Compare commits

..

No commits in common. "cde3ca15c21e8c44c82d3759b3b44a2283d3ca9c" and "36cd8ca3b2b2c34fc420151bfdab712206816c90" have entirely different histories.

10 changed files with 14 additions and 66 deletions

View File

@ -55,7 +55,7 @@ TPPORT_SOCKS=987
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list # <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_SOCKS_OPT=" TPWS_SOCKS_OPT="
--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=80 --methodeol <HOSTLIST> --new
--filter-tcp=443 --split-pos=1,midsld --disorder <HOSTLIST> --filter-tcp=443 --split-pos=midsld --disorder <HOSTLIST>
" "
TPWS_ENABLE=0 TPWS_ENABLE=0
@ -65,7 +65,7 @@ TPWS_PORTS=80,443
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list # <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
TPWS_OPT=" TPWS_OPT="
--filter-tcp=80 --methodeol <HOSTLIST> --new --filter-tcp=80 --methodeol <HOSTLIST> --new
--filter-tcp=443 --split-pos=1,midsld --disorder <HOSTLIST> --filter-tcp=443 --split-pos=midsld --disorder <HOSTLIST>
" "
NFQWS_ENABLE=0 NFQWS_ENABLE=0
@ -90,7 +90,7 @@ NFQWS_UDP_PKT_IN=0
# <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list # <HOSTLIST_NOAUTO> appends ipset/zapret-hosts-auto.txt as normal list
NFQWS_OPT=" NFQWS_OPT="
--filter-tcp=80 --dpi-desync=fake,multisplit --dpi-desync-split-pos=method+2 --dpi-desync-fooling=md5sig <HOSTLIST> --new --filter-tcp=80 --dpi-desync=fake,multisplit --dpi-desync-split-pos=method+2 --dpi-desync-fooling=md5sig <HOSTLIST> --new
--filter-tcp=443 --dpi-desync=fake,multidisorder --dpi-desync-split-pos=1,midsld --dpi-desync-fooling=badseq,md5sig <HOSTLIST> --new --filter-tcp=443 --dpi-desync=fake,multidisorder --dpi-desync-split-pos=midsld --dpi-desync-fooling=md5sig <HOSTLIST> --new
--filter-udp=443 --dpi-desync=fake --dpi-desync-repeats=6 <HOSTLIST_NOAUTO> --filter-udp=443 --dpi-desync=fake --dpi-desync-repeats=6 <HOSTLIST_NOAUTO>
" "

View File

@ -367,14 +367,14 @@ void fill_random_az09(uint8_t *p,size_t sz)
} }
} }
bool set_env_exedir(const char *argv0) bool cd_to_exe_dir(const char *argv0)
{ {
char *s,*d; char *s,*d;
bool bOK=false; bool bOK=false;
if ((s = strdup(argv0))) if ((s = strdup(argv0)))
{ {
if ((d = dirname(s))) if ((d = dirname(s)))
setenv("EXEDIR",s,1); bOK = !chdir(d);
free(s); free(s);
} }
return bOK; return bOK;

View File

@ -75,7 +75,7 @@ void fill_random_bytes(uint8_t *p,size_t sz);
void fill_random_az(uint8_t *p,size_t sz); void fill_random_az(uint8_t *p,size_t sz);
void fill_random_az09(uint8_t *p,size_t sz); void fill_random_az09(uint8_t *p,size_t sz);
bool set_env_exedir(const char *argv0); bool cd_to_exe_dir(const char *argv0);
struct cidr4 struct cidr4

View File

@ -1050,7 +1050,7 @@ static void exithelp(void)
" --dpi-desync-autottl6=[<delta>[:<min>[-<max>]]] ; overrides --dpi-desync-autottl for ipv6 only\n" " --dpi-desync-autottl6=[<delta>[:<min>[-<max>]]] ; overrides --dpi-desync-autottl for ipv6 only\n"
" --dpi-desync-fooling=<mode>[,<mode>]\t\t; can use multiple comma separated values. modes : none md5sig ts badseq badsum datanoack hopbyhop hopbyhop2\n" " --dpi-desync-fooling=<mode>[,<mode>]\t\t; can use multiple comma separated values. modes : none md5sig ts badseq badsum datanoack hopbyhop hopbyhop2\n"
" --dpi-desync-repeats=<N>\t\t\t; send every desync packet N times\n" " --dpi-desync-repeats=<N>\t\t\t; send every desync packet N times\n"
" --dpi-desync-skip-nosni=0|1\t\t\t; 1(default)=do not act on ClientHello without SNI\n" " --dpi-desync-skip-nosni=0|1\t\t\t; 1(default)=do not act on ClientHello without SNI (ESNI ?)\n"
" --dpi-desync-split-pos=N|-N|marker+N|marker-N\t; comma separated list of split positions\n" " --dpi-desync-split-pos=N|-N|marker+N|marker-N\t; comma separated list of split positions\n"
"\t\t\t\t\t\t; markers: method,host,endhost,sld,endsld,midsld,sniext\n" "\t\t\t\t\t\t; markers: method,host,endhost,sld,endsld,midsld,sniext\n"
"\t\t\t\t\t\t; full list is only used by multisplit and multidisorder\n" "\t\t\t\t\t\t; full list is only used by multisplit and multidisorder\n"
@ -1122,8 +1122,6 @@ void config_from_file(const char *filename)
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
set_env_exedir(argv[0]);
#ifdef __CYGWIN__ #ifdef __CYGWIN__
if (service_run(argc, argv)) if (service_run(argc, argv))
{ {

View File

@ -10,7 +10,6 @@
#include <ifaddrs.h> #include <ifaddrs.h>
#include <time.h> #include <time.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <libgen.h>
#include "helpers.h" #include "helpers.h"
@ -350,20 +349,6 @@ bool pf_is_empty(const port_filter *pf)
} }
bool set_env_exedir(const char *argv0)
{
char *s,*d;
bool bOK=false;
if ((s = strdup(argv0)))
{
if ((d = dirname(s)))
setenv("EXEDIR",s,1);
free(s);
}
return bOK;
}
static void mask_from_preflen6_make(uint8_t plen, struct in6_addr *a) static void mask_from_preflen6_make(uint8_t plen, struct in6_addr *a)
{ {
if (plen >= 128) if (plen >= 128)

View File

@ -73,8 +73,6 @@ bool pf_in_range(uint16_t port, const port_filter *pf);
bool pf_parse(const char *s, port_filter *pf); bool pf_parse(const char *s, port_filter *pf);
bool pf_is_empty(const port_filter *pf); bool pf_is_empty(const port_filter *pf);
bool set_env_exedir(const char *argv0);
#ifndef IN_LOOPBACK #ifndef IN_LOOPBACK
#define IN_LOOPBACK(a) ((((uint32_t) (a)) & 0xff000000) == 0x7f000000) #define IN_LOOPBACK(a) ((((uint32_t) (a)) & 0xff000000) == 0x7f000000)
#endif #endif

View File

@ -8,13 +8,6 @@
#include "protocol.h" #include "protocol.h"
#include "helpers.h" #include "helpers.h"
#define PKTDATA_MAXDUMP 32
void packet_debug(const uint8_t *data, size_t sz)
{
hexdump_limited_dlog(data, sz, PKTDATA_MAXDUMP); VPRINT("\n");
}
static bool dp_match(struct desync_profile *dp, const struct sockaddr *dest, const char *hostname, t_l7proto l7proto) static bool dp_match(struct desync_profile *dp, const struct sockaddr *dest, const char *hostname, t_l7proto l7proto)
{ {
bool bHostlistsEmpty; bool bHostlistsEmpty;
@ -334,7 +327,6 @@ void tamper_out(t_ctrack *ctrack, const struct sockaddr *dest, uint8_t *segment,
if (l>=2) if (l>=2)
{ {
int i; int i;
size_t dlen;
// length is checked in IsTLSClientHello and cannot exceed buffer size // length is checked in IsTLSClientHello and cannot exceed buffer size
if ((tpos-5)>=l) tpos=5+1; if ((tpos-5)>=l) tpos=5+1;
VPRINT("making 2 TLS records at pos %zu\n",tpos); VPRINT("making 2 TLS records at pos %zu\n",tpos);
@ -345,11 +337,6 @@ void tamper_out(t_ctrack *ctrack, const struct sockaddr *dest, uint8_t *segment,
phton16(segment+tpos+3,l-(tpos-5)); phton16(segment+tpos+3,l-(tpos-5));
phton16(segment+3,tpos-5); phton16(segment+3,tpos-5);
*size += 5; *size += 5;
VPRINT("-2nd TLS record: ");
dlen = tpos<16 ? tpos : 16;
packet_debug(segment+tpos-dlen,dlen);
VPRINT("+2nd TLS record: ");
packet_debug(segment+tpos,*size-tpos);
// fix split positions after tlsrec. increase split pos by tlsrec header size (5 bytes) // fix split positions after tlsrec. increase split pos by tlsrec header size (5 bytes)
if (multisplit_pos) if (multisplit_pos)
for(i=0;i<*multisplit_count;i++) for(i=0;i<*multisplit_count;i++)

View File

@ -28,5 +28,3 @@ void tamper_in(t_ctrack *ctrack, const struct sockaddr *client, uint8_t *segment
void rst_in(t_ctrack *ctrack, const struct sockaddr *client); void rst_in(t_ctrack *ctrack, const struct sockaddr *client);
// local leg closed connection (timeout waiting response ?) // local leg closed connection (timeout waiting response ?)
void hup_out(t_ctrack *ctrack, const struct sockaddr *client); void hup_out(t_ctrack *ctrack, const struct sockaddr *client);
void packet_debug(const uint8_t *data, size_t sz);

View File

@ -499,16 +499,6 @@ void config_from_file(const char *filename)
} }
#endif #endif
#ifndef __linux__
static bool check_oob_disorder(const struct desync_profile *dp)
{
return !(
dp->oob && (dp->disorder || dp->disorder_http || dp->disorder_tls) ||
dp->oob_http && (dp->disorder || dp->disorder_http) ||
dp->oob_tls && (dp->disorder || dp->disorder_tls));
}
#endif
void parse_params(int argc, char *argv[]) void parse_params(int argc, char *argv[])
{ {
int option_index = 0; int option_index = 0;
@ -850,13 +840,6 @@ void parse_params(int argc, char *argv[])
} }
else else
dp->disorder = true; dp->disorder = true;
#ifndef __linux__
if (!check_oob_disorder(dp))
{
DLOG_ERR("--oob and --disorder work simultaneously only in linux. in this system it's guaranteed to fail.\n");
exit_clean(1);
}
#endif
break; break;
case 28: /* oob */ case 28: /* oob */
if (optarg) if (optarg)
@ -871,13 +854,6 @@ void parse_params(int argc, char *argv[])
} }
else else
dp->oob = true; dp->oob = true;
#ifndef __linux__
if (!check_oob_disorder(dp))
{
DLOG_ERR("--oob and --disorder work simultaneously only in linux. in this system it's guaranteed to fail.\n");
exit_clean(1);
}
#endif
break; break;
case 29: /* oob-data */ case 29: /* oob-data */
{ {
@ -1447,7 +1423,6 @@ int main(int argc, char *argv[])
struct salisten_s list[MAX_BINDS]; struct salisten_s list[MAX_BINDS];
char ip_port[48]; char ip_port[48];
set_env_exedir(argv[0]);
srand(time(NULL)); srand(time(NULL));
mask_from_preflen6_prepare(); mask_from_preflen6_prepare();

View File

@ -24,6 +24,8 @@
#include "helpers.h" #include "helpers.h"
#include "hostlist.h" #include "hostlist.h"
#define PKTDATA_MAXDUMP 32
// keep separate legs counter. counting every time thousands of legs can consume cpu // keep separate legs counter. counting every time thousands of legs can consume cpu
static int legs_local, legs_remote; static int legs_local, legs_remote;
/* /*
@ -91,6 +93,11 @@ static bool socks_send_rep_errno(uint8_t ver, int fd, int errn)
return ver==5 ? socks5_send_rep_errno(fd,errn) : socks4_send_rep_errno(fd, errn); return ver==5 ? socks5_send_rep_errno(fd,errn) : socks4_send_rep_errno(fd, errn);
} }
static void packet_debug(const uint8_t *data, size_t sz)
{
hexdump_limited_dlog(data, sz, PKTDATA_MAXDUMP); VPRINT("\n");
}
static bool cork(int fd, int enable) static bool cork(int fd, int enable)
{ {