From f6b2962e705eee64837e95d8150ae5a7057b612a Mon Sep 17 00:00:00 2001
From: Louis Maillard <louis.maillard@savoirfairelinux.com>
Date: Mon, 9 Sep 2024 10:44:06 -0400
Subject: [PATCH] config: replace jami.net servers by sfl.io
We was using jami.net tun server and bootstrap node in docs, config and
even source code as default. To split concerns, DHTNet now have it's
own turn.sfl.io and bootstrap.sfl.io services for demonstration and
public testing purpose. They are still not intended for production use.
Also change default conf to allow anonymous by default.
This is not a security concern as by default we only allow SSH access,
which is secure and restricted by key / password.
Change-Id: Ibcd3607dcd7f46ed21c0ac396fde0459edc2c92e
---
src/connectionmanager.cpp | 2 +-
tests/connectionManager.cpp | 2 +-
tests/ice.cpp | 28 ++++++++++++++--------------
tests/turnCache.cpp | 16 ++++++++--------
tools/benchmark/main.cpp | 2 +-
tools/dhtnet_crtmgr/main.cpp | 16 ++++++++--------
tools/dnc/dnc.yaml | 18 +++++++++---------
tools/dsh/dsh.yaml | 16 ++++++++--------
tools/dvpn/dvpn.1 | 2 +-
tools/dvpn/dvpn.yaml | 16 ++++++++--------
10 files changed, 59 insertions(+), 59 deletions(-)
diff --git a/src/connectionmanager.cpp b/src/connectionmanager.cpp
index 831762b..544435e 100644
--- a/src/connectionmanager.cpp
+++ b/src/connectionmanager.cpp
@@ -77,7 +77,7 @@ createConfig(std::shared_ptr<ConnectionManager::Config> config_)
};
config_->dht = std::make_shared<dht::DhtRunner>();
config_->dht->run(dhtConfig, std::move(dhtContext));
- config_->dht->bootstrap("bootstrap.jami.net");
+ config_->dht->bootstrap("bootstrap.sfl.io");
}
if (!config_->factory){
config_->factory = std::make_shared<IceTransportFactory>(config_->logger);
diff --git a/tests/connectionManager.cpp b/tests/connectionManager.cpp
index 17c9e4d..b4d3af3 100644
--- a/tests/connectionManager.cpp
+++ b/tests/connectionManager.cpp
@@ -80,7 +80,7 @@ public:
std::shared_ptr<IceTransportFactory> factory;
private:
- std::unique_ptr<ConnectionHandler> setupHandler(const dht::crypto::Identity& id, const std::string& bootstrap = "bootstrap.jami.net");
+ std::unique_ptr<ConnectionHandler> setupHandler(const dht::crypto::Identity& id, const std::string& bootstrap = "bootstrap.sfl.io");
std::filesystem::path testDir_;
void testConnectDevice();
diff --git a/tests/ice.cpp b/tests/ice.cpp
index c2c1304..3690661 100644
--- a/tests/ice.cpp
+++ b/tests/ice.cpp
@@ -93,7 +93,7 @@ IceTest::setUp()
};
dht_->run(0, config, std::move(context));
- dht_->bootstrap("bootstrap.jami.net:4222");
+ dht_->bootstrap("bootstrap.sfl.io:4222");
// Wait for the DHT's public address to be available, otherwise the assertion that
// `addr4.size() != 0` at the beginning of several of the tests will fail.
cv.wait_for(lk, std::chrono::seconds(5), [&] {
@@ -101,7 +101,7 @@ IceTest::setUp()
});
}
if (!turnV4_) {
- turnV4_ = std::make_unique<dhtnet::IpAddr>("turn.jami.net", AF_INET);
+ turnV4_ = std::make_unique<dhtnet::IpAddr>("turn.sfl.io", AF_INET);
}
if (!upnpContext) {
if (!ioContext) {
@@ -293,9 +293,9 @@ IceTest::testTurnMasterIceConnection()
ice_config.accountLocalAddr = dhtnet::ip_utils::getLocalAddr(AF_INET);
ice_config.turnServers.emplace_back(dhtnet::TurnServerInfo()
.setUri(turnV4_->toString(true))
- .setUsername("ring")
- .setPassword("ring")
- .setRealm("ring"));
+ .setUsername("sfl")
+ .setPassword("sfl")
+ .setRealm("sfl"));
ice_config.master = true;
ice_config.streamsCount = 1;
ice_config.compCountPerStream = 1;
@@ -476,9 +476,9 @@ IceTest::testTurnSlaveIceConnection()
};
ice_config.turnServers.emplace_back(dhtnet::TurnServerInfo()
.setUri(turnV4_->toString(true))
- .setUsername("ring")
- .setPassword("ring")
- .setRealm("ring"));
+ .setUsername("sfl")
+ .setPassword("sfl")
+ .setRealm("sfl"));
ice_config.master = false;
ice_config.streamsCount = 1;
ice_config.compCountPerStream = 1;
@@ -545,9 +545,9 @@ IceTest::testReceiveTooManyCandidates()
ice_config.accountLocalAddr = dhtnet::ip_utils::getLocalAddr(AF_INET);
ice_config.turnServers.emplace_back(dhtnet::TurnServerInfo()
.setUri(turnV4_->toString(true))
- .setUsername("ring")
- .setPassword("ring")
- .setRealm("ring"));
+ .setUsername("sfl")
+ .setPassword("sfl")
+ .setRealm("sfl"));
ice_config.master = true;
ice_config.streamsCount = 1;
ice_config.compCountPerStream = 1;
@@ -716,9 +716,9 @@ IceTest::testCompleteOnFailure()
};
ice_config.turnServers.emplace_back(dhtnet::TurnServerInfo()
.setUri(turnV4_->toString(true))
- .setUsername("ring")
- .setPassword("ring")
- .setRealm("ring"));
+ .setUsername("sfl")
+ .setPassword("sfl")
+ .setRealm("sfl"));
ice_config.master = false;
ice_config.streamsCount = 1;
ice_config.compCountPerStream = 1;
diff --git a/tests/turnCache.cpp b/tests/turnCache.cpp
index 4767c64..443e056 100644
--- a/tests/turnCache.cpp
+++ b/tests/turnCache.cpp
@@ -90,10 +90,10 @@ TurnCacheTest::testTurnResolution()
auto cachePath = testDir_ / "cache";
TurnTransportParams turnParams;
- turnParams.domain = "turn.jami.net";
- turnParams.realm = "ring";
- turnParams.username = "ring";
- turnParams.password = "ring";
+ turnParams.domain = "turn.sfl.io";
+ turnParams.realm = "sfl";
+ turnParams.username = "sfl";
+ turnParams.password = "sfl";
auto turnCache = std::make_shared<TurnCache>("dummyAccount",
cachePath.string(),
@@ -129,10 +129,10 @@ TurnCacheTest::testRefreshMultipleTimes()
bool enabled = true;
TurnTransportParams turnParams;
- turnParams.domain = "turn.jami.net";
- turnParams.realm = "ring";
- turnParams.username = "ring";
- turnParams.password = "ring";
+ turnParams.domain = "turn.sfl.io";
+ turnParams.realm = "sfl";
+ turnParams.username = "sfl";
+ turnParams.password = "sfl";
auto turnCache = std::make_shared<TurnCache>("dummyAccount",
cachePath.string(),
diff --git a/tools/benchmark/main.cpp b/tools/benchmark/main.cpp
index ff4ed72..d001fd8 100644
--- a/tools/benchmark/main.cpp
+++ b/tools/benchmark/main.cpp
@@ -60,7 +60,7 @@ setupHandler(const std::string& name,
h->dht = std::make_shared<dht::DhtRunner>();
h->dht->run(dhtConfig, std::move(dhtContext));
h->dht->bootstrap("127.0.0.1:36432");
- //h->dht->bootstrap("bootstrap.jami.net");
+ //h->dht->bootstrap("bootstrap.sfl.io");
auto config = std::make_shared<ConnectionManager::Config>();
config->dht = h->dht;
diff --git a/tools/dhtnet_crtmgr/main.cpp b/tools/dhtnet_crtmgr/main.cpp
index 34e9ab2..bd79b7e 100644
--- a/tools/dhtnet_crtmgr/main.cpp
+++ b/tools/dhtnet_crtmgr/main.cpp
@@ -105,19 +105,19 @@ int create_yaml_config(std::filesystem::path file, std::filesystem::path certifi
std::ofstream yaml_file (file);
if (yaml_file.is_open()) {
yaml_file << "# The bootstrap node serves as the entry point to the DHT network.\n";
- yaml_file << "# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.\n";
+ yaml_file << "# By default, bootstrap.sfl.io is configured for the public DHT network and should be used for personal use only.\n";
yaml_file << "# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.\n";
yaml_file << "# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping\n";
- yaml_file << "bootstrap: \"bootstrap.jami.net\"\n";
+ yaml_file << "bootstrap: \"bootstrap.sfl.io\"\n";
yaml_file << "\n# TURN server is used as a fallback for connections if the NAT block all possible connections.\n";
- yaml_file << "# By default is turn.jami.net (which uses coturn) but can be any TURN.\n";
+ yaml_file << "# By default is turn.sfl.io (which uses coturn) but can be any TURN.\n";
yaml_file << "# Developer must set up their own TURN server.\n";
yaml_file << "# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html\n";
- yaml_file << "turn_host: \"turn.jami.net\"\n";
- yaml_file << "turn_user: \"ring\"\n";
- yaml_file << "turn_pass: \"ring\"\n";
- yaml_file << "turn_realm: \"ring\"\n";
+ yaml_file << "turn_host: \"turn.sfl.io\"\n";
+ yaml_file << "turn_user: \"sfl\"\n";
+ yaml_file << "turn_pass: \"sfl\"\n";
+ yaml_file << "turn_realm: \"sfl\"\n";
yaml_file << "\n# When verbose is set to true, the server logs all incoming connections\n";
yaml_file << "verbose: false\n";
@@ -137,7 +137,7 @@ int create_yaml_config(std::filesystem::path file, std::filesystem::path certifi
} else {
yaml_file << "\n# When anonymous is set to true, the server accepts any connection without checking CA\n";
yaml_file << "# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server\n";
- yaml_file << "anonymous: false\n";
+ yaml_file << "anonymous: true\n";
yaml_file << "\n# List of authorized services\n";
yaml_file << "# Each service is defined by an IP and a port\n";
diff --git a/tools/dnc/dnc.yaml b/tools/dnc/dnc.yaml
index e3dc30b..b445a10 100644
--- a/tools/dnc/dnc.yaml
+++ b/tools/dnc/dnc.yaml
@@ -1,17 +1,17 @@
# The bootstrap node serves as the entry point to the DHT network.
-# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.
+# By default, bootstrap.sfl.io is configured for the public DHT network and should be used for personal use only.
# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.
# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping
-bootstrap: "bootstrap.jami.net"
+bootstrap: "bootstrap.sfl.io"
# TURN server is used as a fallback for connections if the NAT block all possible connections.
-# By default is turn.jami.net (which uses coturn) but can be any TURN.
-# Developer must set up their own TURN server.
+# By default is turn.sfl.io (which uses coturn) but can be any TURN.
+# Developer must set up their own TURN server before going to production, as this one will not scale.
# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html
-turn_host: "turn.jami.net"
-turn_user: "ring"
-turn_pass: "ring"
-turn_realm: "ring"
+turn_host: "turn.sfl.io"
+turn_user: "sfl"
+turn_pass: "sfl"
+turn_realm: "sfl"
# When verbose is set to true, the server logs all incoming connections
verbose: false
@@ -40,7 +40,7 @@ port: 22
# When anonymous is set to true, the server accepts any connection without checking CA
# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server
-anonymous: false
+anonymous: true
# List of authorized services
# Each service is defined by an IP and a port
diff --git a/tools/dsh/dsh.yaml b/tools/dsh/dsh.yaml
index 3241ebf..95b8558 100644
--- a/tools/dsh/dsh.yaml
+++ b/tools/dsh/dsh.yaml
@@ -1,17 +1,17 @@
# The bootstrap node serves as the entry point to the DHT network.
-# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.
+# By default, bootstrap.sfl.io is configured for the public DHT network and should be used for personal use only.
# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.
# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping
-bootstrap: "bootstrap.jami.net"
+bootstrap: "bootstrap.sfl.io"
# TURN server is used as a fallback for connections if the NAT block all possible connections.
-# By default is turn.jami.net (which uses coturn) but can be any TURN.
+# By default is turn.sfl.io (which uses coturn) but can be any TURN.
# Developer must set up their own TURN server.
# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html
-turn_host: "turn.jami.net"
-turn_user: "ring"
-turn_pass: "ring"
-turn_realm: "ring"
+turn_host: "turn.sfl.io"
+turn_user: "sfl"
+turn_pass: "sfl"
+turn_realm: "sfl"
# On server, identities are saved in /etc/dhtnet/id/
# On client, they are generaly saved in ~/.dnc/
@@ -33,5 +33,5 @@ binary: "bash"
# When anonymous is set to true, the server accepts any connection without checking CA
# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server
-anonymous: false
+anonymous: true
diff --git a/tools/dvpn/dvpn.1 b/tools/dvpn/dvpn.1
index 67084de..b7a5452 100644
--- a/tools/dvpn/dvpn.1
+++ b/tools/dvpn/dvpn.1
@@ -30,7 +30,7 @@ Run dvpn in listen mode, allowing the program to accept incoming VPN connections
.TP
.B \-b, \-\-bootstrap \fIADDRESS\fR
-Specify the address of a bootstrap node to connect to an existing DHT network. Default is "bootstrap.jami.net" if not specified.
+Specify the address of a bootstrap node to connect to an existing DHT network. Default is "bootstrap.sfl.io" if not specified.
.TP
.B \-t, \-\-turn_host \fIADDRESS\fR
diff --git a/tools/dvpn/dvpn.yaml b/tools/dvpn/dvpn.yaml
index 7df7f53..d84d809 100644
--- a/tools/dvpn/dvpn.yaml
+++ b/tools/dvpn/dvpn.yaml
@@ -1,17 +1,17 @@
# The bootstrap node serves as the entry point to the DHT network.
-# By default, bootstrap.jami.net is configured for the public DHT network and should be used for personal use only.
+# By default, bootstrap.sfl.io is configured for the public DHT network and should be used for personal use only.
# For production environments, it is recommended to set up your own bootstrap node to establish your own DHT network.
# Documentation: https://docs.jami.net/en_US/user/lan-only.html#boostraping
-bootstrap: "bootstrap.jami.net"
+bootstrap: "bootstrap.sfl.io"
# TURN server is used as a fallback for connections if the NAT block all possible connections.
-# By default is turn.jami.net (which uses coturn) but can be any TURN.
+# By default is turn.sfl.io (which uses coturn) but can be any TURN.
# Developer must set up their own TURN server.
# Documentation: https://docs.jami.net/en_US/developer/going-further/setting-up-your-own-turn-server.html
-turn_host: "turn.jami.net"
-turn_user: "ring"
-turn_pass: "ring"
-turn_realm: "ring"
+turn_host: "turn.sfl.io"
+turn_user: "sfl"
+turn_pass: "sfl"
+turn_realm: "sfl"
# On server, identities are saved in /etc/dhtnet/id/
# On client, they are generaly saved in ~/.dnc/
@@ -25,4 +25,4 @@ turn_realm: "ring"
# When anonymous is set to true, the server accepts any connection without checking CA
# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server
-anonymous: false
\ No newline at end of file
+anonymous: true
\ No newline at end of file
--
GitLab