Skip to content

Commit

Permalink
tricks: only run trick on outer wireguard
Browse files Browse the repository at this point in the history
Signed-off-by: Mark Pashmfouroush <[email protected]>
  • Loading branch information
markpash committed Mar 4, 2024
1 parent 6fbb8ae commit f36610f
Show file tree
Hide file tree
Showing 8 changed files with 32 additions and 24 deletions.
31 changes: 14 additions & 17 deletions app/app.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,26 +75,30 @@ func RunWarp(ctx context.Context, opts WarpOptions) error {
switch {
case opts.Psiphon != nil:
// run primary warp on a random tcp port and run psiphon on bind address
warpErr = runWarpWithPsiphon(opts.Bind, endpoints, opts.Psiphon.Country, opts.LogLevel == "debug", ctx)
warpErr = runWarpWithPsiphon(ctx, opts.Bind, endpoints, opts.Psiphon.Country, opts.LogLevel == "debug")
case opts.Gool:
// run warp in warp
warpErr = runWarpInWarp(opts.Bind, endpoints, opts.LogLevel == "debug", ctx)
warpErr = runWarpInWarp(ctx, opts.Bind, endpoints, opts.LogLevel == "debug")
default:
// just run primary warp on bindAddress
_, _, warpErr = runWarp(opts.Bind, endpoints, "./primary/wgcf-profile.ini", opts.LogLevel == "debug", true, ctx)
_, _, warpErr = runWarp(ctx, opts.Bind, endpoints, "./primary/wgcf-profile.ini", opts.LogLevel == "debug", true, true)
}

return warpErr
}

func runWarp(bind netip.AddrPort, endpoints []string, confPath string, verbose, startProxy bool, ctx context.Context) (*wiresocks.VirtualTun, int, error) {
func runWarp(ctx context.Context, bind netip.AddrPort, endpoints []string, confPath string, verbose, startProxy bool, trick bool) (*wiresocks.VirtualTun, int, error) {
conf, err := wiresocks.ParseConfig(confPath, endpoints[0])
if err != nil {
log.Println(err)
return nil, 0, err
}

tnet, err := wiresocks.StartWireguard(conf.Device, verbose, ctx)
if trick {
conf.Device.Trick = trick
}

tnet, err := wiresocks.StartWireguard(ctx, conf.Device, verbose)
if err != nil {
log.Println(err)
return nil, 0, err
Expand All @@ -107,15 +111,15 @@ func runWarp(bind netip.AddrPort, endpoints []string, confPath string, verbose,
return tnet, conf.Device.MTU, nil
}

func runWarpWithPsiphon(bind netip.AddrPort, endpoints []string, country string, verbose bool, ctx context.Context) error {
func runWarpWithPsiphon(ctx context.Context, bind netip.AddrPort, endpoints []string, country string, verbose bool) error {
// make a random bind address for warp
warpBindAddress, err := findFreePort("tcp")
if err != nil {
log.Println("There are no free tcp ports on Device!")
return err
}

_, _, err = runWarp(warpBindAddress, endpoints, "./primary/wgcf-profile.ini", verbose, true, ctx)
_, _, err = runWarp(ctx, warpBindAddress, endpoints, "./primary/wgcf-profile.ini", verbose, true, true)
if err != nil {
return err
}
Expand All @@ -132,9 +136,9 @@ func runWarpWithPsiphon(bind netip.AddrPort, endpoints []string, country string,
return nil
}

func runWarpInWarp(bind netip.AddrPort, endpoints []string, verbose bool, ctx context.Context) error {
func runWarpInWarp(ctx context.Context, bind netip.AddrPort, endpoints []string, verbose bool) error {
// run secondary warp
vTUN, mtu, err := runWarp(netip.AddrPort{}, endpoints, "./secondary/wgcf-profile.ini", verbose, false, ctx)
vTUN, mtu, err := runWarp(ctx, netip.AddrPort{}, endpoints, "./secondary/wgcf-profile.ini", verbose, false, true)
if err != nil {
return err
}
Expand All @@ -146,21 +150,14 @@ func runWarpInWarp(bind netip.AddrPort, endpoints []string, verbose bool, ctx co
return err
}
addr := endpoints[1]
if addr == "" {
warpEndpoint, err := warp.RandomWarpEndpoint()
if err != nil {
return err
}
addr = warpEndpoint.String()
}
err = wiresocks.NewVtunUDPForwarder(virtualEndpointBindAddress.String(), addr, vTUN, mtu+100, ctx)
if err != nil {
log.Println(err)
return err
}

// run primary warp
_, _, err = runWarp(bind, []string{virtualEndpointBindAddress.String()}, "./primary/wgcf-profile.ini", verbose, true, ctx)
_, _, err = runWarp(ctx, bind, []string{virtualEndpointBindAddress.String()}, "./primary/wgcf-profile.ini", verbose, true, false)
if err != nil {
return err
}
Expand Down
5 changes: 4 additions & 1 deletion device/device.go
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,8 @@ type Device struct {
mtu atomic.Int32
}

trick bool

ipcMutex sync.RWMutex
closed chan struct{}
log *Logger
Expand Down Expand Up @@ -281,8 +283,9 @@ func (device *Device) SetPrivateKey(sk NoisePrivateKey) error {
return nil
}

func NewDevice(tunDevice tun.Device, bind conn.Bind, logger *Logger) *Device {
func NewDevice(tunDevice tun.Device, bind conn.Bind, logger *Logger, trick bool) *Device {
device := new(Device)
device.trick = trick
device.state.state.Store(uint32(deviceStateDown))
device.closed = make(chan struct{})
device.log = logger
Expand Down
2 changes: 1 addition & 1 deletion device/device_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ func genTestPair(tb testing.TB, realSocket bool) (pair testPair) {
if _, ok := tb.(*testing.B); ok && !testing.Verbose() {
level = LogLevelError
}
p.dev = NewDevice(p.tun.TUN(), binds[i], NewLogger(level, fmt.Sprintf("dev%d: ", i)))
p.dev = NewDevice(p.tun.TUN(), binds[i], NewLogger(level, fmt.Sprintf("dev%d: ", i)), false)
if err := p.dev.IpcSet(cfg[i]); err != nil {
tb.Errorf("failed to configure device %d: %v", i, err)
p.dev.Close()
Expand Down
2 changes: 1 addition & 1 deletion device/noise_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ func randDevice(t *testing.T) *Device {
}
tun := tuntest.NewChannelTUN()
logger := NewLogger(LogLevelError, "")
device := NewDevice(tun.TUN(), conn.NewDefaultBind(), logger)
device := NewDevice(tun.TUN(), conn.NewDefaultBind(), logger, false)
device.SetPrivateKey(sk)
return device
}
Expand Down
3 changes: 3 additions & 0 deletions device/peer.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ type Peer struct {
inbound *autodrainingInboundQueue // sequential ordering of tun writing
}

trick bool

cookieGenerator CookieGenerator
trieEntries list.List
persistentKeepaliveInterval atomic.Uint32
Expand All @@ -78,6 +80,7 @@ func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
// create peer
peer := new(Peer)

peer.trick = true
peer.cookieGenerator.Init(pk)
peer.device = device
peer.queue.outbound = newAutodrainingOutboundQueue(device)
Expand Down
8 changes: 6 additions & 2 deletions device/send.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,9 @@ func (peer *Peer) sendRandomPackets() {
func (peer *Peer) SendKeepalive() {
if len(peer.queue.staged) == 0 && peer.isRunning.Load() {
// Send some random packets on every keepalive
peer.sendRandomPackets()
if peer.trick {
peer.sendRandomPackets()
}

elem := peer.device.NewOutboundElement()
elemsContainer := peer.device.GetOutboundElementsContainer()
Expand Down Expand Up @@ -153,7 +155,9 @@ func (peer *Peer) SendHandshakeInitiation(isRetry bool) error {
}

// send some random packets on handshake
peer.sendRandomPackets()
if peer.trick {
peer.sendRandomPackets()
}

peer.handshake.lastSentHandshake = time.Now()
peer.handshake.mutex.Unlock()
Expand Down
1 change: 1 addition & 0 deletions wiresocks/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ type DeviceConfig struct {
DNS []netip.Addr
MTU int
ListenPort *int
Trick bool
}

type Configuration struct {
Expand Down
4 changes: 2 additions & 2 deletions wiresocks/wiresocks.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func createIPCRequest(conf *DeviceConfig) (*DeviceSetting, error) {
}

// StartWireguard creates a tun interface on netstack given a configuration
func StartWireguard(conf *DeviceConfig, verbose bool, ctx context.Context) (*VirtualTun, error) {
func StartWireguard(ctx context.Context, conf *DeviceConfig, verbose bool) (*VirtualTun, error) {
setting, err := createIPCRequest(conf)
if err != nil {
return nil, err
Expand All @@ -76,7 +76,7 @@ func StartWireguard(conf *DeviceConfig, verbose bool, ctx context.Context) (*Vir
logLevel = device.LogLevelSilent
}

dev := device.NewDevice(tun, conn.NewDefaultBind(), device.NewLogger(logLevel, ""))
dev := device.NewDevice(tun, conn.NewDefaultBind(), device.NewLogger(logLevel, ""), conf.Trick)
err = dev.IpcSet(setting.ipcRequest)
if err != nil {
return nil, err
Expand Down

0 comments on commit f36610f

Please sign in to comment.