From f3a5e042cb9e64db7f6c06566469c06f97f51d41 Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Tue, 22 Oct 2024 16:41:28 -0300 Subject: [PATCH 1/9] feat: go get utls and go mod tidy --- go.mod | 16 ++++++++-------- go.sum | 28 ++++++++++++++-------------- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/go.mod b/go.mod index 2345d357..e3d0117a 100644 --- a/go.mod +++ b/go.mod @@ -48,7 +48,7 @@ require ( github.com/hashicorp/golang-lru v0.5.4 github.com/mitchellh/panicwrap v1.0.0 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 - github.com/refraction-networking/utls v1.3.3 + github.com/refraction-networking/utls v1.6.7 github.com/refraction-networking/water v0.7.0-alpha github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 github.com/spaolacci/murmur3 v1.1.0 @@ -64,7 +64,8 @@ require ( go.opentelemetry.io/otel/sdk v1.19.0 go.opentelemetry.io/otel/sdk/metric v1.19.0 go.opentelemetry.io/otel/trace v1.19.0 - golang.org/x/net v0.20.0 + go.uber.org/mock v0.3.0 + golang.org/x/net v0.23.0 google.golang.org/api v0.148.0 ) @@ -77,18 +78,18 @@ require ( github.com/OperatorFoundation/go-shadowsocks2 v1.2.1 // indirect github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63 // indirect github.com/aead/ecdh v0.2.0 // indirect - github.com/andybalholm/brotli v1.0.5 // indirect + github.com/andybalholm/brotli v1.0.6 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/vfs v1.0.0 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cloudflare/circl v1.3.7 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dchest/siphash v1.2.3 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect - github.com/gaukas/godicttls v0.0.4 // indirect github.com/gaukas/wazerofs v0.1.0 // indirect github.com/getlantern/algeneva v0.0.0-20240222191137-2b4e88234f59 // indirect github.com/getlantern/bufconn v0.0.0-20190625204133-a08544339f8d // indirect @@ -122,7 +123,7 @@ require ( github.com/googleapis/enterprise-certificate-proxy v0.3.1 // indirect github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect - github.com/klauspost/compress v1.16.7 // indirect + github.com/klauspost/compress v1.17.4 // indirect github.com/klauspost/cpuid v1.3.1 // indirect github.com/klauspost/pgzip v1.2.5 // indirect github.com/klauspost/reedsolomon v1.9.9 // indirect @@ -180,15 +181,14 @@ require ( go.opentelemetry.io/otel/exporters/otlp/otlpmetric v0.42.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.uber.org/atomic v1.9.0 // indirect - go.uber.org/mock v0.3.0 // indirect go.uber.org/multierr v1.8.0 // indirect go.uber.org/zap v1.21.0 // indirect - golang.org/x/crypto v0.18.0 // indirect + golang.org/x/crypto v0.21.0 // indirect golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/oauth2 v0.16.0 // indirect golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.17.0 // indirect + golang.org/x/sys v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/tools v0.17.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/go.sum b/go.sum index be452b44..f4ac4bf2 100644 --- a/go.sum +++ b/go.sum @@ -33,8 +33,8 @@ github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63/go.mod h1:nf+Komq github.com/aead/ecdh v0.2.0 h1:pYop54xVaq/CEREFEcukHRZfTdjiWvYIsZDXXrBapQQ= github.com/aead/ecdh v0.2.0/go.mod h1:a9HHtXuSo8J1Js1MwLQx2mBhkXMT6YwUmVVEY4tTB8U= github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= -github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs= -github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI= +github.com/andybalholm/brotli v1.0.6/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/aristanetworks/goarista v0.0.0-20190628000427-15fc8b0bfcde/go.mod h1:D/tb0zPVXnP7fmsLZjtdUhSsumbK/ij54UXjjVgMGxQ= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -48,6 +48,8 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= +github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -74,8 +76,6 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk= -github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI= github.com/gaukas/wazerofs v0.1.0 h1:wIkW1bAxSnpaaVkQ5LOb1tm1BXdVap3eKjJpVWIqt2E= github.com/gaukas/wazerofs v0.1.0/go.mod h1:+JECB9Fwt0taPqSgHckG9lmT3tcoVK+9VJozTsq9UlI= github.com/getlantern/algeneva v0.0.0-20240222191137-2b4e88234f59 h1:uWNy0b1Wtpsd4n64Kat+fRjvPCBwM2Nykwt71LupJAQ= @@ -304,8 +304,8 @@ github.com/kataras/pio v0.0.12 h1:o52SfVYauS3J5X08fNjlGS5arXHjW/ItLkyLcKjoH6w= github.com/kataras/pio v0.0.12/go.mod h1:ODK/8XBhhQ5WqrAhKy+9lTPS7sBf6O3KcLhc9klfRcY= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.16.7 h1:2mk3MPGNzKyxErAw8YaohYh69+pa4sIQSC0fPGCFR9I= -github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= +github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/cpuid v1.2.4/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/cpuid v1.3.1 h1:5JNjFYYQrZeKRJ0734q51WCEEn2huer72Dc7K+R/b6s= @@ -425,8 +425,8 @@ github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5 github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= github.com/quic-go/quic-go v0.40.0 h1:GYd1iznlKm7dpHD7pOVpUvItgMPo/jrMgDWZhMCecqw= github.com/quic-go/quic-go v0.40.0/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= -github.com/refraction-networking/utls v1.3.3 h1:f/TBLX7KBciRyFH3bwupp+CE4fzoYKCirhdRcC490sw= -github.com/refraction-networking/utls v1.3.3/go.mod h1:DlecWW1LMlMJu+9qpzzQqdHDT/C2LAe03EdpLUz/RL8= +github.com/refraction-networking/utls v1.6.7 h1:zVJ7sP1dJx/WtVuITug3qYUq034cDq9B2MR1K67ULZM= +github.com/refraction-networking/utls v1.6.7/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0= github.com/refraction-networking/water v0.7.0-alpha h1:yLMAvIi0lHHD2mvwx63GLnptpjvnmBCWFvTHTWLykLk= github.com/refraction-networking/water v0.7.0-alpha/go.mod h1:VPQENA6E5+2V5RlX/yaBlTCKeFQ25j49DUc/pmmwkXE= github.com/refraction-networking/wazero v1.7.1-w h1:z7Ty5PsMkJEDBCsn3ELUjceQGBT0FMVGldOSpDK3giQ= @@ -555,8 +555,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= -golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= -golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA= golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= @@ -599,8 +599,8 @@ golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= -golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= @@ -651,8 +651,8 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= From 980ebe4c2f431105c4c0fdc4d203e1647d68d93f Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Tue, 22 Oct 2024 16:42:24 -0300 Subject: [PATCH 2/9] feat: adding mismatch protocol and add options to listen with shadowsocks and utls --- http-proxy/main.go | 10 ++++++---- http_proxy.go | 40 ++++++++++++++++++++++++++++++---------- 2 files changed, 36 insertions(+), 14 deletions(-) diff --git a/http-proxy/main.go b/http-proxy/main.go index 4697deb1..2c2bd5ad 100644 --- a/http-proxy/main.go +++ b/http-proxy/main.go @@ -186,10 +186,11 @@ var ( algenevaAddr = flag.String("algeneva-addr", "", "Address at which to listen for algenAddr connections.") - waterAddr = flag.String("water-addr", "", "Address at which to listen for WATER connections.") - waterWASM = flag.String("water-wasm", "", "Base64 encoded WASM for WATER") - waterWASMAvailableAt = flag.String("water-wasm-available-at", "", "URLs where the WATER WASM is available") - waterTransport = flag.String("water-transport", "", "WATER based transport name") + waterAddr = flag.String("water-addr", "", "Address at which to listen for WATER connections.") + waterWASM = flag.String("water-wasm", "", "Base64 encoded WASM for WATER") + waterWASMAvailableAt = flag.String("water-wasm-available-at", "", "URLs where the WATER WASM is available") + waterTransport = flag.String("water-transport", "", "WATER based transport name") + waterMismatchProtocol = flag.String("water-mismatch-protocol", "", "Mismatch protocol is used to force the executution of a different protocol listener than WATER") track = flag.String("track", "", "The track this proxy is running on") ) @@ -476,6 +477,7 @@ func main() { WaterWASM: *waterWASM, WaterWASMAvailableAt: *waterWASMAvailableAt, WaterTransport: *waterTransport, + WaterMismatchProtocol: *waterMismatchProtocol, } if *maxmindLicenseKey != "" { log.Debug("Will use Maxmind for geolocating clients") diff --git a/http_proxy.go b/http_proxy.go index 47aa49a3..b09b165f 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -33,6 +33,7 @@ import ( "github.com/getlantern/http-proxy-lantern/v2/otel" shadowsocks "github.com/getlantern/http-proxy-lantern/v2/shadowsocks" "github.com/getlantern/http-proxy-lantern/v2/starbridge" + utls "github.com/refraction-networking/utls" "github.com/xtaci/smux" @@ -188,10 +189,11 @@ type Proxy struct { AlgenevaAddr string // deprecated: use WaterWASMAvailableAt - WaterWASM string - WaterWASMAvailableAt string - WaterTransport string - WaterAddr string + WaterWASM string + WaterWASMAvailableAt string + WaterTransport string + WaterAddr string + WaterMismatchProtocol string throttleConfig throttle.Config instrument instrument.Instrument @@ -1016,15 +1018,33 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { wasm = wasmBuffer.Bytes() } - // currently the WATER listener doesn't accept a multiplexed connections, so we need to listen and accept connections directly from the listener - waterListener, err := water.NewWATERListener(ctx, nil, p.WaterTransport, addr, wasm) + mismatchProtocol, err := strconv.Atoi(p.WaterMismatchProtocol) if err != nil { - log.Errorf("failed to starte WATER listener: %w", err) - return nil, err + return nil, log.Errorf("failed to parse mismatch protocol") } - log.Debugf("Listening for water at %v", waterListener.Addr()) - return waterListener, nil + switch mismatchProtocol { + case 0: + // currently the WATER listener doesn't accept a multiplexed connections, so we need to listen and accept connections directly from the listener + waterListener, err := water.NewWATERListener(ctx, nil, p.WaterTransport, addr, wasm) + if err != nil { + return nil, log.Errorf("failed to starte WATER listener: %w", err) + } + + log.Debugf("Listening for water at %v", waterListener.Addr()) + return waterListener, nil + case 1: + return p.listenShadowsocks(addr) + case 2: + cert, err := utls.X509KeyPair([]byte(p.CertFile), []byte(p.KeyFile)) + if err != nil { + return nil, log.Errorf("failed to load cert: %w", err) + } + + return utls.Listen("tcp", addr, &utls.Config{Certificates: []utls.Certificate{cert}}) + default: + return nil, log.Errorf("unsupported mismatch protocol provided: %d", mismatchProtocol) + } } func (p *Proxy) setupPacketForward() error { From 604eda3e2818d0784678fdc41a8f304e781322ed Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Tue, 22 Oct 2024 16:54:31 -0300 Subject: [PATCH 3/9] fix: downgrade utls to v1.3.3 --- go.mod | 3 ++- go.sum | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index e3d0117a..9fd48750 100644 --- a/go.mod +++ b/go.mod @@ -48,7 +48,7 @@ require ( github.com/hashicorp/golang-lru v0.5.4 github.com/mitchellh/panicwrap v1.0.0 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 - github.com/refraction-networking/utls v1.6.7 + github.com/refraction-networking/utls v1.3.3 github.com/refraction-networking/water v0.7.0-alpha github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 github.com/spaolacci/murmur3 v1.1.0 @@ -90,6 +90,7 @@ require ( github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/gaukas/godicttls v0.0.3 // indirect github.com/gaukas/wazerofs v0.1.0 // indirect github.com/getlantern/algeneva v0.0.0-20240222191137-2b4e88234f59 // indirect github.com/getlantern/bufconn v0.0.0-20190625204133-a08544339f8d // indirect diff --git a/go.sum b/go.sum index f4ac4bf2..0d02be0b 100644 --- a/go.sum +++ b/go.sum @@ -76,6 +76,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/gaukas/godicttls v0.0.3 h1:YNDIf0d9adcxOijiLrEzpfZGAkNwLRzPaG6OjU7EITk= +github.com/gaukas/godicttls v0.0.3/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI= github.com/gaukas/wazerofs v0.1.0 h1:wIkW1bAxSnpaaVkQ5LOb1tm1BXdVap3eKjJpVWIqt2E= github.com/gaukas/wazerofs v0.1.0/go.mod h1:+JECB9Fwt0taPqSgHckG9lmT3tcoVK+9VJozTsq9UlI= github.com/getlantern/algeneva v0.0.0-20240222191137-2b4e88234f59 h1:uWNy0b1Wtpsd4n64Kat+fRjvPCBwM2Nykwt71LupJAQ= @@ -425,6 +427,8 @@ github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5 github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= github.com/quic-go/quic-go v0.40.0 h1:GYd1iznlKm7dpHD7pOVpUvItgMPo/jrMgDWZhMCecqw= github.com/quic-go/quic-go v0.40.0/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= +github.com/refraction-networking/utls v1.3.3 h1:f/TBLX7KBciRyFH3bwupp+CE4fzoYKCirhdRcC490sw= +github.com/refraction-networking/utls v1.3.3/go.mod h1:DlecWW1LMlMJu+9qpzzQqdHDT/C2LAe03EdpLUz/RL8= github.com/refraction-networking/utls v1.6.7 h1:zVJ7sP1dJx/WtVuITug3qYUq034cDq9B2MR1K67ULZM= github.com/refraction-networking/utls v1.6.7/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0= github.com/refraction-networking/water v0.7.0-alpha h1:yLMAvIi0lHHD2mvwx63GLnptpjvnmBCWFvTHTWLykLk= From e271a89650c329d2342abc146932ba383232e4eb Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Wed, 23 Oct 2024 15:04:43 -0300 Subject: [PATCH 4/9] chore: removing shadowsocks and changing utls index --- http_proxy.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/http_proxy.go b/http_proxy.go index b09b165f..d484642e 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -1033,9 +1033,7 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { log.Debugf("Listening for water at %v", waterListener.Addr()) return waterListener, nil - case 1: - return p.listenShadowsocks(addr) - case 2: + case 97: cert, err := utls.X509KeyPair([]byte(p.CertFile), []byte(p.KeyFile)) if err != nil { return nil, log.Errorf("failed to load cert: %w", err) From 68e28efa420016457138a66a29f2c27d6e450d2c Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Fri, 25 Oct 2024 17:08:10 -0300 Subject: [PATCH 5/9] fix: adding forgotten error to log error --- http_proxy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http_proxy.go b/http_proxy.go index d484642e..810d80ae 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -1020,7 +1020,7 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { mismatchProtocol, err := strconv.Atoi(p.WaterMismatchProtocol) if err != nil { - return nil, log.Errorf("failed to parse mismatch protocol") + return nil, log.Errorf("failed to parse mismatch protocol: %w", err) } switch mismatchProtocol { From b2dff0c83110d96b8abc6d76532198cabab967f2 Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Fri, 25 Oct 2024 17:27:55 -0300 Subject: [PATCH 6/9] chore: using mismatch protocol names instead of numbers --- http_proxy.go | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/http_proxy.go b/http_proxy.go index 810d80ae..3c757677 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -1018,13 +1018,8 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { wasm = wasmBuffer.Bytes() } - mismatchProtocol, err := strconv.Atoi(p.WaterMismatchProtocol) - if err != nil { - return nil, log.Errorf("failed to parse mismatch protocol: %w", err) - } - - switch mismatchProtocol { - case 0: + switch p.WaterMismatchProtocol { + case "PROTOCOL_UNSPECIFIED": // currently the WATER listener doesn't accept a multiplexed connections, so we need to listen and accept connections directly from the listener waterListener, err := water.NewWATERListener(ctx, nil, p.WaterTransport, addr, wasm) if err != nil { @@ -1033,7 +1028,7 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { log.Debugf("Listening for water at %v", waterListener.Addr()) return waterListener, nil - case 97: + case "PROTOCOL_UTLS": cert, err := utls.X509KeyPair([]byte(p.CertFile), []byte(p.KeyFile)) if err != nil { return nil, log.Errorf("failed to load cert: %w", err) From 353da304e3ed92a235b35296eecd0c3e46076246 Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Fri, 25 Oct 2024 17:34:49 -0300 Subject: [PATCH 7/9] fix: replace unused var --- http_proxy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http_proxy.go b/http_proxy.go index 3c757677..474e0e70 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -1036,7 +1036,7 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { return utls.Listen("tcp", addr, &utls.Config{Certificates: []utls.Certificate{cert}}) default: - return nil, log.Errorf("unsupported mismatch protocol provided: %d", mismatchProtocol) + return nil, log.Errorf("unsupported mismatch protocol provided: %s", p.WaterMismatchProtocol) } } From 364eb53f3c8dd2c2bed31acd5ba34244aab4d470 Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Mon, 28 Oct 2024 17:19:36 -0300 Subject: [PATCH 8/9] fix: loading cert files --- http_proxy.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/http_proxy.go b/http_proxy.go index 474e0e70..8e7903d8 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -1029,7 +1029,16 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { log.Debugf("Listening for water at %v", waterListener.Addr()) return waterListener, nil case "PROTOCOL_UTLS": - cert, err := utls.X509KeyPair([]byte(p.CertFile), []byte(p.KeyFile)) + certPEM, err := os.ReadFile(p.CertFile) + if err != nil { + log.Fatalf("Unable to read certificate file: %v", err) + } + + keyPEM, err := os.ReadFile(p.KeyFile) + if err != nil { + log.Fatalf("Unable to read key file: %v", err) + } + cert, err := utls.X509KeyPair([]byte(certPEM), []byte(keyPEM)) if err != nil { return nil, log.Errorf("failed to load cert: %w", err) } From 8f5bbaa5b0660b9bdfd65a8136c1535562bb6965 Mon Sep 17 00:00:00 2001 From: WendelHime <6754291+WendelHime@users.noreply.github.com> Date: Tue, 29 Oct 2024 11:27:05 -0300 Subject: [PATCH 9/9] chore: replacing utls listener by crypto/tls --- go.mod | 1 - go.sum | 4 ---- http_proxy.go | 5 ++--- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index 9fd48750..2986a704 100644 --- a/go.mod +++ b/go.mod @@ -83,7 +83,6 @@ require ( github.com/blang/vfs v1.0.0 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/cloudflare/circl v1.3.7 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dchest/siphash v1.2.3 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect diff --git a/go.sum b/go.sum index 0d02be0b..a0a22edc 100644 --- a/go.sum +++ b/go.sum @@ -48,8 +48,6 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= -github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -429,8 +427,6 @@ github.com/quic-go/quic-go v0.40.0 h1:GYd1iznlKm7dpHD7pOVpUvItgMPo/jrMgDWZhMCecq github.com/quic-go/quic-go v0.40.0/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= github.com/refraction-networking/utls v1.3.3 h1:f/TBLX7KBciRyFH3bwupp+CE4fzoYKCirhdRcC490sw= github.com/refraction-networking/utls v1.3.3/go.mod h1:DlecWW1LMlMJu+9qpzzQqdHDT/C2LAe03EdpLUz/RL8= -github.com/refraction-networking/utls v1.6.7 h1:zVJ7sP1dJx/WtVuITug3qYUq034cDq9B2MR1K67ULZM= -github.com/refraction-networking/utls v1.6.7/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0= github.com/refraction-networking/water v0.7.0-alpha h1:yLMAvIi0lHHD2mvwx63GLnptpjvnmBCWFvTHTWLykLk= github.com/refraction-networking/water v0.7.0-alpha/go.mod h1:VPQENA6E5+2V5RlX/yaBlTCKeFQ25j49DUc/pmmwkXE= github.com/refraction-networking/wazero v1.7.1-w h1:z7Ty5PsMkJEDBCsn3ELUjceQGBT0FMVGldOSpDK3giQ= diff --git a/http_proxy.go b/http_proxy.go index 8e7903d8..287f38bd 100644 --- a/http_proxy.go +++ b/http_proxy.go @@ -33,7 +33,6 @@ import ( "github.com/getlantern/http-proxy-lantern/v2/otel" shadowsocks "github.com/getlantern/http-proxy-lantern/v2/shadowsocks" "github.com/getlantern/http-proxy-lantern/v2/starbridge" - utls "github.com/refraction-networking/utls" "github.com/xtaci/smux" @@ -1038,12 +1037,12 @@ func (p *Proxy) listenWATER(addr string) (net.Listener, error) { if err != nil { log.Fatalf("Unable to read key file: %v", err) } - cert, err := utls.X509KeyPair([]byte(certPEM), []byte(keyPEM)) + cert, err := tls.X509KeyPair([]byte(certPEM), []byte(keyPEM)) if err != nil { return nil, log.Errorf("failed to load cert: %w", err) } - return utls.Listen("tcp", addr, &utls.Config{Certificates: []utls.Certificate{cert}}) + return tls.Listen("tcp", addr, &tls.Config{Certificates: []tls.Certificate{cert}}) default: return nil, log.Errorf("unsupported mismatch protocol provided: %s", p.WaterMismatchProtocol) }