feat(iroh,iroh-relay): Enable proxying and test-utils support for websockets, allow configuring websockets in endpoint::Builder (#3217)

## Description

- Make connecting to relays via websockets the default code path
- Enable using HTTPS proxies when dialing a relay with websockets
- Abstract away the proxied TLS stream establishment in
`MaybeTlsStreamBuilder` (rename `connect_relay.rs` to `tls.rs`)
- Enable reusing `MaybeTlsStream` by making it generic over the plain
stream (can be either `TcpStream` or `ProxyStream` now)
- Switch from `tokio-tungstenite` to `tokio-websockets` (has
`bytes::Bytes` support, great maintenance & performance)
- Switch from `tokio-tungstenite-wasm` to `ws_stream_wasm` (no need to
pay for tungstenite dependency)
- Added `iroh::endpoint::Builder::relay_conn_protocol` that allows
setting the relay protocol to websockets
- Re-exporting `iroh_relay::http::Protocol` as `iroh::RelayProtocol`

## Breaking Changes

- iroh-relay: Minor change in the `From` impls for `ConnSendError` due
to changing the underlying library

## Notes & open questions

We're not switching the default to websockets yet, the reason being we
want to use the opportunity of that switch to update to a new relay
protocol.

## Change checklist

- [x] Self-review.
- [x] Documentation updates following the [style
guide](https://rust-lang.github.io/rfcs/1574-more-api-documentation-conventions.html#appendix-a-full-conventions-text),
if relevant.
- [x] All breaking changes documented.
- [x] List all breaking changes in the above "Breaking Changes" section.

Author: matheus23

Cargo.lock

@@ -14,6 +14,7 @@ allow = [
     "Zlib",
     "MPL-2.0",                        # https://fossa.com/blog/open-source-software-licenses-101-mozilla-public-license-2-0/
     "Unicode-3.0",
+    "Unlicense",                      # https://unlicense.org/
 ]
 
 

deny.toml

@@ -64,7 +64,7 @@ tokio-rustls = { version = "0.26", default-features = false, features = [
     "logging",
     "ring",
 ] }
-tokio-tungstenite-wasm = "0.4"
+sha1 = "0.10.6"
 tokio-util = { version = "0.7", features = ["io-util", "io", "codec", "rt"] }
 tracing = "0.1"
 url = { version = "2.5", features = ["serde"] }
@@ -87,7 +87,7 @@ rustls-cert-file-reader = { version = "0.4.1", optional = true }
 rustls-pemfile = { version = "2.1", optional = true }
 time = { version = "0.3.37", optional = true }
 tokio-rustls-acme = { version = "0.6", optional = true }
-tokio-tungstenite = { version = "0.24", default-features = false, optional = true } # keep version in sync with what tokio-tungstenite-wasm depends on
+tokio-websockets = { version = "0.11.3", features = ["rustls-bring-your-own-connector", "ring", "getrandom", "rand", "server"], optional = true } # server-side websocket implementation
 toml = { version = "0.8", optional = true }
 tracing-subscriber = { version = "0.3", features = [
     "env-filter",
@@ -107,6 +107,11 @@ tokio = { version = "1", features = [
     "signal",
     "process",
 ] }
+tokio-websockets = { version = "0.11.3", features = ["rustls-bring-your-own-connector", "ring", "getrandom", "rand", "client"] }
+
+# wasm-in-browser dependencies
+[target.'cfg(all(target_family = "wasm", target_os = "unknown"))'.dependencies]
+ws_stream_wasm = { version = "0.7.4", default-features = false }
 
 [dev-dependencies]
 clap = { version = "4", features = ["derive"] }
@@ -146,7 +151,7 @@ server = [
     "dep:rustls-pemfile",
     "dep:time",
     "dep:tokio-rustls-acme",
-    "dep:tokio-tungstenite",
+    "dep:tokio-websockets",
     "dep:toml",
     "dep:tracing-subscriber",
     "quinn/log",

iroh-relay/Cargo.toml

@@ -31,10 +31,10 @@ use crate::{
 
 pub(crate) mod conn;
 #[cfg(not(wasm_browser))]
-mod connect_relay;
-#[cfg(not(wasm_browser))]
 pub(crate) mod streams;
 #[cfg(not(wasm_browser))]
+mod tls;
+#[cfg(not(wasm_browser))]
 mod util;
 
 /// Build a Client.
@@ -140,12 +140,18 @@ impl ClientBuilder {
     /// Establishes a new connection to the relay server.
     pub async fn connect(&self) -> Result<Client> {
         let (conn, local_addr) = match self.protocol {
+            #[cfg(wasm_browser)]
             Protocol::Websocket => {
                 let conn = self.connect_ws().await?;
                 let local_addr = None;
                 (conn, local_addr)
             }
             #[cfg(not(wasm_browser))]
+            Protocol::Websocket => {
+                let (conn, local_addr) = self.connect_ws().await?;
+                (conn, Some(local_addr))
+            }
+            #[cfg(not(wasm_browser))]
             Protocol::Relay => {
                 let (conn, local_addr) = self.connect_relay().await?;
                 (conn, Some(local_addr))
@@ -167,31 +173,27 @@ impl ClientBuilder {
         Ok(Client { conn, local_addr })
     }
 
+    #[cfg(wasm_browser)]
     async fn connect_ws(&self) -> Result<Conn> {
         let mut dial_url = (*self.url).clone();
         dial_url.set_path(RELAY_PATH);
         // The relay URL is exchanged with the http(s) scheme in tickets and similar.
         // We need to use the ws:// or wss:// schemes when connecting with websockets, though.
         dial_url
-            .set_scheme(if self.use_tls() { "wss" } else { "ws" })
+            .set_scheme(match self.url.scheme() {
+                "http" => "ws",
+                "ws" => "ws",
+                _ => "wss",
+            })
             .map_err(|()| anyhow!("Invalid URL"))?;
 
         debug!(%dial_url, "Dialing relay by websocket");
 
-        let conn = tokio_tungstenite_wasm::connect(dial_url).await?;
-        let conn = Conn::new_ws(conn, self.key_cache.clone(), &self.secret_key).await?;
+        let (_, ws_stream) = ws_stream_wasm::WsMeta::connect(dial_url.as_str(), None).await?;
+        let conn =
+            Conn::new_ws_browser(ws_stream, self.key_cache.clone(), &self.secret_key).await?;
         Ok(conn)
     }
-
-    fn use_tls(&self) -> bool {
-        // only disable tls if we are explicitly dialing a http url
-        #[allow(clippy::match_like_matches_macro)]
-        match self.url.scheme() {
-            "http" => false,
-            "ws" => false,
-            _ => true,
-        }
-    }
 }
 
 /// A relay client.