[misc] Move shared components to shared directory (#4286)

Moved the following directories: ``` - management/client → shared/management/client - management/domain → shared/management/domain - management/proto → shared/management/proto - signal/client → shared/signal/client - signal/proto → shared/signal/proto - relay/client → shared/relay/client - relay/auth → shared/relay/auth ``` and adjusted import paths
2026-04-19 16:56:39 +00:00 · 2025-08-05 15:22:58 +02:00
parent 3d3c4c5844
commit 1d5e871bdf
172 changed files with 181 additions and 152 deletions
--- a/shared/relay/client/dialer/net/err.go
+++ b/shared/relay/client/dialer/net/err.go
@@ -0,0 +1,7 @@
+package net
+
+import "errors"
+
+var (
+	ErrClosedByServer = errors.New("closed by server")
+)
--- a/shared/relay/client/dialer/quic/conn.go
+++ b/shared/relay/client/dialer/quic/conn.go
@@ -0,0 +1,97 @@
+package quic
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/quic-go/quic-go"
+	log "github.com/sirupsen/logrus"
+
+	netErr "github.com/netbirdio/netbird/shared/relay/client/dialer/net"
+)
+
+const (
+	Network = "quic"
+)
+
+type Addr struct {
+	addr string
+}
+
+func (a Addr) Network() string {
+	return Network
+}
+
+func (a Addr) String() string {
+	return a.addr
+}
+
+type Conn struct {
+	session quic.Connection
+	ctx     context.Context
+}
+
+func NewConn(session quic.Connection) net.Conn {
+	return &Conn{
+		session: session,
+		ctx:     context.Background(),
+	}
+}
+
+func (c *Conn) Read(b []byte) (n int, err error) {
+	dgram, err := c.session.ReceiveDatagram(c.ctx)
+	if err != nil {
+		return 0, c.remoteCloseErrHandling(err)
+	}
+
+	n = copy(b, dgram)
+	return n, nil
+}
+
+func (c *Conn) Write(b []byte) (int, error) {
+	err := c.session.SendDatagram(b)
+	if err != nil {
+		err = c.remoteCloseErrHandling(err)
+		log.Errorf("failed to write to QUIC stream: %v", err)
+		return 0, err
+	}
+	return len(b), nil
+}
+
+func (c *Conn) RemoteAddr() net.Addr {
+	return c.session.RemoteAddr()
+}
+
+func (c *Conn) LocalAddr() net.Addr {
+	if c.session != nil {
+		return c.session.LocalAddr()
+	}
+	return Addr{addr: "unknown"}
+}
+
+func (c *Conn) SetReadDeadline(t time.Time) error {
+	return fmt.Errorf("SetReadDeadline is not implemented")
+}
+
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+	return fmt.Errorf("SetWriteDeadline is not implemented")
+}
+
+func (c *Conn) SetDeadline(t time.Time) error {
+	return nil
+}
+
+func (c *Conn) Close() error {
+	return c.session.CloseWithError(0, "normal closure")
+}
+
+func (c *Conn) remoteCloseErrHandling(err error) error {
+	var appErr *quic.ApplicationError
+	if errors.As(err, &appErr) && appErr.ErrorCode == 0x0 {
+		return netErr.ErrClosedByServer
+	}
+	return err
+}
--- a/shared/relay/client/dialer/quic/quic.go
+++ b/shared/relay/client/dialer/quic/quic.go
@@ -0,0 +1,99 @@
+package quic
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+	"time"
+
+	"github.com/quic-go/quic-go"
+	log "github.com/sirupsen/logrus"
+
+	quictls "github.com/netbirdio/netbird/relay/tls"
+	nbnet "github.com/netbirdio/netbird/util/net"
+)
+
+type Dialer struct {
+}
+
+func (d Dialer) Protocol() string {
+	return Network
+}
+
+func (d Dialer) Dial(ctx context.Context, address string) (net.Conn, error) {
+	quicURL, err := prepareURL(address)
+	if err != nil {
+		return nil, err
+	}
+
+	// Get the base TLS config
+	tlsClientConfig := quictls.ClientQUICTLSConfig()
+
+	// Set ServerName to hostname if not an IP address
+	host, _, splitErr := net.SplitHostPort(quicURL)
+	if splitErr == nil && net.ParseIP(host) == nil {
+		// It's a hostname, not an IP - modify directly
+		tlsClientConfig.ServerName = host
+	}
+
+	quicConfig := &quic.Config{
+		KeepAlivePeriod:   30 * time.Second,
+		MaxIdleTimeout:    4 * time.Minute,
+		EnableDatagrams:   true,
+		InitialPacketSize: 1452,
+	}
+
+	udpConn, err := nbnet.ListenUDP("udp", &net.UDPAddr{IP: net.IPv4zero, Port: 0})
+	if err != nil {
+		log.Errorf("failed to listen on UDP: %s", err)
+		return nil, err
+	}
+
+	udpAddr, err := net.ResolveUDPAddr("udp", quicURL)
+	if err != nil {
+		log.Errorf("failed to resolve UDP address: %s", err)
+		return nil, err
+	}
+
+	session, err := quic.Dial(ctx, udpConn, udpAddr, tlsClientConfig, quicConfig)
+	if err != nil {
+		if errors.Is(err, context.Canceled) {
+			return nil, err
+		}
+		log.Errorf("failed to dial to Relay server via QUIC '%s': %s", quicURL, err)
+		return nil, err
+	}
+
+	conn := NewConn(session)
+	return conn, nil
+}
+
+func prepareURL(address string) (string, error) {
+	var host string
+	var defaultPort string
+
+	switch {
+	case strings.HasPrefix(address, "rels://"):
+		host = address[7:]
+		defaultPort = "443"
+	case strings.HasPrefix(address, "rel://"):
+		host = address[6:]
+		defaultPort = "80"
+	default:
+		return "", fmt.Errorf("unsupported scheme: %s", address)
+	}
+
+	finalHost, finalPort, err := net.SplitHostPort(host)
+	if err != nil {
+		if strings.Contains(err.Error(), "missing port") {
+			return host + ":" + defaultPort, nil
+		}
+
+		// return any other split error as is
+		return "", err
+	}
+
+	return finalHost + ":" + finalPort, nil
+}
--- a/shared/relay/client/dialer/race_dialer.go
+++ b/shared/relay/client/dialer/race_dialer.go
@@ -0,0 +1,98 @@
+package dialer
+
+import (
+	"context"
+	"errors"
+	"net"
+	"time"
+
+	log "github.com/sirupsen/logrus"
+)
+
+const (
+	DefaultConnectionTimeout = 30 * time.Second
+)
+
+type DialeFn interface {
+	Dial(ctx context.Context, address string) (net.Conn, error)
+	Protocol() string
+}
+
+type dialResult struct {
+	Conn     net.Conn
+	Protocol string
+	Err      error
+}
+
+type RaceDial struct {
+	log               *log.Entry
+	serverURL         string
+	dialerFns         []DialeFn
+	connectionTimeout time.Duration
+}
+
+func NewRaceDial(log *log.Entry, connectionTimeout time.Duration, serverURL string, dialerFns ...DialeFn) *RaceDial {
+	return &RaceDial{
+		log:               log,
+		serverURL:         serverURL,
+		dialerFns:         dialerFns,
+		connectionTimeout: connectionTimeout,
+	}
+}
+
+func (r *RaceDial) Dial() (net.Conn, error) {
+	connChan := make(chan dialResult, len(r.dialerFns))
+	winnerConn := make(chan net.Conn, 1)
+	abortCtx, abort := context.WithCancel(context.Background())
+	defer abort()
+
+	for _, dfn := range r.dialerFns {
+		go r.dial(dfn, abortCtx, connChan)
+	}
+
+	go r.processResults(connChan, winnerConn, abort)
+
+	conn, ok := <-winnerConn
+	if !ok {
+		return nil, errors.New("failed to dial to Relay server on any protocol")
+	}
+	return conn, nil
+}
+
+func (r *RaceDial) dial(dfn DialeFn, abortCtx context.Context, connChan chan dialResult) {
+	ctx, cancel := context.WithTimeout(abortCtx, r.connectionTimeout)
+	defer cancel()
+
+	r.log.Infof("dialing Relay server via %s", dfn.Protocol())
+	conn, err := dfn.Dial(ctx, r.serverURL)
+	connChan <- dialResult{Conn: conn, Protocol: dfn.Protocol(), Err: err}
+}
+
+func (r *RaceDial) processResults(connChan chan dialResult, winnerConn chan net.Conn, abort context.CancelFunc) {
+	var hasWinner bool
+	for i := 0; i < len(r.dialerFns); i++ {
+		dr := <-connChan
+		if dr.Err != nil {
+			if errors.Is(dr.Err, context.Canceled) {
+				r.log.Infof("connection attempt aborted via: %s", dr.Protocol)
+			} else {
+				r.log.Errorf("failed to dial via %s: %s", dr.Protocol, dr.Err)
+			}
+			continue
+		}
+
+		if hasWinner {
+			if cerr := dr.Conn.Close(); cerr != nil {
+				r.log.Warnf("failed to close connection via %s: %s", dr.Protocol, cerr)
+			}
+			continue
+		}
+
+		r.log.Infof("successfully dialed via: %s", dr.Protocol)
+
+		abort()
+		hasWinner = true
+		winnerConn <- dr.Conn
+	}
+	close(winnerConn)
+}
--- a/shared/relay/client/dialer/race_dialer_test.go
+++ b/shared/relay/client/dialer/race_dialer_test.go
@@ -0,0 +1,252 @@
+package dialer
+
+import (
+	"context"
+	"errors"
+	"net"
+	"testing"
+	"time"
+
+	"github.com/sirupsen/logrus"
+)
+
+type MockAddr struct {
+	network string
+}
+
+func (m *MockAddr) Network() string {
+	return m.network
+}
+
+func (m *MockAddr) String() string {
+	return "1.2.3.4"
+}
+
+// MockDialer is a mock implementation of DialeFn
+type MockDialer struct {
+	dialFunc    func(ctx context.Context, address string) (net.Conn, error)
+	protocolStr string
+}
+
+func (m *MockDialer) Dial(ctx context.Context, address string) (net.Conn, error) {
+	return m.dialFunc(ctx, address)
+}
+
+func (m *MockDialer) Protocol() string {
+	return m.protocolStr
+}
+
+// MockConn implements net.Conn for testing
+type MockConn struct {
+	remoteAddr net.Addr
+}
+
+func (m *MockConn) Read(b []byte) (n int, err error) {
+	return 0, nil
+}
+
+func (m *MockConn) Write(b []byte) (n int, err error) {
+	return 0, nil
+}
+
+func (m *MockConn) Close() error {
+	return nil
+}
+
+func (m *MockConn) LocalAddr() net.Addr {
+	return nil
+}
+
+func (m *MockConn) RemoteAddr() net.Addr {
+	return m.remoteAddr
+}
+
+func (m *MockConn) SetDeadline(t time.Time) error {
+	return nil
+}
+
+func (m *MockConn) SetReadDeadline(t time.Time) error {
+	return nil
+}
+
+func (m *MockConn) SetWriteDeadline(t time.Time) error {
+	return nil
+}
+
+func TestRaceDialEmptyDialers(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+	serverURL := "test.server.com"
+
+	rd := NewRaceDial(logger, DefaultConnectionTimeout, serverURL)
+	conn, err := rd.Dial()
+	if err == nil {
+		t.Errorf("Expected an error with empty dialers, got nil")
+	}
+	if conn != nil {
+		t.Errorf("Expected nil connection with empty dialers, got %v", conn)
+	}
+}
+
+func TestRaceDialSingleSuccessfulDialer(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+	serverURL := "test.server.com"
+	proto := "test-protocol"
+
+	mockConn := &MockConn{
+		remoteAddr: &MockAddr{network: proto},
+	}
+
+	mockDialer := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			return mockConn, nil
+		},
+		protocolStr: proto,
+	}
+
+	rd := NewRaceDial(logger, DefaultConnectionTimeout, serverURL, mockDialer)
+	conn, err := rd.Dial()
+	if err != nil {
+		t.Errorf("Expected no error, got %v", err)
+	}
+	if conn == nil {
+		t.Errorf("Expected non-nil connection")
+	}
+}
+
+func TestRaceDialMultipleDialersWithOneSuccess(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+	serverURL := "test.server.com"
+	proto2 := "protocol2"
+
+	mockConn2 := &MockConn{
+		remoteAddr: &MockAddr{network: proto2},
+	}
+
+	mockDialer1 := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			return nil, errors.New("first dialer failed")
+		},
+		protocolStr: "proto1",
+	}
+
+	mockDialer2 := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			return mockConn2, nil
+		},
+		protocolStr: "proto2",
+	}
+
+	rd := NewRaceDial(logger, DefaultConnectionTimeout, serverURL, mockDialer1, mockDialer2)
+	conn, err := rd.Dial()
+	if err != nil {
+		t.Errorf("Expected no error, got %v", err)
+	}
+	if conn.RemoteAddr().Network() != proto2 {
+		t.Errorf("Expected connection with protocol %s, got %s", proto2, conn.RemoteAddr().Network())
+	}
+	_ = conn.Close()
+}
+
+func TestRaceDialTimeout(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+	serverURL := "test.server.com"
+
+	mockDialer := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			<-ctx.Done()
+			return nil, ctx.Err()
+		},
+		protocolStr: "proto1",
+	}
+
+	rd := NewRaceDial(logger, 3*time.Second, serverURL, mockDialer)
+	conn, err := rd.Dial()
+	if err == nil {
+		t.Errorf("Expected an error, got nil")
+	}
+	if conn != nil {
+		t.Errorf("Expected nil connection, got %v", conn)
+	}
+}
+
+func TestRaceDialAllDialersFail(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+	serverURL := "test.server.com"
+
+	mockDialer1 := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			return nil, errors.New("first dialer failed")
+		},
+		protocolStr: "protocol1",
+	}
+
+	mockDialer2 := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			return nil, errors.New("second dialer failed")
+		},
+		protocolStr: "protocol2",
+	}
+
+	rd := NewRaceDial(logger, DefaultConnectionTimeout, serverURL, mockDialer1, mockDialer2)
+	conn, err := rd.Dial()
+	if err == nil {
+		t.Errorf("Expected an error, got nil")
+	}
+	if conn != nil {
+		t.Errorf("Expected nil connection, got %v", conn)
+	}
+}
+
+func TestRaceDialFirstSuccessfulDialerWins(t *testing.T) {
+	logger := logrus.NewEntry(logrus.New())
+	serverURL := "test.server.com"
+	proto1 := "protocol1"
+	proto2 := "protocol2"
+
+	mockConn1 := &MockConn{
+		remoteAddr: &MockAddr{network: proto1},
+	}
+
+	mockConn2 := &MockConn{
+		remoteAddr: &MockAddr{network: proto2},
+	}
+
+	mockDialer1 := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			time.Sleep(1 * time.Second)
+			return mockConn1, nil
+		},
+		protocolStr: proto1,
+	}
+
+	mock2err := make(chan error)
+	mockDialer2 := &MockDialer{
+		dialFunc: func(ctx context.Context, address string) (net.Conn, error) {
+			<-ctx.Done()
+			mock2err <- ctx.Err()
+			return mockConn2, ctx.Err()
+		},
+		protocolStr: proto2,
+	}
+
+	rd := NewRaceDial(logger, DefaultConnectionTimeout, serverURL, mockDialer1, mockDialer2)
+	conn, err := rd.Dial()
+	if err != nil {
+		t.Errorf("Expected no error, got %v", err)
+	}
+	if conn == nil {
+		t.Errorf("Expected non-nil connection")
+	}
+	if conn != mockConn1 {
+		t.Errorf("Expected first connection, got %v", conn)
+	}
+
+	select {
+	case <-time.After(3 * time.Second):
+		t.Errorf("Timed out waiting for second dialer to finish")
+	case err := <-mock2err:
+		if !errors.Is(err, context.Canceled) {
+			t.Errorf("Expected context.Canceled error, got %v", err)
+		}
+	}
+}
--- a/shared/relay/client/dialer/ws/addr.go
+++ b/shared/relay/client/dialer/ws/addr.go
@@ -0,0 +1,17 @@
+package ws
+
+const (
+	Network = "ws"
+)
+
+type WebsocketAddr struct {
+	addr string
+}
+
+func (a WebsocketAddr) Network() string {
+	return Network
+}
+
+func (a WebsocketAddr) String() string {
+	return a.addr
+}
--- a/shared/relay/client/dialer/ws/conn.go
+++ b/shared/relay/client/dialer/ws/conn.go
@@ -0,0 +1,67 @@
+package ws
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/coder/websocket"
+)
+
+type Conn struct {
+	ctx context.Context
+	*websocket.Conn
+	remoteAddr WebsocketAddr
+}
+
+func NewConn(wsConn *websocket.Conn, serverAddress string) net.Conn {
+	return &Conn{
+		ctx:        context.Background(),
+		Conn:       wsConn,
+		remoteAddr: WebsocketAddr{serverAddress},
+	}
+}
+
+func (c *Conn) Read(b []byte) (n int, err error) {
+	t, ioReader, err := c.Conn.Reader(c.ctx)
+	if err != nil {
+		// todo use ErrClosedByServer
+		return 0, err
+	}
+
+	if t != websocket.MessageBinary {
+		return 0, fmt.Errorf("unexpected message type")
+	}
+
+	return ioReader.Read(b)
+}
+
+func (c *Conn) Write(b []byte) (n int, err error) {
+	err = c.Conn.Write(c.ctx, websocket.MessageBinary, b)
+	return 0, err
+}
+
+func (c *Conn) RemoteAddr() net.Addr {
+	return c.remoteAddr
+}
+
+func (c *Conn) LocalAddr() net.Addr {
+	return WebsocketAddr{addr: "unknown"}
+}
+
+func (c *Conn) SetReadDeadline(t time.Time) error {
+	return fmt.Errorf("SetReadDeadline is not implemented")
+}
+
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+	return fmt.Errorf("SetWriteDeadline is not implemented")
+}
+
+func (c *Conn) SetDeadline(t time.Time) error {
+	return fmt.Errorf("SetDeadline is not implemented")
+}
+
+func (c *Conn) Close() error {
+	return c.Conn.CloseNow()
+}
--- a/shared/relay/client/dialer/ws/ws.go
+++ b/shared/relay/client/dialer/ws/ws.go
@@ -0,0 +1,90 @@
+package ws
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"strings"
+
+	"github.com/coder/websocket"
+	log "github.com/sirupsen/logrus"
+
+	"github.com/netbirdio/netbird/relay/server/listener/ws"
+	"github.com/netbirdio/netbird/util/embeddedroots"
+	nbnet "github.com/netbirdio/netbird/util/net"
+)
+
+type Dialer struct {
+}
+
+func (d Dialer) Protocol() string {
+	return "WS"
+}
+
+func (d Dialer) Dial(ctx context.Context, address string) (net.Conn, error) {
+	wsURL, err := prepareURL(address)
+	if err != nil {
+		return nil, err
+	}
+
+	opts := &websocket.DialOptions{
+		HTTPClient: httpClientNbDialer(),
+	}
+
+	parsedURL, err := url.Parse(wsURL)
+	if err != nil {
+		return nil, err
+	}
+	parsedURL.Path = ws.URLPath
+
+	wsConn, resp, err := websocket.Dial(ctx, parsedURL.String(), opts)
+	if err != nil {
+		if errors.Is(err, context.Canceled) {
+			return nil, err
+		}
+		log.Errorf("failed to dial to Relay server '%s': %s", wsURL, err)
+		return nil, err
+	}
+	if resp.Body != nil {
+		_ = resp.Body.Close()
+	}
+
+	conn := NewConn(wsConn, address)
+	return conn, nil
+}
+
+func prepareURL(address string) (string, error) {
+	if !strings.HasPrefix(address, "rel:") && !strings.HasPrefix(address, "rels:") {
+		return "", fmt.Errorf("unsupported scheme: %s", address)
+	}
+
+	return strings.Replace(address, "rel", "ws", 1), nil
+}
+
+func httpClientNbDialer() *http.Client {
+	customDialer := nbnet.NewDialer()
+
+	certPool, err := x509.SystemCertPool()
+	if err != nil || certPool == nil {
+		log.Debugf("System cert pool not available; falling back to embedded cert, error: %v", err)
+		certPool = embeddedroots.Get()
+	}
+
+	customTransport := &http.Transport{
+		DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
+			return customDialer.DialContext(ctx, network, addr)
+		},
+		TLSClientConfig: &tls.Config{
+			RootCAs: certPool,
+		},
+	}
+
+	return &http.Client{
+		Transport: customTransport,
+	}
+}