netstack,socks5: update

celzero · Oct 4, 2024 · cd8fae9 · cd8fae9
1 parent a584cb6
commit cd8fae9
Show file tree

Hide file tree

Showing 5 changed files with 40 additions and 23 deletions.
diff --git a/intra/ipn/proxies.go b/intra/ipn/proxies.go
@@ -59,6 +59,7 @@ var (
  errGetProxyTimeout = errors.New("get proxy timeout")
  errMissingProxyOpt = errors.New("proxyopts nil")
  errNoProxyConn = errors.New("not a tcp/udp proxy conn")
+ errNotUDPConn = errors.New("proxy: not a udp conn")
  errAnnounceNotSupported = errors.New("announce not supported")
  errProbeNotSupported = errors.New("probe not supported")
  errProxyStopped = errors.New("proxy stopped")

diff --git a/intra/ipn/socks5.go b/intra/ipn/socks5.go
@@ -52,43 +52,60 @@ var _ net.Conn = (*socks5udpconn)(nil)
 
 func (c *socks5tcpconn) CloseRead() error {
  if c.Client != nil && c.Client.TCPConn != nil {
- return c.Client.TCPConn.CloseRead()
+ core.CloseOp(c.Client.TCPConn, core.CopR)
+ return nil
  }
  return errNoProxyConn
 }
 
 func (c *socks5tcpconn) CloseWrite() error {
  if c.Client != nil && c.Client.TCPConn != nil {
- return c.Client.TCPConn.CloseWrite()
+ core.CloseOp(c.Client.TCPConn, core.CopW)
+ return nil
  }
  return errNoProxyConn
 }
 
 // WriteFrom writes b to TUN using addr as the source.
 func (c *socks5udpconn) WriteTo(b []byte, addr net.Addr) (n int, err error) {
  if c.Client != nil && c.Client.UDPConn != nil {
- return c.Client.UDPConn.WriteTo(b, addr)
+ if uconn, ok := c.Client.UDPConn.(*net.UDPConn); ok {
+ return uconn.WriteTo(b, addr)
+ }
+ return c.Client.UDPConn.Write(b)
  }
  return 0, errNoProxyConn
 }
 
 // ReceiveTo is incoming TUN packet b to be sent to addr.
 func (c *socks5udpconn) ReadFrom(b []byte) (n int, addr net.Addr, err error) {
  if c.Client != nil && c.Client.UDPConn != nil {
- return c.Client.UDPConn.ReadFrom(b)
+ if uconn, ok := c.Client.UDPConn.(*net.UDPConn); ok {
+ return uconn.ReadFrom(b)
+ }
+ return 0, nil, errNotUDPConn
  }
  return 0, nil, errNoProxyConn
 }
 
 func NewSocks5Proxy(id string, ctl protect.Controller, po *settings.ProxyOptions) (*socks5, error) {
+ tx.Debug = settings.Debug
+
  var err error
  if po == nil {
  log.W("proxy: err setting up socks5(%v): %v", po, err)
  return nil, errMissingProxyOpt
  }
 
  // always with a network namespace aware dialer
- tx.Dial = protect.MakeNsRDial(id, ctl)
+ dialer := protect.MakeNsRDial(id, ctl)
+ // todo: support connecting from src
+ tx.DialTCP = func(n string, _, d string) (net.Conn, error) {
+ return dialer.Dial(n, d)
+ }
+ tx.DialUDP = func(n string, _, d string) (net.Conn, error) {
+ return dialer.Dial(n, d)
+ }
 
  portnumber, _ := strconv.Atoi(po.Port)
  mh := multihost.New(id)

diff --git a/intra/netstack/netstack.go b/intra/netstack/netstack.go
@@ -80,16 +80,6 @@ func LogPcap(y bool) (ok bool) {
  return
 }
 
-func FilePcap(y bool) (ok bool) {
- if y {
- ok = sniffer.LogPacketsToPCAP.CompareAndSwap(0, 1)
- } else {
- ok = sniffer.LogPacketsToPCAP.CompareAndSwap(1, 0)
- }
- log.I("netstack: pcap sink?(%t); done?(%t)", y, ok)
- return
-}
-
 // ref: github.com/brewlin/net-protocol/blob/ec64e5f899/internal/endpoint/endpoint.go#L20
 func Up(s *stack.Stack, ep stack.LinkEndpoint, h GConnHandler) (tcpip.NICID, error) {
  nic := tcpip.NICID(settings.NICID)

diff --git a/intra/rnet/socks5.go b/intra/rnet/socks5.go
@@ -56,10 +56,13 @@ func newSocks5Server(id, x string, ctl protect.Controller, listener ServerListen
  var pwd string
 
  rdial := protect.MakeNsRDial(id, ctl)
- if _, ok := tx.Dial.(*protect.RDial); !ok {
- tx.Dial = rdial // overridden by h.Hop; conflicts with ipn/socks5
- } else {
- log.W("svcsocks5: new %s; tx.Dial already set", id)
+ // tx.DialTCP and tx.DialUDP may already been set by ipn.sock5
+ tx.DialTCP = func(n string, _, d string) (net.Conn, error) {
+ return rdial.Dial(n, d)
+ }
+ // todo: support connecting from src
+ tx.DialUDP = func(n string, _, d string) (net.Conn, error) {
+ return rdial.Dial(n, d)
  }
 
  u, err := url.Parse(x)
@@ -116,11 +119,18 @@ func (h *socks5) Hop(p x.Proxy) error {
  return nil
 }
 
-func (h *socks5) swap(d *protect.RDial) {
+func (h *socks5) swap(rd *protect.RDial) {
  h.Lock()
  defer h.Unlock()
- // todo: reads are not synchronized!
- tx.Dial = d
+ // todo: var tx.DialTCP/tx.DialUDP (reads) not synchronized
+ // tx.DialTCP and tx.DialUDP may already been set by ipn.sock5
+ tx.DialTCP = func(n string, _, d string) (net.Conn, error) {
+ return rd.Dial(n, d)
+ }
+ // todo: support connecting from src
+ tx.DialUDP = func(n string, _, d string) (net.Conn, error) {
+ return rd.Dial(n, d)
+ }
 }
 
 func (h *socks5) Start() error {

diff --git a/tunnel/tunnel.go b/tunnel/tunnel.go
@@ -168,7 +168,6 @@ func (p *pcapsink) file(f io.WriteCloser) (err error) {
  err = p.begin(f) // write pcap header before any packets
  log.I("tun: pcap: begin: writeHeader; err(%v)", err)
  }
- netstack.FilePcap(y) // signal netstack to write packets
  return
 }