000132-0ef82f21eade h1:FmusiCI1wHw+XQbvL9M+1r/C3SPqKrmBaIOYwVfQoDE= +github.com/jeandeaual/go-locale v0.0.0-20250612000132-0ef82f21eade/go.mod h1:ZDXo8KHryOWSIqnsb/CiDq7hQUYryCgdVnxbj8tDG7o= +github.com/jsummers/gobmp v0.0.0-20230614200233-a9de23ed2e25 h1:YLvr1eE6cdCqjOe972w/cYF+FjW34v27+9Vo5106B4M= +github.com/jsummers/gobmp v0.0.0-20230614200233-a9de23ed2e25/go.mod h1:kLgvv7o6UM+0QSf0QjAse3wReFDsb9qbZJdfexWlrQw= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ= +github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8= +github.com/nicksnyder/go-i18n/v2 v2.5.1 h1:IxtPxYsR9Gp60cGXjfuR/llTqV8aYMsC472zD0D1vHk= +github.com/nicksnyder/go-i18n/v2 v2.5.1/go.mod h1:DrhgsSDZxoAfvVrBVLXoxZn/pN5TXqaDbq7ju94viiQ= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= +github.com/pkg/profile v1.7.0 h1:hnbDkaNWPCLMO9wGLdBFTIZvzDrDfBM2072E1S9gJkA= +github.com/pkg/profile v1.7.0/go.mod h1:8Uer0jas47ZQMJ7VD+OHknK4YDY07LPUC6dEvqDjvNo= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/rymdport/portal v0.4.2 h1:7jKRSemwlTyVHHrTGgQg7gmNPJs88xkbKcIL3NlcmSU= +github.com/rymdport/portal v0.4.2/go.mod h1:kFF4jslnJ8pD5uCi17brj/ODlfIidOxlgUDTO5ncnC4= +github.com/srwiley/oksvg v0.0.0-20221011165216-be6e8873101c h1:km8GpoQut05eY3GiYWEedbTT0qnSxrCjsVbb7yKY1KE= +github.com/srwiley/oksvg v0.0.0-20221011165216-be6e8873101c/go.mod h1:cNQ3dwVJtS5Hmnjxy6AgTPd0Inb3pW05ftPSX7NZO7Q= +github.com/srwiley/rasterx v0.0.0-20220730225603-2ab79fcdd4ef h1:Ch6Q+AZUxDBCVqdkI8FSpFyZDtCVBc2VmejdNrm5rRQ= +github.com/srwiley/rasterx v0.0.0-20220730225603-2ab79fcdd4ef/go.mod h1:nXTWP6+gD5+LUJ8krVhhoeHjvHTutPxMYl5SvkcnJNE= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/yuin/goldmark v1.7.8 h1:iERMLn0/QJeHFhxSt3p6PeN9mGnvIKSpG9YYorDMnic= +github.com/yuin/goldmark v1.7.8/go.mod h1:uzxRWxtg69N339t3louHJ7+O03ezfj6PlliRlaOzY1E= +golang.org/x/image v0.24.0 h1:AN7zRgVsbvmTfNyqIbbOraYL8mSwcKncEj8ofjgzcMQ= +golang.org/x/image v0.24.0/go.mod h1:4b/ITuLfqYq1hqZcjofwctIhi7sZh2WaCjvsBNjjya8= +golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8= +golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= +golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/ui/logger.go b/ui/logger.go new file mode 100644 index 0000000..f6fd5f7 --- /dev/null +++ b/ui/logger.go @@ -0,0 +1,23 @@ +package main + +import "fmt" + +var currentProgram *Program + +func log(msg string, args ...interface{}) { + var formattedMsg string + if len(args) > 0 { + formattedMsg = fmt.Sprintf(msg, args...) + fmt.Println(formattedMsg) + } else { + formattedMsg = msg + fmt.Println(msg) + } + + if currentProgram != nil && currentProgram.LogsChannel != nil { + select { + case currentProgram.LogsChannel <- formattedMsg: + default: + } + } +} diff --git a/ui/main.go b/ui/main.go new file mode 100644 index 0000000..e24ca4e --- /dev/null +++ b/ui/main.go @@ -0,0 +1,129 @@ +package main + +import ( + "os/exec" + "runtime" + "sync" + + "image/color" + + "fyne.io/fyne/v2" + "fyne.io/fyne/v2/app" + "fyne.io/fyne/v2/canvas" + "fyne.io/fyne/v2/container" + "fyne.io/fyne/v2/theme" + "fyne.io/fyne/v2/widget" +) + +type Program struct { + App fyne.App + ParentWindow fyne.Window + RunString string + RunCheck *widget.Check + Config *Config + Cmd *exec.Cmd + CmdMu sync.Mutex + LogsArea *widget.RichText + LogsText *widget.Label + LogsChannel chan string + LogsContent string + LogsMu sync.Mutex +} + +func main() { + log("Starting application...") + program := NewProgram() + program.Run() +} + +func NewProgram() *Program { + log("Initializing program...") + uOs := runtime.GOOS + log("RUNTIME: Detected OS - %v", uOs) + p := &Program{ + App: app.New(), + LogsChannel: make(chan string, 100), + } + currentProgram = p + cfg := p.loadConfig() + cfg.Os = uOs + p.Config = cfg + p.buildRunString(cfg.ConferenceID, cfg.EncryptionKey, cfg.SocksPort, cfg.DNS) + return p +} + +func (p *Program) Run() { + log("Creating main window...") + w := p.App.NewWindow("OlcRTC") + w.CenterOnScreen() + w.Resize(fyne.NewSize(1280, 700)) + w.SetOnClosed(p.olcrtcStop) + p.ParentWindow = w + + settingsBtn := widget.NewButtonWithIcon("Settings", theme.SettingsIcon(), func() { + log("Settings button clicked") + p.settingsWindow() + }) + + p.RunCheck = widget.NewCheck("Run", func(b bool) { + if b { + log("Run enabled") + p.olcrtcRun() + } else { + log("Run disabled") + p.olcrtcStop() + } + }) + + // Create logs display area + p.LogsText = widget.NewLabel("") + p.LogsText.Wrapping = fyne.TextWrapWord + logsScroll := container.NewScroll(p.LogsText) + logsScroll.SetMinSize(fyne.NewSize(0, 300)) + + // Create styled logs box with darker background + bgRect := canvas.NewRectangle(color.NRGBA{R: 40, G: 40, B: 40, A: 255}) + logsWithPadding := container.NewBorder( + widget.NewLabel("Logs"), + nil, nil, nil, + logsScroll, + ) + logsBox := container.NewStack( + bgRect, + container.NewBorder( + nil, nil, nil, nil, + logsWithPadding, + ), + ) + + topBar := container.NewBorder( + settingsBtn, + p.RunCheck, nil, nil, + ) + + mainContent := container.NewVBox( + topBar, + logsBox, + ) + + w.SetContent(mainContent) + + go p.listenLogs() + + log("Window created and running...") + w.ShowAndRun() +} + +func (p *Program) listenLogs() { + for logMsg := range p.LogsChannel { + fyne.Do(func() { + if p.LogsText != nil { + p.LogsMu.Lock() + p.LogsContent += logMsg + "\n" + logsToDisplay := p.LogsContent + p.LogsMu.Unlock() + p.LogsText.SetText(logsToDisplay) + } + }) + } +} diff --git a/ui/process.go b/ui/process.go new file mode 100644 index 0000000..032b08b --- /dev/null +++ b/ui/process.go @@ -0,0 +1,150 @@ +package main + +import ( + "bufio" + "fmt" + "io" + "os" + "os/exec" + "time" +) + +func pipeOutput(reader io.ReadCloser, prefix string) { + defer reader.Close() + scanner := bufio.NewScanner(reader) + for scanner.Scan() { + line := scanner.Text() + if prefix != "" { + log("olcrtc %s: %s", prefix, line) + } else { + log("olcrtc: %s", line) + } + } + if err := scanner.Err(); err != nil { + log("ERROR: Failed to read %s: %v", prefix, err) + } +} + +func (p *Program) olcrtcRun() { + log("%s - Starting olcrtc process...", time.Now().Format("2006-01-02 15:04:05")) + if p.RunString == "" { + log("ERROR: Run string is empty. Please configure settings first.") + p.showError(fmt.Errorf("run string is empty - please configure settings")) + p.MarkUncheck() + return + } + + var cmd *exec.Cmd + if p.Config.Os == "windows" { + cmd = exec.Command("cmd.exe", "/C", p.RunString) + } else { + cmd = exec.Command("sh", "-c", p.RunString) + } + + stdout, err := cmd.StdoutPipe() + if err != nil { + log("ERROR: Failed to create stdout pipe: %v", err) + p.showError(err) + p.MarkUncheck() + return + } + + stderr, err := cmd.StderrPipe() + if err != nil { + log("ERROR: Failed to create stderr pipe: %v", err) + p.showError(err) + p.MarkUncheck() + return + } + + p.CmdMu.Lock() + p.Cmd = cmd + err = p.Cmd.Start() + pid := 0 + if err == nil && p.Cmd.Process != nil { + pid = p.Cmd.Process.Pid + } + p.CmdMu.Unlock() + + if err != nil { + log("ERROR: Failed to start olcrtc: %v", err) + p.showError(err) + p.CmdMu.Lock() + p.Cmd = nil + p.CmdMu.Unlock() + p.MarkUncheck() + } else { + log("olcrtc process started (PID: %d)", pid) + + go pipeOutput(stdout, "stdout") + go pipeOutput(stderr, "stderr") + + go func() { + p.CmdMu.Lock() + cmd := p.Cmd + p.CmdMu.Unlock() + + if cmd != nil { + err = cmd.Wait() + if err != nil { + log("olcrtc process exited with error: %v", err) + p.MarkUncheck() + } else { + log("olcrtc process exited successfully") + } + } + + p.CmdMu.Lock() + p.Cmd = nil + p.CmdMu.Unlock() + }() + } +} + +func (p *Program) olcrtcStop() { + log("%s - Stopping olcrtc process...", time.Now().Format("2006-01-02 15:04:05")) + + p.CmdMu.Lock() + cmd := p.Cmd + p.CmdMu.Unlock() + + if cmd == nil || cmd.Process == nil { + log("WARNING: No active olcrtc process to stop") + return + } + + var err error + if p.Config.Os == "windows" { + err = cmd.Process.Kill() + } else { + err = cmd.Process.Signal(os.Interrupt) + } + if err != nil { + log("ERROR: Failed to signal olcrtc: %v", err) + p.showError(err) + return + } + + log("olcrtc process termination signal sent (PID: %d)", cmd.Process.Pid) + + done := make(chan error, 1) + go func() { + done <- cmd.Wait() + }() + + select { + case <-time.After(5 * time.Second): + log("WARNING: Process did not exit gracefully, forcing kill...") + if err := cmd.Process.Kill(); err != nil { + log("ERROR: Failed to kill olcrtc: %v", err) + } else { + log("olcrtc process forcefully killed (PID: %d)", cmd.Process.Pid) + } + case err := <-done: + if err != nil { + log("olcrtc process exited with error: %v", err) + } else { + log("olcrtc process exited gracefully") + } + } +} diff --git a/ui/ui.go b/ui/ui.go new file mode 100644 index 0000000..229c07f --- /dev/null +++ b/ui/ui.go @@ -0,0 +1,84 @@ +package main + +import ( + "fmt" + + "fyne.io/fyne/v2" + "fyne.io/fyne/v2/container" + "fyne.io/fyne/v2/dialog" + "fyne.io/fyne/v2/theme" + "fyne.io/fyne/v2/widget" +) + +func (p *Program) settingsWindow() { + log("Opening settings dialog...") + + dns := widget.NewEntry() + dns.SetPlaceHolder("1.1.1.1") + if p.Config.DNS != "" { + dns.SetText(p.Config.DNS) + } + + encrpKey := widget.NewEntry() + if p.Config.EncryptionKey != "" { + encrpKey.SetText(p.Config.EncryptionKey) + } + + socksPort := widget.NewEntry() + socksPort.SetPlaceHolder("1080") + if p.Config.SocksPort != "" { + socksPort.SetText(p.Config.SocksPort) + } + + conferenceId := widget.NewEntry() + if p.Config.ConferenceID != "" { + conferenceId.SetText(p.Config.ConferenceID) + } + + applyBtn := widget.NewButtonWithIcon("Apply", theme.CheckButtonCheckedIcon(), func() { + log("Applying settings...") + p.buildRunString(conferenceId.Text, encrpKey.Text, socksPort.Text, dns.Text) + p.saveConfig(dns.Text, encrpKey.Text, socksPort.Text, conferenceId.Text) + }) + + content := container.NewVBox( + widget.NewLabel("Custom DNS Server"), + dns, + widget.NewLabel("Encryption Key"), + encrpKey, + widget.NewLabel("Socks Port"), + socksPort, + widget.NewLabel("Conference ID"), + conferenceId, + applyBtn, + ) + dialog.ShowCustom("Settings", "Close", content, p.ParentWindow) +} + +func (p *Program) buildRunString(conferenceId, encryptionKey, socksPort, dns string) { + log("Building run string...") + log(" Conference ID: %s", conferenceId) + log(" Encryption Key: %s", encryptionKey) + log(" Socks Port: %s", socksPort) + log(" DNS Server: %s", dns) + switch p.Config.Os { + case "windows": + p.RunString = fmt.Sprintf("olcrtc.exe -mode cnc -id \"%s\" -key \"%s\" -socks-port %s -dns %s", conferenceId, encryptionKey, socksPort, dns) + case "linux", "darwin": + p.RunString = fmt.Sprintf("./olcrtc -mode cnc -id \"%s\" -key \"%s\" -socks-port %s -dns %s", conferenceId, encryptionKey, socksPort, dns) + default: // in case for freeBSD and etc + p.RunString = fmt.Sprintf("olcrtc -mode cnc -id \"%s\" -key \"%s\" -socks-port %s -dns %s", conferenceId, encryptionKey, socksPort, dns) + } + log("Generated command: %s", p.RunString) +} + +func (p *Program) showError(err error) { + dialog.ShowError(err, p.ParentWindow) +} + +// fyne.Do used here to execute function in the main context frame +// we can just paste p.RunCheck.SetChecked(false) and that'll work. but if so +// there'll be a bunch of warnings(thread safety) +func (p *Program) MarkUncheck() { + fyne.Do(func() { p.RunCheck.SetChecked(false) }) +}