webrtcprivate: add transport

[sukunrt]

Part of: #2009

Depends on: #2586

[marten-seemann]

#2586 was merged. @sukunrt Can you rebase please?

[marten-seemann]

Review of the non-transport parts of this PR.

[marten-seemann]

Why do we need to redeclare this? Is it a requirement for Fx?

[sukunrt]

Nope. Just so that we redefine it a different way later if we want. But I think it's fine to remove this and just take the pion specific object. We can make a breaking change if this needs to be changed.

[marten-seemann]

It’s a breaking change anyway if we change the underlying type. That should be fine.

[marten-seemann]

Can you remove it?

[marten-seemann]

Why is this a separate option? We already have libp2p.Transport to configure transports. I had hoped that we don't need to introduce a separate knob here.

[marten-seemann]

Are you sure about /ws? Is this supposed to catch the /ws/tls case?

Suggested change

	var browserProtocols []int = []int{ma.P_WEBTRANSPORT, ma.P_WEBRTC_DIRECT, ma.P_WS, ma.P_WSS}
	var browserProtocols = []int{ma.P_WEBTRANSPORT, ma.P_WEBRTC_DIRECT, ma.P_WS, ma.P_WSS}

[sukunrt]

I've removed ma.P_WS. That shouldn't be here.

[marten-seemann]

Why is this needed for WebRTC and not for WebTransport?

As a general design principle, it would be nice if AutoRelay didn't need to contain any transport-specific logic.

[sukunrt]

Yeah. This was a poor choice. I've moved this to host.Addrs. Even this is not great but I'm not sure what else to do without an address pipeline. The flow now is:

BasicHost.AllAddrs => RelayFinder.Addrs => BasicHost.AddrFactory => BasicHost.Addrs

[marten-seemann]

Why does this require extra logic here? Is it because of the certhash? Why doesn't it apply to WebTransport then?

[sukunrt]

The peer address is a circuitv2 address. So we need to check it before the circuitv2 check but the check is the same as the circuit v2 check.

The address is of the form
/ip4/1.2.3.4/udp/1/quic-v1/p2p/<relay-id>/p2p-circuit/webrtc
So we need to ensure that we don't use the quic-v1 or the p2p-circuit transport for dialing.

[marten-seemann]

Didn't isRelayAddr already do that? Or phrased differently, the same problem would have occurred for a non-WebRTC address, why do we need special logic for WebRTC now?

[sukunrt]

Yes but we don't want the circuit-v2 transport to handle dialing to the webrtc address.
The previous code was

if isRelayAddr => Use circuitv2 transport. 

But now we need

if isWebRTCAddr => Use webrtcprivate transport.
else if isRelayAddr => Use circuitv2 transport. 

This is because the webrtcprivate address has a p2p-circuit component but we want to use webrtcprivate transport. I could have written this as:

if isRelayAddr(addr):
	if isWebRTCAddr(addr):
		use webrtcprivate transport
	else
		use circuitv2 transport

The flow I've implemented is:
peerAddr: <relay-addr>/p2p-circuit/webrtc

1. webrtcprivate.Transport.Dial is called with peerAddr
2. webrtcprivate.Transport.Dial adds the relay address inferred from the webrtcprivate address inferred from the peerstore. Then makes a host.Connect call to establish a relay connection with the peer.
3. Once relay connection is established it opens a signaling stream and establishes a webrtc connection.

I've chosen this because it is similar to circuitv2 transport which first establishes a direct connection with the relay node and then a circuitv2 connection to the peer over the relayed connection. This also has the nice property that Transport.Dial can connect to the peer over the address no matter the state of the host when Transport.Dial is called. In this case, it means if no circuit-v2 connection exists, it'll make a circuit-v2 connection first.

[marten-seemann]

This will start multiple Connect calls if there are multiple WebRTC addresses.

[sukunrt]

It returns immediately after this line, so this should be fine, no?

[marten-seemann]

What happens if the peer supports DCUtR, but there are only WebRTC addresses?

[sukunrt]

That case is handled here: https://github.com/libp2p/go-libp2p/blob/webrtcprivate/transport/p2p/protocol/holepunch/holepuncher.go#L142

In this case the peer(DCUtR initiator) is best suited to handle the call so I've kept it on that side.

[marten-seemann]

Should we move the shared parts to a separate package that's imported by both webrtc and webrtcprivate?

[marten-seemann]

Didn't isRelayAddr already do that? Or phrased differently, the same problem would have occurred for a non-WebRTC address, why do we need special logic for WebRTC now?

[marten-seemann]

Why?

[marten-seemann]

I don't think this is how it's intended in the net.Addr. The doc says:

name of the network (for example, "tcp", "udp")

[marten-seemann]

Do we need to close the scope here?

[marten-seemann]

Suggested change

	if msg.Type == nil || *msg.Type != pb.Message_SDP_OFFER {
	if msg.GetType() != pb.Message_SDP_OFFER {

[marten-seemann]

Suggested change

	if msg.Type == nil || *msg.Type != pb.Message_ICE_CANDIDATE {
	if msg.GetType() != pb.Message_ICE_CANDIDATE {

[marten-seemann]

Suggested change

	if msg.Data == nil || *msg.Data == "" {
	if len(msg.GetData()) == 0 {

[marten-seemann]

Suggested change

	if err := json.Unmarshal([]byte(*msg.Data), &init); err != nil {
	if err := json.Unmarshal([]byte(msg.GetData()), &init); err != nil {

[marten-seemann]

Exported function returning unexported type.

Why is this method needed? Why don't we have such a method for other transports?

[sukunrt]

We have this method for circuit-v2 transport. We need this method for the same reason for webrtc private transport.

The peer address is <relay-addr>/p2p-circuit/webrtc. This transport will first make a relayed connection with the peer, which is why it needs access to the host. After this point it establishes the connection over the signaling stream.

[marten-seemann]

Nit: Don't make this public. Redefine if necessary.