Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Force WebRTC connection via TURN server #4

Open
RND332 opened this issue Jan 10, 2023 · 3 comments
Open

Force WebRTC connection via TURN server #4

RND332 opened this issue Jan 10, 2023 · 3 comments

Comments

@RND332
Copy link

RND332 commented Jan 10, 2023

Is it possible to make a MitM proxy, or use hookAllWebRTC, so that all WebRTC connections use TURN server?
@pimterry
Copy link
Member

Hi @RND332. Right now this isn't possible, MockRTC doesn't really have good support for messing around with TURN yet, but I'm definitely interested in adding that!

To be clear, you're looking for something like "don't allow direct connections, force TURN relaying to be used for all connections instead", is that right?

When acting as a mitm proxy, MockRTC effectively has two independent WebRTC connections - one to the hooked client and one to the real remote peer elsewhere. Does it make a difference which connection uses TURN in your scenario?

Can you share any more info about why you want to force TURN, and context of how you'd use this if it existed? It's much easier to design this kind of thing with a concrete goal in mind.

@RND332
Copy link
Author

RND332 commented Jan 16, 2023

Hi @pimterry, yes, I've been thinking for a long time about making browser add-ons that could hide the public WebRTC address for websites, since today it is almost impossible to find a proxy with UDP support, I know that firefox allows you to do this, but it's not very convenient and still most use chromium-based browsers. At the moment, I have done this by a rough override of the constructor, but it seems to me that the httptoolkit provides a more elegant (and most importantly at least a little more inconspicuous) solution, so I would be glad to know that something like this will be added.

PS I also think it will be convenient to evaluate when developing WebRTC applications whether it is worth using TURN instead of direct connection for a better UX

@pimterry
Copy link
Member

Ok, that makes sense. If you're looking to do this anonymously, you really just need to modify the SDP sent to the remote client to remove every address except relay addresses there (and not send other addresses as ICE candidates later, but that doesn't apply in the MockRTC case, since it doesn't trickle candidates).

I think that should be sufficient and fairly easy. I've been meaning to look into more detailed TURN support eventually (currently you can't configure TURN addresses via MockRTC, so this isn't possible) and once that's added, I'll definitely take a look at this!

I can't promise an immediate ETA though, so if you're enthusiastic in the meantime PRs are very welcome. Let me know if you're interested in that and I can give you some pointers in the right direction.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pimterry @RND332