apps/EasyTier
1
0
Fork 0
mirror of https://github.com/EasyTier/EasyTier.git synced 2025-10-08 10:10:33 +08:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

enable sni for tls client (#691)
Some checks are pending
EasyTier Core / pre_job (push) Waiting to run
Details
EasyTier Core / build (freebsd-13.2-x86_64, 13.2, ubuntu-22.04, x86_64-unknown-freebsd) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-aarch64, ubuntu-22.04, aarch64-unknown-linux-musl) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-arm, ubuntu-22.04, arm-unknown-linux-musleabi) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-armhf, ubuntu-22.04, arm-unknown-linux-musleabihf) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-armv7, ubuntu-22.04, armv7-unknown-linux-musleabi) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-armv7hf, ubuntu-22.04, armv7-unknown-linux-musleabihf) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-mips, ubuntu-22.04, mips-unknown-linux-musl) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-mipsel, ubuntu-22.04, mipsel-unknown-linux-musl) (push) Blocked by required conditions
Details
EasyTier Core / build (linux-x86_64, ubuntu-22.04, x86_64-unknown-linux-musl) (push) Blocked by required conditions
Details
EasyTier Core / build (macos-aarch64, macos-latest, aarch64-apple-darwin) (push) Blocked by required conditions
Details
EasyTier Core / build (macos-x86_64, macos-latest, x86_64-apple-darwin) (push) Blocked by required conditions
Details
EasyTier Core / build (windows-arm64, windows-latest, aarch64-pc-windows-msvc) (push) Blocked by required conditions
Details
EasyTier Core / build (windows-x86_64, windows-latest, x86_64-pc-windows-msvc) (push) Blocked by required conditions
Details
EasyTier Core / core-result (push) Blocked by required conditions
Details
EasyTier GUI / pre_job (push) Waiting to run
Details
EasyTier GUI / build-gui (linux-aarch64, aarch64-unknown-linux-gnu, ubuntu-22.04, aarch64-unknown-linux-musl) (push) Blocked by required conditions
Details
EasyTier GUI / build-gui (linux-x86_64, x86_64-unknown-linux-gnu, ubuntu-22.04, x86_64-unknown-linux-musl) (push) Blocked by required conditions
Details
EasyTier GUI / build-gui (macos-aarch64, aarch64-apple-darwin, macos-latest, aarch64-apple-darwin) (push) Blocked by required conditions
Details
EasyTier GUI / build-gui (macos-x86_64, x86_64-apple-darwin, macos-latest, x86_64-apple-darwin) (push) Blocked by required conditions
Details
EasyTier GUI / build-gui (windows-arm64, aarch64-pc-windows-msvc, windows-latest, aarch64-pc-windows-msvc) (push) Blocked by required conditions
Details
EasyTier GUI / build-gui (windows-x86_64, x86_64-pc-windows-msvc, windows-latest, x86_64-pc-windows-msvc) (push) Blocked by required conditions
Details
EasyTier GUI / gui-result (push) Blocked by required conditions
Details
EasyTier Mobile / pre_job (push) Waiting to run
Details
EasyTier Mobile / build-mobile (android, ubuntu-22.04, android) (push) Blocked by required conditions
Details
EasyTier Mobile / mobile-result (push) Blocked by required conditions
Details
EasyTier Test / pre_job (push) Waiting to run
Details
EasyTier Test / test (push) Blocked by required conditions
Details

Browse Source 
* enable sni for tls client
* update test case
* fix public_ip parse bug
This commit is contained in:
kevin
2025-03-19 01:15:34 +08:00
committed by GitHub
parent 3d1e841cc5
commit 81490d0662
4 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
easytier/src/connector/dns_connector.rs
View File

@@ -242,6 +242,7 @@ mod tests {
let url = "txt://txt.easytier.cn"; let url = "txt://txt.easytier.cn";
let global_ctx = get_mock_global_ctx(); let global_ctx = get_mock_global_ctx();
let mut connector = DNSTunnelConnector::new(url.parse().unwrap(), global_ctx); let mut connector = DNSTunnelConnector::new(url.parse().unwrap(), global_ctx);
connector.set_ip_version(IpVersion::V4);
let ret = connector.connect().await.unwrap(); let ret = connector.connect().await.unwrap();
println!("{:?}", ret.info()); println!("{:?}", ret.info());
} }
@@ -251,6 +252,7 @@ mod tests {
let url = "srv://easytier.cn"; let url = "srv://easytier.cn";
let global_ctx = get_mock_global_ctx(); let global_ctx = get_mock_global_ctx();
let mut connector = DNSTunnelConnector::new(url.parse().unwrap(), global_ctx); let mut connector = DNSTunnelConnector::new(url.parse().unwrap(), global_ctx);
connector.set_ip_version(IpVersion::V4);
let ret = connector.connect().await.unwrap(); let ret = connector.connect().await.unwrap();
println!("{:?}", ret.info()); println!("{:?}", ret.info());
} }

2
easytier/src/connector/udp_hole_punch/sym_to_cone.rs
View File

@@ -434,7 +434,7 @@ impl PunchSymToConeHoleClient {
let public_ips: Vec<Ipv4Addr> = stun_info let public_ips: Vec<Ipv4Addr> = stun_info
.public_ip .public_ip
.iter() .iter()
.map(|x| x.parse().unwrap()) .filter_map(|x| x.parse().ok())
.collect(); .collect();
if public_ips.is_empty() { if public_ips.is_empty() {
return Err(anyhow::anyhow!("failed to get public ips")); return Err(anyhow::anyhow!("failed to get public ips"));

2
easytier/src/tunnel/insecure_tls.rs
View File

@@ -70,7 +70,7 @@ pub fn get_insecure_tls_client_config() -> rustls::ClientConfig {
.dangerous() .dangerous()
.with_custom_certificate_verifier(SkipServerVerification::new(provider.clone())) .with_custom_certificate_verifier(SkipServerVerification::new(provider.clone()))
.with_no_client_auth(); .with_no_client_auth();
config.enable_sni = false; config.enable_sni = true;
config.enable_early_data = false; config.enable_early_data = false;
config config
} }

11
easytier/src/tunnel/websocket.rs
View File

@@ -183,6 +183,7 @@ impl WSTunnelConnector {
) -> Result<Box<dyn Tunnel>, TunnelError> { ) -> Result<Box<dyn Tunnel>, TunnelError> {
let is_wss = is_wss(&addr)?; let is_wss = is_wss(&addr)?;
let socket_addr = SocketAddr::from_url(addr.clone(), ip_version)?; let socket_addr = SocketAddr::from_url(addr.clone(), ip_version)?;
let domain = addr.domain();
let host = socket_addr.ip(); let host = socket_addr.ip();
let stream = tcp_socket.connect(socket_addr).await?; let stream = tcp_socket.connect(socket_addr).await?;
@@ -203,8 +204,16 @@ impl WSTunnelConnector {
init_crypto_provider(); init_crypto_provider();
let tls_conn = let tls_conn =
tokio_rustls::TlsConnector::from(Arc::new(get_insecure_tls_client_config())); tokio_rustls::TlsConnector::from(Arc::new(get_insecure_tls_client_config()));
let domain_or_ip = match domain {
None => {
host.to_string()
}
Some(domain) => {
domain.to_string()
}
};
let stream = tls_conn let stream = tls_conn
.connect(host.to_string().try_into().unwrap(), stream) .connect(domain_or_ip.try_into().unwrap(), stream)
.await?; .await?;
MaybeTlsStream::Rustls(stream) MaybeTlsStream::Rustls(stream)
} else { } else {