manawenuz/wz-phone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(ui): birthday attack toggle in settings (default off)
Some checks failed
Mirror to GitHub / mirror (push) Failing after 22s
Details
Build Release Binaries / build-amd64 (push) Failing after 3m36s
Details

Browse Source 
New setting: "Birthday attack (opens extra ports for hard NAT)"
- Default: OFF — no extra latency on call setup
- When ON: waits up to 3s for peer's birthday ports if peer has
  non-cone NAT, adds them to the dial race

Gated end-to-end: Settings → localStorage → JS invoke →
Rust connect param → birthday wait + target injection.
LAN/cone calls unaffected regardless of setting.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Siavash Sameni
2026-04-14 16:54:22 +04:00
parent 8c360186df
commit 488efcb614
3 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
desktop/index.html
View File

@@ -191,6 +191,10 @@
<input id="s-direct-only" type="checkbox" /> <input id="s-direct-only" type="checkbox" />
Direct-only mode (no relay fallback — fails if P2P can't connect) Direct-only mode (no relay fallback — fails if P2P can't connect)
</label> </label>
<label class="checkbox">
<input id="s-birthday-attack" type="checkbox" />
Birthday attack (opens extra ports for hard NAT — adds ~3s to setup)
</label>
</div> </div>
<div class="settings-section" id="s-call-debug-section" style="display:none"> <div class="settings-section" id="s-call-debug-section" style="display:none">
<h3>Call Debug Log</h3> <h3>Call Debug Log</h3>

7
desktop/src-tauri/src/lib.rs
View File

@@ -337,8 +337,12 @@ async fn connect(
// fails if direct P2P doesn't connect. Useful for testing NAT // fails if direct P2P doesn't connect. Useful for testing NAT
// traversal without the relay masking failures. // traversal without the relay masking failures.
direct_only: Option<bool>, direct_only: Option<bool>,
// Enable birthday attack for hard NAT traversal. Adds ~3s to
// call setup when peer has symmetric NAT.
birthday_attack: Option<bool>,
) -> Result<String, String> { ) -> Result<String, String> {
let force_direct = direct_only.unwrap_or(false); let force_direct = direct_only.unwrap_or(false);
let enable_birthday = birthday_attack.unwrap_or(false);
emit_call_debug(&app, "connect:start", serde_json::json!({ emit_call_debug(&app, "connect:start", serde_json::json!({
"relay": relay, "relay": relay,
"room": room, "room": room,
@@ -346,6 +350,7 @@ async fn connect(
"peer_local_addrs": peer_local_addrs, "peer_local_addrs": peer_local_addrs,
"peer_mapped_addr": peer_mapped_addr, "peer_mapped_addr": peer_mapped_addr,
"direct_only": force_direct, "direct_only": force_direct,
"birthday_attack": enable_birthday,
})); }));
let mut engine_lock = state.engine.lock().await; let mut engine_lock = state.engine.lock().await;
if engine_lock.is_some() { if engine_lock.is_some() {
@@ -450,7 +455,7 @@ async fn connect(
// the race immediately — LAN/cone calls shouldn't wait. // the race immediately — LAN/cone calls shouldn't wait.
let mut birthday_addrs: Vec<std::net::SocketAddr> = Vec::new(); let mut birthday_addrs: Vec<std::net::SocketAddr> = Vec::new();
{ {
let peer_needs_birthday = { let peer_needs_birthday = enable_birthday && {
let sig = state.signal.lock().await; let sig = state.signal.lock().await;
sig.peer_hard_nat_probe.as_ref() sig.peer_hard_nat_probe.as_ref()
.map(|p| p.allocation != "port-preserving") .map(|p| p.allocation != "port-preserving")

8
desktop/src/main.ts
View File

@@ -209,6 +209,7 @@ const sOsAec = document.getElementById("s-os-aec") as HTMLInputElement;
const sDredDebug = document.getElementById("s-dred-debug") as HTMLInputElement; const sDredDebug = document.getElementById("s-dred-debug") as HTMLInputElement;
const sCallDebug = document.getElementById("s-call-debug") as HTMLInputElement; const sCallDebug = document.getElementById("s-call-debug") as HTMLInputElement;
const sDirectOnly = document.getElementById("s-direct-only") as HTMLInputElement; const sDirectOnly = document.getElementById("s-direct-only") as HTMLInputElement;
const sBirthdayAttack = document.getElementById("s-birthday-attack") as HTMLInputElement;
const sCallDebugSection = document.getElementById("s-call-debug-section") as HTMLDivElement; const sCallDebugSection = document.getElementById("s-call-debug-section") as HTMLDivElement;
const sCallDebugLogEl = document.getElementById("s-call-debug-log") as HTMLDivElement; const sCallDebugLogEl = document.getElementById("s-call-debug-log") as HTMLDivElement;
const sCallDebugClearBtn = document.getElementById("s-call-debug-clear") as HTMLButtonElement; const sCallDebugClearBtn = document.getElementById("s-call-debug-clear") as HTMLButtonElement;
@@ -291,6 +292,9 @@ interface Settings {
/// Debug: skip relay fallback on direct calls — fail if P2P /// Debug: skip relay fallback on direct calls — fail if P2P
/// doesn't connect. Useful for testing NAT traversal. /// doesn't connect. Useful for testing NAT traversal.
directOnly: boolean; directOnly: boolean;
/// Enable birthday attack for hard NAT traversal. Adds ~3s to
/// call setup when peer has symmetric NAT. Off by default.
birthdayAttack: boolean;
} }
function loadSettings(): Settings { function loadSettings(): Settings {
@@ -306,6 +310,7 @@ function loadSettings(): Settings {
dredDebugLogs: false, dredDebugLogs: false,
callDebugLogs: false, callDebugLogs: false,
directOnly: false, directOnly: false,
birthdayAttack: false,
}; };
try { try {
const raw = localStorage.getItem("wzp-settings"); const raw = localStorage.getItem("wzp-settings");
@@ -1181,6 +1186,7 @@ function openSettings() {
sDredDebug.checked = !!s.dredDebugLogs; sDredDebug.checked = !!s.dredDebugLogs;
sCallDebug.checked = !!s.callDebugLogs; sCallDebug.checked = !!s.callDebugLogs;
sDirectOnly.checked = !!s.directOnly; sDirectOnly.checked = !!s.directOnly;
sBirthdayAttack.checked = !!s.birthdayAttack;
// Show the debug-log panel only when the user has the flag on — // Show the debug-log panel only when the user has the flag on —
// keeps the settings panel short in normal use. // keeps the settings panel short in normal use.
sCallDebugSection.style.display = s.callDebugLogs ? "" : "none"; sCallDebugSection.style.display = s.callDebugLogs ? "" : "none";
@@ -1344,6 +1350,7 @@ settingsSave.addEventListener("click", () => {
s.dredDebugLogs = sDredDebug.checked; s.dredDebugLogs = sDredDebug.checked;
s.callDebugLogs = sCallDebug.checked; s.callDebugLogs = sCallDebug.checked;
s.directOnly = sDirectOnly.checked; s.directOnly = sDirectOnly.checked;
s.birthdayAttack = sBirthdayAttack.checked;
saveSettingsObj(s); saveSettingsObj(s);
// Push the new flags to the Rust side immediately so the next // Push the new flags to the Rust side immediately so the next
// frame / call already honors them without waiting for a restart. // frame / call already honors them without waiting for a restart.
@@ -1700,6 +1707,7 @@ listen("signal-event", (event: any) => {
peerLocalAddrs: data.peer_local_addrs ?? [], peerLocalAddrs: data.peer_local_addrs ?? [],
peerMappedAddr: data.peer_mapped_addr ?? null, peerMappedAddr: data.peer_mapped_addr ?? null,
directOnly: loadSettings().directOnly || false, directOnly: loadSettings().directOnly || false,
birthdayAttack: loadSettings().birthdayAttack || false,
}); });
showCallScreen(); showCallScreen();
} catch (e: any) { } catch (e: any) {