Skip to content

Commit

Permalink
依存関係をアップデート
Browse files Browse the repository at this point in the history
  • Loading branch information
@WinLinux1028
WinLinux1028 committed Dec 31, 2024
1 parent bac35f7 commit 1e36869
Show file tree
Hide file tree
Showing 14 changed files with 57,813 additions and 240 deletions.
6 changes: 3 additions & 3 deletions local_proxy/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ hyper = { version = "1", features = ["full"] }
http-body-util = "0.1"
hyper-util = { version = "0.1", features = ["full"] }
once_cell = "1"
base64 = "0.21"
base64 = "0.22"
async-trait = "0.1"
tokio-rustls = "0.24"
rustls-native-certs = "0.6"
tokio-rustls = "0.26"
rustls-native-certs = "0.8"
serde = { version = "1", features = ["derive"] }
json5 = "0.4"
dns-parser = "0.8"
Expand Down
10 changes: 3 additions & 7 deletions local_proxy/src/outbound/layer/tls.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,10 @@ use tokio_rustls::{rustls, TlsConnector};
static CONNECTOR: Lazy<TlsConnector> = Lazy::new(|| {
let mut certs = rustls::RootCertStore::empty();
for cert in rustls_native_certs::load_native_certs().unwrap() {
let _ = certs.add(&rustls::Certificate(cert.0));
let _ = certs.add(cert);
}

let config = rustls::ClientConfig::builder()
.with_safe_defaults()
.with_root_certificates(certs)
.with_no_client_auth();

Expand All @@ -36,10 +35,7 @@ impl Layer for TlsClient {
where
RW: AsyncRead + AsyncWrite + Unpin + Send + 'static,
{
Ok(Box::new(
CONNECTOR
.connect(addr.hostname.to_string().as_str().try_into()?, stream)
.await?,
))
let addr = addr.hostname.to_string();
Ok(Box::new(CONNECTOR.connect(addr.try_into()?, stream).await?))
}
}
8 changes: 5 additions & 3 deletions tproxy_tokio/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,14 @@ edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
log = "0.4"
cfg-if = "1"
async-trait = "0.1"
tokio = { version = "1", features = ["full"] }
socket2 = { version = "0.5", features = ["all"] }
libc = "0.2"
socket2 = "0.5"
once_cell = "1"

[target.'cfg(any(target_os = "macos", target_os = "ios", target_os = "freebsd", target_os = "netbsd", target_os = "openbsd"))'.dependencies]
nix = { version = "0.27", features = ["ioctl"] }
# Just for the ioctl call macro
[target.'cfg(any(target_os = "macos", target_os = "ios", target_os = "freebsd", target_os = "openbsd"))'.dependencies]
nix = { version = "0.29", features = ["ioctl"] }
131 changes: 105 additions & 26 deletions tproxy_tokio/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,32 +17,38 @@ pub enum RedirType {
/// For not supported platforms
NotSupported,

/// For Linux-like systems' Netfilter `REDIRECT`. Only for TCP connections.
/// This is supported from Linux 2.4 Kernel. Document: <https://www.netfilter.org/documentation/index.html#documentation-howto>
/// NOTE: Filter rule `REDIRECT` can only be applied to TCP connections.
/// For Linux-like systems' Netfilter `REDIRECT`. Only for TCP connections.
///
/// This is supported from Linux 2.4 Kernel. Document: <https://www.netfilter.org/documentation/index.html#documentation-howto>
///
/// NOTE: Filter rule `REDIRECT` can only be applied to TCP connections.
#[cfg(any(target_os = "linux", target_os = "android"))]
Redirect,

/// For Linux-like systems' Netfilter TPROXY rule.
/// NOTE: Filter rule `TPROXY` can be applied to TCP and UDP connections.
/// For Linux-like systems' Netfilter TPROXY rule.
///
/// NOTE: Filter rule `TPROXY` can be applied to TCP and UDP connections.
#[cfg(any(target_os = "linux", target_os = "android"))]
TProxy,

/// Packet Filter (pf)
/// Supported by OpenBSD 3.0+, FreeBSD 5.3+, NetBSD 3.0+, Solaris 11.3+, macOS 10.7+, iOS, QNX
/// Document: <https://www.freebsd.org/doc/handbook/firewalls-pf.html>
/// Packet Filter (pf)
///
/// Supported by OpenBSD 3.0+, FreeBSD 5.3+, NetBSD 3.0+, Solaris 11.3+, macOS 10.7+, iOS, QNX
///
/// Document: <https://www.freebsd.org/doc/handbook/firewalls-pf.html>
#[cfg(any(
target_os = "openbsd",
target_os = "freebsd",
target_os = "netbsd",
target_os = "openbsd",
target_os = "macos",
target_os = "ios"
))]
PacketFilter,

/// IPFW
/// Supported by FreeBSD, macOS 10.6- (Have been removed completely on macOS 10.10)
/// Document: https://www.freebsd.org/doc/handbook/firewalls-ipfw.html
/// IPFW
///
/// Supported by FreeBSD, macOS 10.6- (Have been removed completely on macOS 10.10)
///
/// Document: https://www.freebsd.org/doc/handbook/firewalls-ipfw.html
#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios"))]
IpFirewall,
}
Expand All @@ -56,46 +62,127 @@ impl RedirType {
}

/// Available TCP transparent proxy types
#[doc(hidden)]
pub fn tcp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::Redirect.name(), RedirType::TProxy.name()];
AVAILABLE_TYPES
}
} else if #[cfg(any(target_os = "openbsd", target_os = "freebsd"))] {

/// Default UDP transparent proxy solution on this platform
pub const fn udp_default() -> RedirType {
RedirType::TProxy
}

/// Available UDP transparent proxy types
#[doc(hidden)]
pub fn udp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::TProxy.name()];
AVAILABLE_TYPES
}
} else if #[cfg(any(target_os = "freebsd"))] {
/// Default TCP transparent proxy solution on this platform
pub fn tcp_default() -> RedirType {
RedirType::PacketFilter
}

/// Available TCP transparent proxy types
#[doc(hidden)]
pub fn tcp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::PacketFilter.name(), RedirType::IpFirewall.name()];
AVAILABLE_TYPES
}
} else if #[cfg(any(target_os = "netbsd", target_os = "macos", target_os = "ios"))] {

/// Default UDP transparent proxy solution on this platform
pub fn udp_default() -> RedirType {
RedirType::PacketFilter
}

/// Available UDP transparent proxy types
#[doc(hidden)]
pub const fn udp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::PacketFilter.name(), RedirType::IpFirewall.name()];
AVAILABLE_TYPES
}
} else if #[cfg(target_os = "openbsd")] {
/// Default TCP transparent proxy solution on this platform
pub fn tcp_default() -> RedirType {
RedirType::PacketFilter
}

/// Available TCP transparent proxy types
#[doc(hidden)]
pub fn tcp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::PacketFilter.name()];
AVAILABLE_TYPES
}

/// Default UDP transparent proxy solution on this platform
pub fn udp_default() -> RedirType {
RedirType::PacketFilter
}

/// Available UDP transparent proxy types
#[doc(hidden)]
pub const fn udp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::PacketFilter.name()];
AVAILABLE_TYPES
}
} else if #[cfg(any(target_os = "macos", target_os = "ios"))] {
/// Default TCP transparent proxy solution on this platform
pub fn tcp_default() -> RedirType {
RedirType::PacketFilter
}

/// Available TCP transparent proxy types
#[doc(hidden)]
pub const fn tcp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::PacketFilter.name(), RedirType::IpFirewall.name()];
AVAILABLE_TYPES
}

/// Default UDP transparent proxy solution on this platform
pub fn udp_default() -> RedirType {
RedirType::PacketFilter
}

/// Available UDP transparent proxy types
#[doc(hidden)]
pub const fn udp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[RedirType::PacketFilter.name()];
AVAILABLE_TYPES
}
} else {
/// Default TCP transparent proxy solution on this platform
pub fn tcp_default() -> RedirType {
RedirType::NotSupported
}

/// Available TCP transparent proxy types
#[doc(hidden)]
pub const fn tcp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[];
AVAILABLE_TYPES
}

/// Default UDP transparent proxy solution on this platform
pub fn udp_default() -> RedirType {
RedirType::NotSupported
}

/// Available UDP transparent proxy types
#[doc(hidden)]
pub const fn udp_available_types() -> &'static [&'static str] {
const AVAILABLE_TYPES: &[&str] = &[];
AVAILABLE_TYPES
}
}
}

/// Check if transparent proxy is supported on this platform
pub fn is_supported(self) -> bool {
self != RedirType::NotSupported
}

/// Name of redirect type (transparent proxy type)
pub const fn name(self) -> &'static str {
match self {
Expand All @@ -109,9 +196,8 @@ impl RedirType {
RedirType::TProxy => "tproxy",

#[cfg(any(
target_os = "openbsd",
target_os = "freebsd",
target_os = "netbsd",
target_os = "openbsd",
target_os = "macos",
target_os = "ios"
))]
Expand Down Expand Up @@ -153,21 +239,14 @@ impl FromStr for RedirType {
"tproxy" => Ok(RedirType::TProxy),

#[cfg(any(
target_os = "openbsd",
target_os = "freebsd",
target_os = "netbsd",
target_os = "solaris",
target_os = "openbsd",
target_os = "macos",
target_os = "ios",
))]
"pf" => Ok(RedirType::PacketFilter),

#[cfg(any(
target_os = "freebsd",
target_os = "macos",
target_os = "ios",
target_os = "dragonfly"
))]
#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios",))]
"ipfw" => Ok(RedirType::IpFirewall),

_ => Err(InvalidRedirType),
Expand Down
35 changes: 15 additions & 20 deletions tproxy_tokio/src/tcp/bsd/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,25 +13,24 @@ use socket2::Protocol;

#[async_trait]
impl TcpListenerRedirExt for TcpListener {
async fn bind_redir(ty: RedirType, addr: SocketAddr) -> Result<TcpListener, Error> {
async fn bind_redir(ty: RedirType, addr: SocketAddr) -> io::Result<TcpListener> {
match ty {
#[cfg(any(
target_os = "openbsd",
target_os = "freebsd",
target_os = "netbsd",
target_os = "openbsd",
target_os = "macos",
target_os = "ios",
target_os = "ios"
))]
RedirType::PacketFilter => {}

#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios",))]
#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios"))]
RedirType::IpFirewall => {}

_ => {
return Err(Error::new(
ErrorKind::InvalidInput,
"not supported tcp transparent proxy type",
))
));
}
}

Expand All @@ -45,30 +44,26 @@ impl TcpListenerRedirExt for TcpListener {
impl TcpStreamRedirExt for TcpStream {
fn destination_addr(&self, ty: RedirType) -> io::Result<SocketAddr> {
match ty {
#[cfg(any(
target_os = "openbsd",
target_os = "freebsd",
target_os = "netbsd",
target_os = "macos",
target_os = "ios",
))]
RedirType::Redirect => {
#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios"))]
RedirType::PacketFilter => {
let peer_addr = self.peer_addr()?;
let bind_addr = self.local_addr()?;

pf::PF.natlook(&bind_addr, &peer_addr, Protocol::TCP)
}

#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios",))]
#[cfg(target_os = "openbsd")]
// in OpenBSD, we can get TCP destination address with getsockname()
RedirType::PacketFilter => self.local_addr(),
#[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios"))]
RedirType::IpFirewall => {
// ## IPFW
//
// For IPFW, uses getsockname() to retrieve destination address
//
// FreeBSD: https://www.freebsd.org/doc/handbook/firewalls-ipfw.html
self.local_addr()
}
_ => Err(Error::new(
ErrorKind::InvalidInput,
"not supported tcp transparent proxy type",
)),
_ => unreachable!("not supported tcp transparent proxy type"),
}
}
}
Loading

0 comments on commit 1e36869

Please sign in to comment.