Currently, the RTC configuration can only be set at the time of construction of the WebRTCTransport. While this is typically fine for STUN servers and the like, TURN servers often have credentials which are limited in their lifetime. For libp2p peers which are long lived, the peer (and thus the Transport instance) may outlive the validity of the TURN credential.
Since the initially provided credential is used each time the 'dial' method is called on the transport, eventually the Transport will not be able to request TURN candidates.
Steps to reproduce the error:
1) Leverage any common TURN service such as Twilio, Cloudflare, Metered.ca, etc
2) Request a credential with a short lifetime (eg 180 seconds)
3) Create a libp2p instance with a WebRTCTransport including the provided TURN credentials
4) Observe that TURN cadidates are no longer available after the libp2p instance lifetime exceeds the credential lifetime
Version: "libp2p": "^1.2.4", "@libp2p/webrtc": "^4.0.22",
Platform:
Linux master 6.8.6-arch1-1 #1 SMP PREEMPT_DYNAMIC Sat, 13 Apr 2024 14:42:24 +0000 x86_64 GNU/LinuxSubsystem: WebRTCTransport
Severity:
Medium
Description:
Currently, the RTC configuration can only be set at the time of construction of the WebRTCTransport. While this is typically fine for STUN servers and the like, TURN servers often have credentials which are limited in their lifetime. For libp2p peers which are long lived, the peer (and thus the Transport instance) may outlive the validity of the TURN credential.
Since the initially provided credential is used each time the 'dial' method is called on the transport, eventually the Transport will not be able to request TURN candidates.
Steps to reproduce the error:
1) Leverage any common TURN service such as Twilio, Cloudflare, Metered.ca, etc 2) Request a credential with a short lifetime (eg 180 seconds) 3) Create a libp2p instance with a WebRTCTransport including the provided TURN credentials 4) Observe that TURN cadidates are no longer available after the libp2p instance lifetime exceeds the credential lifetime