-
-
Notifications
You must be signed in to change notification settings - Fork 322
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Server does not validate that offer_id is 20 bytes #525
Comments
Hi @minwidth0px, From what I understand, Aquatic (which powers https://tracker.webtorrent.dev) is a lot more strict with parsing messages. The error you are getting is due to the incoming message failing to be parsed as either an announcement message or a scrape request as they are parsed here. In your example, your offer has an The I hope this helps explain what you're seeing. |
@SilentBot1 Thanks! Confirmed that setting the offer_id length to 20 allows it to work. Honestly I should have tried that earlier being that everything else needs to have length 20. I guess the next question is, is this a bug in Aquatic or bittorrent-tracker? It's somewhat of a meaningless question since there is no spec, but ideally these implementations should be the same, right? There isn't really an analog to offer_id in the bittorent protocol. |
its not a bug, since there's no specification to follow |
The bittorrent-tracker client will always generate a 20 byte offer_id, as seen here. The other trackers assume this is always the case, where as bittorrent-tracker doesn't, solely as there is no standard as to what the size of the field should be outside of the reference implementation here. |
If bittorrent-tracker generates a 20 byte offer, we should probably add a check for that, right? Thinking about it logically, we should want the offer_id to be guaranteed to have high entropy as they should be randomly generated and we don't want collisions. So while not technically a bug. we should probably add a check for this in bittorrent-tracker server. |
Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward? |
What version of this package are you using?
latest (11.1.1 according to package.json)
What operating system, Node.js, and npm version?
windows, v22.4.0, 10.8.1
What happened?
I ran the following client code on a local server which worked, but did not work on wss://tracker.webtorrent.dev. The code tries to send an offer from peer 1 to peer 2 and peer 2 to peer 1 using websockets.
What did you expect to happen?
I expected the code to either work in the local server and the public tracker or in none, Since it fails on both wss://tracker.openwebtorrent.com and wss://tracker.webtorrent.dev that implies that it is a bug in the server implementation.
Are you willing to submit a pull request to fix this bug?
Yes
I installed the server via
npm install -g bittorrent-tracker
and ranbittorrent-tracker
in console. I receive the following logs when running:wss://tracker.webtorrent.dev:
local server, wss://tracker.openwebtorrent.com, wss://tracker.files.fm:7073
wss://tracker.openwebtorrent.com sometimes does not send peer 1's offer to peer 2.
I think there should be better error messages for this case in the bittorrent-tracker server if it is not a bug and is intended.
Also, I would greatly appreciate if someone could help me write some code that actually works for tracker.webtorrent.dev (without using any dependencies on the client side). If you could give me some pointers on how the basic signaling works that would really help me. Right now I'm just trying to get the signaling to work. I already know how WebRTC in general works and have used it before (generate SDP offer and ICE candidates on peer A, send them to peer B, generate SDP answer and ICE candidates from peer B, send them to A). I'm just not sure how I can send these messages within the webtorrent protocol. Since there is no BEP it's hard to understand if this is a bug or not, or if this is just something tracker.webtorrent.dev is doing but is not part of the specification. The reference implementation is a bit hard to follow and I ended up having to run the server and client and print the messages to console to understand what is going on, and even then my implementation seems to not be fully correct, as it's not working for tracker.webtorrent.dev. In an earlier version of this post I still did not have wss://tracker.openwebtorrent.com working.
The text was updated successfully, but these errors were encountered: