package/tun2socks
1
0
Fork 0
mirror of https://github.com/xjasonlyu/tun2socks.git synced 2025-10-09 02:30:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

update gVisor

Browse Source 
ref: 8c0701462a
This commit is contained in:
xjasonlyu
2020-11-07 15:19:48 +08:00
parent 38272319ee
commit f3ae66ec62
4 changed files with 36 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
go.mod
View File

@@ -15,8 +15,8 @@ require (
github.com/xjasonlyu/clash v0.15.1-0.20201105074459-aa45c8b56cf6 github.com/xjasonlyu/clash v0.15.1-0.20201105074459-aa45c8b56cf6
go.uber.org/atomic v1.7.0 go.uber.org/atomic v1.7.0
golang.org/x/net v0.0.0-20201031054903-ff519b6c9102 // indirect golang.org/x/net v0.0.0-20201031054903-ff519b6c9102 // indirect
golang.org/x/sys v0.0.0-20201101102859-da207088b7d1 // indirect golang.org/x/sys v0.0.0-20201106081118-db71ae66460a // indirect
golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 // indirect gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 // indirect
gvisor.dev/gvisor v0.0.0-20201105065002-ab9a79fe812a gvisor.dev/gvisor v0.0.0-20201107070040-22fc22ad6ef7
) )

8
go.sum
View File

@@ -336,8 +336,8 @@ golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 h1:HlFl4V6pEMziuLXyRkm5BIYq1y1GAbb02pRlWvI54OM= golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 h1:HlFl4V6pEMziuLXyRkm5BIYq1y1GAbb02pRlWvI54OM=
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201029080932-201ba4db2418/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201101102859-da207088b7d1 h1:a/mKvvZr9Jcc8oKfcmgzyp7OwF73JPWsQLvH1z2Kxck= golang.org/x/sys v0.0.0-20201106081118-db71ae66460a h1:ALUFBKlIyeY7y5ZgPJmblk/vKz+zBQSnNiPkt41sgeg=
golang.org/x/sys v0.0.0-20201101102859-da207088b7d1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201106081118-db71ae66460a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -432,8 +432,8 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
gvisor.dev/gvisor v0.0.0-20201105065002-ab9a79fe812a h1:io3nR9e7V26iORClxbTxnrNBhxAvdvgMKU8E+at6idc= gvisor.dev/gvisor v0.0.0-20201107070040-22fc22ad6ef7 h1:JKZNg4wnh94dWyhXSNOQ4jkliNbcRJt1Vs5NPyMOo48=
gvisor.dev/gvisor v0.0.0-20201105065002-ab9a79fe812a/go.mod h1:t4GUXJhnQEPtYSvrvRNW5CNdBQ2oWZBy7P+FbCVKBFY= gvisor.dev/gvisor v0.0.0-20201107070040-22fc22ad6ef7/go.mod h1:t4GUXJhnQEPtYSvrvRNW5CNdBQ2oWZBy7P+FbCVKBFY=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

11
internal/core/stack.go
View File

@@ -77,6 +77,17 @@ func NewDefaultStack(linkEp stack.LinkEndpoint, th tcpHandleFunc, uh udpHandleFu
// Ref: https://github.com/majek/slirpnetstack/blob/master/stack.go // Ref: https://github.com/majek/slirpnetstack/blob/master/stack.go
WithPromiscuousMode(defaultNICID, nicPromiscuousModeEnabled), WithPromiscuousMode(defaultNICID, nicPromiscuousModeEnabled),
// Enable spoofing if a stack may send packets from unowned addresses.
// This change required changes to some netgophers since previously,
// promiscuous mode was enough to let the netstack respond to all
// incoming packets regardless of the packet's destination address. Now
// that a stack.Route is not held for each incoming packet, finding a route
// may fail with local addresses we don't own but accepted packets for
// while in promiscuous mode. Since we also want to be able to send from
// any address (in response the received promiscuous mode packets), we need
// to enable spoofing.
//
// Ref: https://github.com/google/gvisor/commit/8c0701462a84ff77e602f1626aec49479c308127
WithSpoofing(defaultNICID, nicSpoofingEnabled), WithSpoofing(defaultNICID, nicSpoofingEnabled),
) )
} }

30
internal/core/udp.go
View File

@@ -11,6 +11,7 @@ import (
"gvisor.dev/gvisor/pkg/tcpip/transport/udp" "gvisor.dev/gvisor/pkg/tcpip/transport/udp"
"github.com/xjasonlyu/tun2socks/internal/adapter" "github.com/xjasonlyu/tun2socks/internal/adapter"
"github.com/xjasonlyu/tun2socks/pkg/log"
) )
const udpNoChecksum = true const udpNoChecksum = true
@@ -19,16 +20,16 @@ type udpHandleFunc func(adapter.UDPPacket)
func WithUDPHandler(handle udpHandleFunc) Option { func WithUDPHandler(handle udpHandleFunc) Option {
return func(s *stack.Stack) error { return func(s *stack.Stack) error {
udpHandlePacket := func(r *stack.Route, id stack.TransportEndpointID, pkt *stack.PacketBuffer) bool { udpHandlePacket := func(id stack.TransportEndpointID, pkt *stack.PacketBuffer) bool {
// Ref: gVisor pkg/tcpip/transport/udp/endpoint.go HandlePacket // Ref: gVisor pkg/tcpip/transport/udp/endpoint.go HandlePacket
hdr := header.UDP(pkt.TransportHeader().View()) udpHdr := header.UDP(pkt.TransportHeader().View())
if int(hdr.Length()) > pkt.Data.Size()+header.UDPMinimumSize { if int(udpHdr.Length()) > pkt.Data.Size()+header.UDPMinimumSize {
// Malformed packet. // Malformed packet.
s.Stats().UDP.MalformedPacketsReceived.Increment() s.Stats().UDP.MalformedPacketsReceived.Increment()
return true return true
} }
if !verifyChecksum(r, hdr, pkt) { if !verifyChecksum(udpHdr, pkt) {
// Checksum error. // Checksum error.
s.Stats().UDP.ChecksumErrors.Increment() s.Stats().UDP.ChecksumErrors.Increment()
return true return true
@@ -36,8 +37,14 @@ func WithUDPHandler(handle udpHandleFunc) Option {
s.Stats().UDP.PacketsReceived.Increment() s.Stats().UDP.PacketsReceived.Increment()
// make a clone here. netHdr := pkt.Network()
route := r.Clone() route, err := s.FindRoute(pkt.NICID, netHdr.DestinationAddress(), netHdr.SourceAddress(), pkt.NetworkProtocolNumber, false /* multicastLoop */)
if err != nil {
log.Warnf("[STACK] find route error: %v", err)
return true
}
route.ResolveWith(pkt.SourceLinkAddress())
packet := &udpPacket{ packet := &udpPacket{
id: id, id: id,
r: &route, r: &route,
@@ -138,7 +145,7 @@ func sendUDP(r *stack.Route, data buffer.VectorisedView, localPort, remotePort u
// On IPv4, UDP checksum is optional, and a zero value indicates the // On IPv4, UDP checksum is optional, and a zero value indicates the
// transmitter skipped the checksum generation (RFC768). // transmitter skipped the checksum generation (RFC768).
// On IPv6, UDP checksum is not optional (RFC2460 Section 8.1). // On IPv6, UDP checksum is not optional (RFC2460 Section 8.1).
if r.Capabilities()&stack.CapabilityTXChecksumOffload == 0 && if r.RequiresTXTransportChecksum() &&
(!noChecksum || r.NetProto == header.IPv6ProtocolNumber) { (!noChecksum || r.NetProto == header.IPv6ProtocolNumber) {
xsum := r.PseudoHeaderChecksum(udp.ProtocolNumber, length) xsum := r.PseudoHeaderChecksum(udp.ProtocolNumber, length)
for _, v := range data.Views() { for _, v := range data.Views() {
@@ -166,10 +173,11 @@ func sendUDP(r *stack.Route, data buffer.VectorisedView, localPort, remotePort u
// On IPv4, UDP checksum is optional, and a zero value means the transmitter // On IPv4, UDP checksum is optional, and a zero value means the transmitter
// omitted the checksum generation (RFC768). // omitted the checksum generation (RFC768).
// On IPv6, UDP checksum is not optional (RFC2460 Section 8.1). // On IPv6, UDP checksum is not optional (RFC2460 Section 8.1).
func verifyChecksum(r *stack.Route, hdr header.UDP, pkt *stack.PacketBuffer) bool { func verifyChecksum(hdr header.UDP, pkt *stack.PacketBuffer) bool {
if r.Capabilities()&stack.CapabilityRXChecksumOffload == 0 && if !pkt.RXTransportChecksumValidated &&
(hdr.Checksum() != 0 || r.NetProto == header.IPv6ProtocolNumber) { (hdr.Checksum() != 0 || pkt.NetworkProtocolNumber == header.IPv6ProtocolNumber) {
xsum := r.PseudoHeaderChecksum(udp.ProtocolNumber, hdr.Length()) netHdr := pkt.Network()
xsum := header.PseudoHeaderChecksum(udp.ProtocolNumber, netHdr.DestinationAddress(), netHdr.SourceAddress(), hdr.Length())
for _, v := range pkt.Data.Views() { for _, v := range pkt.Data.Views() {
xsum = header.Checksum(v, xsum) xsum = header.Checksum(v, xsum)
} }