ipscanner and wireguard fixes

.github/workflows/go-build.yaml

@@ -60,7 +60,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: '1.20'
+          go-version: '1.21'
           check-latest: true
 
       - name: Build warp

app/app.go

@@ -16,6 +16,9 @@ import (
 	"github.com/bepass-org/wireguard-go/wiresocks"
 )
 
+const singleMTU = 1400
+const doubleMTU = 1320
+
 type WarpOptions struct {
 	LogLevel string
 	Bind     netip.AddrPort
@@ -43,7 +46,7 @@ func RunWarp(ctx context.Context, opts WarpOptions) error {
 		return errors.New("must provide country for psiphon")
 	}
 
-	//create necessary file structures
+	// create necessary file structures
 	if err := makeDirs(); err != nil {
 		return err
 	}
@@ -55,21 +58,28 @@ func RunWarp(ctx context.Context, opts WarpOptions) error {
 	}
 	log.Println("Changed working directory to 'stuff'")
 
-	//create identities
+	// create identities
 	if err := createPrimaryAndSecondaryIdentities(opts.License); err != nil {
 		return err
 	}
 
-	//Decide Working Scenario
+	// Decide Working Scenario
 	endpoints := []string{opts.Endpoint, opts.Endpoint}
 
 	if opts.Scan != nil {
-		var err error
-		endpoints, err = wiresocks.RunScan(ctx, opts.Scan.MaxRTT)
+		res, err := wiresocks.RunScan(ctx, opts.Scan.MaxRTT)
 		if err != nil {
 			return err
 		}
+
+		log.Printf("scan results: %+v", res)
+
+		endpoints = make([]string, len(res))
+		for i := 0; i < len(res); i++ {
+			endpoints[i] = res[i].AddrPort.String()
+		}
 	}
+	log.Printf("using warp endpoints: %+v", endpoints)
 
 	var warpErr error
 	switch {
@@ -81,34 +91,41 @@ func RunWarp(ctx context.Context, opts WarpOptions) error {
 		warpErr = runWarpInWarp(ctx, opts.Bind, endpoints, opts.LogLevel == "debug")
 	default:
 		// just run primary warp on bindAddress
-		_, _, warpErr = runWarp(ctx, opts.Bind, endpoints, "./primary/wgcf-profile.ini", opts.LogLevel == "debug", true, true)
+		_, warpErr = runWarp(ctx, opts.Bind, endpoints, "./primary/wgcf-profile.ini", opts.LogLevel == "debug", true, true, singleMTU)
 	}
 
 	return warpErr
 }
 
-func runWarp(ctx context.Context, bind netip.AddrPort, endpoints []string, confPath string, verbose, startProxy bool, trick bool) (*wiresocks.VirtualTun, int, error) {
+func runWarp(ctx context.Context, bind netip.AddrPort, endpoints []string, confPath string, verbose, startProxy bool, trick bool, mtu int) (*wiresocks.VirtualTun, error) {
 	conf, err := wiresocks.ParseConfig(confPath, endpoints[0])
 	if err != nil {
 		log.Println(err)
-		return nil, 0, err
+		return nil, err
 	}
+	conf.Interface.MTU = mtu
 
-	if trick {
-		conf.Device.Trick = trick
+	for i, peer := range conf.Peers {
+		peer.KeepAlive = 10
+		if trick {
+			peer.Trick = true
+			peer.KeepAlive = 3
+		}
+
+		conf.Peers[i] = peer
 	}
 
-	tnet, err := wiresocks.StartWireguard(ctx, conf.Device, verbose)
+	tnet, err := wiresocks.StartWireguard(ctx, conf, verbose)
 	if err != nil {
 		log.Println(err)
-		return nil, 0, err
+		return nil, err
 	}
 
 	if startProxy {
 		tnet.StartProxy(bind)
 	}
 
-	return tnet, conf.Device.MTU, nil
+	return tnet, nil
 }
 
 func runWarpWithPsiphon(ctx context.Context, bind netip.AddrPort, endpoints []string, country string, verbose bool) error {
@@ -119,7 +136,7 @@ func runWarpWithPsiphon(ctx context.Context, bind netip.AddrPort, endpoints []st
 		return err
 	}
 
-	_, _, err = runWarp(ctx, warpBindAddress, endpoints, "./primary/wgcf-profile.ini", verbose, true, true)
+	_, err = runWarp(ctx, warpBindAddress, endpoints, "./primary/wgcf-profile.ini", verbose, true, true, singleMTU)
 	if err != nil {
 		return err
 	}
@@ -128,7 +145,7 @@ func runWarpWithPsiphon(ctx context.Context, bind netip.AddrPort, endpoints []st
 	err = psiphon.RunPsiphon(warpBindAddress.String(), bind.String(), country, ctx)
 	if err != nil {
 		log.Printf("unable to run psiphon %v", err)
-		return fmt.Errorf("unable to run psiphon %v", err)
+		return fmt.Errorf("unable to run psiphon %w", err)
 	}
 
 	log.Printf("Serving on %s", bind)
@@ -137,27 +154,27 @@ func runWarpWithPsiphon(ctx context.Context, bind netip.AddrPort, endpoints []st
 }
 
 func runWarpInWarp(ctx context.Context, bind netip.AddrPort, endpoints []string, verbose bool) error {
-	// run secondary warp
-	vTUN, mtu, err := runWarp(ctx, netip.AddrPort{}, endpoints, "./secondary/wgcf-profile.ini", verbose, false, true)
+	// Run outer warp
+	vTUN, err := runWarp(ctx, netip.AddrPort{}, endpoints, "./secondary/wgcf-profile.ini", verbose, false, true, singleMTU)
 	if err != nil {
 		return err
 	}
 
-	// run virtual endpoint
+	// Run virtual endpoint
 	virtualEndpointBindAddress, err := findFreePort("udp")
 	if err != nil {
 		log.Println("There are no free udp ports on Device!")
 		return err
 	}
 	addr := endpoints[1]
-	err = wiresocks.NewVtunUDPForwarder(virtualEndpointBindAddress.String(), addr, vTUN, mtu+100, ctx)
+	err = wiresocks.NewVtunUDPForwarder(virtualEndpointBindAddress.String(), addr, vTUN, singleMTU, ctx)
 	if err != nil {
 		log.Println(err)
 		return err
 	}
 
-	// run primary warp
-	_, _, err = runWarp(ctx, bind, []string{virtualEndpointBindAddress.String()}, "./primary/wgcf-profile.ini", verbose, true, false)
+	// Run inner warp
+	_, err = runWarp(ctx, bind, []string{virtualEndpointBindAddress.String()}, "./primary/wgcf-profile.ini", verbose, true, false, doubleMTU)
 	if err != nil {
 		return err
 	}
@@ -197,7 +214,7 @@ func createPrimaryAndSecondaryIdentities(license string) error {
 		err := warp.LoadOrCreateIdentity(license)
 		if err != nil {
 			log.Printf("error: %v", err)
-			return fmt.Errorf("error: %v", err)
+			return err
 		}
 	}
 	// make secondary
@@ -206,7 +223,7 @@ func createPrimaryAndSecondaryIdentities(license string) error {
 		err := warp.LoadOrCreateIdentity(license)
 		if err != nil {
 			log.Printf("error: %v", err)
-			return fmt.Errorf("error: %v", err)
+			return err
 		}
 	}
 	return nil
@@ -219,15 +236,15 @@ func makeDirs() error {
 
 	// Check if 'stuff' directory exists, if not create it
 	if _, err := os.Stat(stuffDir); os.IsNotExist(err) {
-		if err := os.Mkdir(stuffDir, 0755); err != nil {
+		if err := os.Mkdir(stuffDir, 0o755); err != nil {
 			return fmt.Errorf("error creating 'stuff' directory: %w", err)
 		}
 	}
 
 	// Create 'primary' and 'secondary' directories if they don't exist
 	for _, dir := range []string{primaryDir, secondaryDir} {
 		if _, err := os.Stat(filepath.Join(stuffDir, dir)); os.IsNotExist(err) {
-			if err := os.Mkdir(filepath.Join(stuffDir, dir), 0755); err != nil {
+			if err := os.Mkdir(filepath.Join(stuffDir, dir), 0o755); err != nil {
 				return fmt.Errorf("error creating '%s' directory: %w", dir, err)
 			}
 		}

device/device.go

@@ -86,8 +86,6 @@ type Device struct {
 		mtu    atomic.Int32
 	}
 
-	trick bool
-
 	ipcMutex sync.RWMutex
 	closed   chan struct{}
 	log      *Logger
@@ -283,9 +281,8 @@ func (device *Device) SetPrivateKey(sk NoisePrivateKey) error {
 	return nil
 }
 
-func NewDevice(tunDevice tun.Device, bind conn.Bind, logger *Logger, trick bool) *Device {
+func NewDevice(tunDevice tun.Device, bind conn.Bind, logger *Logger) *Device {
 	device := new(Device)
-	device.trick = trick
 	device.state.state.Store(uint32(deviceStateDown))
 	device.closed = make(chan struct{})
 	device.log = logger

device/device_test.go

@@ -166,7 +166,7 @@ func genTestPair(tb testing.TB, realSocket bool) (pair testPair) {
 		if _, ok := tb.(*testing.B); ok && !testing.Verbose() {
 			level = LogLevelError
 		}
-		p.dev = NewDevice(p.tun.TUN(), binds[i], NewLogger(level, fmt.Sprintf("dev%d: ", i)), false)
+		p.dev = NewDevice(p.tun.TUN(), binds[i], NewLogger(level, fmt.Sprintf("dev%d: ", i)))
 		if err := p.dev.IpcSet(cfg[i]); err != nil {
 			tb.Errorf("failed to configure device %d: %v", i, err)
 			p.dev.Close()

device/noise_test.go

@@ -39,7 +39,7 @@ func randDevice(t *testing.T) *Device {
 	}
 	tun := tuntest.NewChannelTUN()
 	logger := NewLogger(LogLevelError, "")
-	device := NewDevice(tun.TUN(), conn.NewDefaultBind(), logger, false)
+	device := NewDevice(tun.TUN(), conn.NewDefaultBind(), logger)
 	device.SetPrivateKey(sk)
 	return device
 }

device/peer.go

@@ -81,7 +81,6 @@ func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
 	// create peer
 	peer := new(Peer)
 	peer.stopCh = make(chan int, 1)
-	peer.trick = true
 	peer.cookieGenerator.Init(pk)
 	peer.device = device
 	peer.queue.outbound = newAutodrainingOutboundQueue(device)

device/send.go

@@ -121,6 +121,7 @@ func (peer *Peer) SendKeepalive() {
 	if len(peer.queue.staged) == 0 && peer.isRunning.Load() {
 		// Send some random packets on every keepalive
 		if peer.trick {
+			peer.device.log.Verbosef("%v - Running tricks! (keepalive)", peer)
 			peer.sendRandomPackets()
 		}
 
@@ -159,6 +160,7 @@ func (peer *Peer) SendHandshakeInitiation(isRetry bool) error {
 
 	// send some random packets on handshake
 	if peer.trick {
+		peer.device.log.Verbosef("%v - Running tricks! (handshake)", peer)
 		peer.sendRandomPackets()
 	}
 

device/uapi.go

@@ -119,6 +119,7 @@ func (device *Device) IpcGetOperation(w io.Writer) error {
 			sendf("tx_bytes=%d", peer.txBytes.Load())
 			sendf("rx_bytes=%d", peer.rxBytes.Load())
 			sendf("persistent_keepalive_interval=%d", peer.persistentKeepaliveInterval.Load())
+			sendf("trick=%t", peer.trick)
 
 			device.allowedips.EntriesForPeer(peer, func(prefix netip.Prefix) bool {
 				sendf("allowed_ip=%s", prefix.String())
@@ -386,6 +387,14 @@ func (device *Device) handlePeerLine(peer *ipcSetPeer, key, value string) error
 			return ipcErrorf(ipc.IpcErrorInvalid, "invalid protocol version: %v", value)
 		}
 
+	case "trick":
+		device.log.Verbosef("%v - UAPI: Setting trick: %s", peer.Peer, value)
+		parsedBool, err := strconv.ParseBool(value)
+		if err != nil {
+			return ipcErrorf(ipc.IpcErrorInvalid, "invalid trick value: %v", value)
+		}
+		peer.trick = parsedBool
+
 	default:
 		return ipcErrorf(ipc.IpcErrorInvalid, "invalid UAPI peer key: %v", key)
 	}

go.mod

@@ -1,21 +1,26 @@
 module github.com/bepass-org/wireguard-go
 
-go 1.20
+go 1.21.1
 
-replace github.com/Psiphon-Labs/psiphon-tunnel-core => github.com/bepass-org/psiphon-tunnel-core v0.0.0-20240223214330-9783d71283bc
+replace github.com/Psiphon-Labs/psiphon-tunnel-core => github.com/bepass-org/psiphon-tunnel-core v0.0.0-20240311155012-9c2e10df08e5
 
 require (
-	github.com/MakeNowJust/heredoc/v2 v2.0.1
-	github.com/Psiphon-Labs/psiphon-tunnel-core v0.0.0-00010101000000-000000000000
-	github.com/bepass-org/ipscanner v0.0.0-20240205155121-8927b7437d16
+	github.com/Psiphon-Labs/psiphon-tunnel-core v2.0.28+incompatible
 	github.com/bepass-org/proxy v0.0.0-20240201095508-c86216dd0aea
+	github.com/fatih/color v1.16.0
+	github.com/flynn/noise v1.1.0
+	github.com/frankban/quicktest v1.14.6
 	github.com/go-ini/ini v1.67.0
+	github.com/google/go-cmp v0.6.0
+	github.com/hashicorp/golang-lru v1.0.2
 	github.com/peterbourgon/ff/v4 v4.0.0-alpha.4
+	github.com/quic-go/quic-go v0.40.1
 	github.com/refraction-networking/conjure v0.7.11-0.20240130155008-c8df96195ab2
 	github.com/refraction-networking/utls v1.3.3
-	golang.org/x/crypto v0.18.0
-	golang.org/x/net v0.20.0
-	golang.org/x/sys v0.16.0
+	github.com/rodaine/table v1.1.1
+	golang.org/x/crypto v0.19.0
+	golang.org/x/net v0.21.0
+	golang.org/x/sys v0.17.0
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2
 	gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259
 )
@@ -26,30 +31,29 @@ require (
 	github.com/AndreasBriese/bbloom v0.0.0-20170702084017-28f7e881ca57 // indirect
 	github.com/Psiphon-Labs/bolt v0.0.0-20200624191537-23cedaef7ad7 // indirect
 	github.com/Psiphon-Labs/goptlib v0.0.0-20200406165125-c0e32a7a3464 // indirect
-	github.com/Psiphon-Labs/qtls-go1-19 v0.0.0-20230608213623-d58aa73e519a // indirect
-	github.com/Psiphon-Labs/qtls-go1-20 v0.0.0-20230608214729-dd57d6787acf // indirect
-	github.com/Psiphon-Labs/quic-go v0.0.0-20230626192210-73f29effc9da // indirect
-	github.com/Psiphon-Labs/tls-tris v0.0.0-20230824155421-58bf6d336a9a // indirect
+	github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240305020009-09f917290799 // indirect
+	github.com/Psiphon-Labs/quic-go v0.0.0-20240305203241-7c4a760d03cc // indirect
 	github.com/andybalholm/brotli v1.0.5 // indirect
 	github.com/armon/go-proxyproto v0.0.0-20180202201750-5b7edb60ff5f // indirect
 	github.com/bifurcation/mint v0.0.0-20180306135233-198357931e61 // indirect
 	github.com/cheekybits/genny v0.0.0-20170328200008-9127e812e1e9 // indirect
 	github.com/cognusion/go-cache-lru v0.0.0-20170419142635-f73e2280ecea // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dchest/siphash v1.2.3 // indirect
 	github.com/dgraph-io/badger v1.5.4-0.20180815194500-3a87f6d9c273 // indirect
 	github.com/dgryski/go-farm v0.0.0-20180109070241-2de33835d102 // indirect
-	github.com/flynn/noise v1.1.0 // indirect
 	github.com/gaukas/godicttls v0.0.4 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/btree v1.0.1 // indirect
 	github.com/google/pprof v0.0.0-20211214055906-6f57359322fd // indirect
 	github.com/grafov/m3u8 v0.0.0-20171211212457-6ab8f28ed427 // indirect
-	github.com/hashicorp/golang-lru v1.0.2 // indirect
 	github.com/juju/ratelimit v1.0.2 // indirect
 	github.com/klauspost/compress v1.16.7 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
 	github.com/libp2p/go-reuseport v0.4.0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/miekg/dns v1.1.44-0.20210804161652-ab67aa642300 // indirect
 	github.com/mroth/weightedrand v1.0.0 // indirect
 	github.com/onsi/ginkgo/v2 v2.9.5 // indirect
@@ -63,10 +67,10 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/quic-go/qpack v0.4.0 // indirect
 	github.com/quic-go/qtls-go1-20 v0.4.1 // indirect
-	github.com/quic-go/quic-go v0.40.1 // indirect
 	github.com/refraction-networking/ed25519 v0.1.2 // indirect
 	github.com/refraction-networking/gotapdance v1.7.10 // indirect
 	github.com/refraction-networking/obfs4 v0.1.2 // indirect
+	github.com/rogpeppe/go-internal v1.9.0 // indirect
 	github.com/sergeyfrolov/bsbuffer v0.0.0-20180903213811-94e85abb8507 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect