diff --git a/app/client.example.yaml b/app/client.example.yaml index 73638e1..86fdf92 100644 --- a/app/client.example.yaml +++ b/app/client.example.yaml @@ -1,11 +1,11 @@ server: example.com -# sni: other.example.com auth: "hello world" # tls: +# sni: another.example.com # insecure: false -# ca: "custom.ca" +# ca: custom_ca.crt # quic: # initStreamReceiveWindow: 8388608 diff --git a/app/cmd/client.go b/app/cmd/client.go index c917d24..5dcdaea 100644 --- a/app/cmd/client.go +++ b/app/cmd/client.go @@ -73,17 +73,13 @@ func viperToClientConfig() (*client.Config, error) { if addrStr == "" { return nil, configError{Field: "server", Err: errors.New("server address is empty")} } - addrStr = completeServerAddrString(addrStr) - addr, err := net.ResolveUDPAddr("udp", addrStr) + host, hostPort := parseServerAddrString(addrStr) + addr, err := net.ResolveUDPAddr("udp", hostPort) if err != nil { return nil, configError{Field: "server", Err: err} } - sni := viper.GetString("sni") - if sni == "" { - sni = addrStr - } // TLS - tlsConfig, err := viperToClientTLSConfig() + tlsConfig, err := viperToClientTLSConfig(host) if err != nil { return nil, err } @@ -97,7 +93,6 @@ func viperToClientConfig() (*client.Config, error) { return &client.Config{ ConnFactory: nil, // TODO ServerAddr: addr, - ServerName: sni, Auth: viper.GetString("auth"), TLSConfig: tlsConfig, QUICConfig: quicConfig, @@ -106,10 +101,15 @@ func viperToClientConfig() (*client.Config, error) { }, nil } -func viperToClientTLSConfig() (client.TLSConfig, error) { +func viperToClientTLSConfig(host string) (client.TLSConfig, error) { config := client.TLSConfig{ + ServerName: viper.GetString("tls.sni"), InsecureSkipVerify: viper.GetBool("tls.insecure"), } + if config.ServerName == "" { + // The user didn't specify a server name, fallback to the host part of the server address + config.ServerName = host + } caPath := viper.GetString("tls.ca") if caPath != "" { ca, err := os.ReadFile(caPath) @@ -181,12 +181,13 @@ func clientSOCKS5(v *viper.Viper, c client.Client) error { return s.Serve(l) } -func completeServerAddrString(addrStr string) string { - if _, _, err := net.SplitHostPort(addrStr); err != nil { +func parseServerAddrString(addrStr string) (host, hostPort string) { + h, _, err := net.SplitHostPort(addrStr) + if err != nil { // No port provided, use default HTTPS port - return net.JoinHostPort(addrStr, "443") + return addrStr, net.JoinHostPort(addrStr, "443") } - return addrStr + return h, addrStr } type socks5Logger struct{} diff --git a/app/go.mod b/app/go.mod index 1e03b8a..c131c0e 100644 --- a/app/go.mod +++ b/app/go.mod @@ -51,7 +51,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect ) -replace github.com/quic-go/quic-go => github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473 +replace github.com/quic-go/quic-go => github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77 replace github.com/apernet/hysteria/core => ../core diff --git a/app/go.sum b/app/go.sum index 8b11518..f0836bd 100644 --- a/app/go.sum +++ b/app/go.sum @@ -38,8 +38,8 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473 h1:3KFetJ/lUFn0m9xTFg+rMmz2nyHg+D2boJX0Rp4OF6c= -github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77 h1:rjs1mhuPqbw+oQEr+ZEEurhZ251Q3CQeltFlAg4KRwI= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/caddyserver/certmagic v0.17.2 h1:o30seC1T/dBqBCNNGNHWwj2i5/I/FMjBbTAhjADP3nE= diff --git a/core/client/client.go b/core/client/client.go index 4b69bd7..26336f2 100644 --- a/core/client/client.go +++ b/core/client/client.go @@ -136,6 +136,7 @@ func (c *clientImpl) connect() (quic.Connection, func(), error) { } // Convert config to TLS config & QUIC config tlsConfig := &tls.Config{ + ServerName: c.config.TLSConfig.ServerName, InsecureSkipVerify: c.config.TLSConfig.InsecureSkipVerify, RootCAs: c.config.TLSConfig.RootCAs, } @@ -156,7 +157,7 @@ func (c *clientImpl) connect() (quic.Connection, func(), error) { TLSClientConfig: tlsConfig, QuicConfig: quicConfig, Dial: func(ctx context.Context, _ string, tlsCfg *tls.Config, cfg *quic.Config) (quic.EarlyConnection, error) { - qc, err := quic.DialEarlyContext(ctx, pktConn, c.config.ServerAddr, c.config.ServerName, tlsCfg, cfg) + qc, err := quic.DialEarly(ctx, pktConn, c.config.ServerAddr, tlsCfg, cfg) if err != nil { return nil, err } diff --git a/core/client/config.go b/core/client/config.go index efe4e5d..2fad846 100644 --- a/core/client/config.go +++ b/core/client/config.go @@ -19,7 +19,6 @@ const ( type Config struct { ConnFactory ConnFactory ServerAddr net.Addr - ServerName string // host or host:port Auth string TLSConfig TLSConfig QUICConfig QUICConfig @@ -36,9 +35,6 @@ func (c *Config) fill() error { if c.ServerAddr == nil { return errors.ConfigError{Field: "ServerAddr", Reason: "must be set"} } - if c.ServerName == "" { - return errors.ConfigError{Field: "ServerName", Reason: "must be set"} - } if c.QUICConfig.InitialStreamReceiveWindow == 0 { c.QUICConfig.InitialStreamReceiveWindow = defaultStreamReceiveWindow } else if c.QUICConfig.InitialStreamReceiveWindow < 16384 { @@ -85,6 +81,7 @@ func (f *udpConnFactory) New(addr net.Addr) (net.PacketConn, error) { // TLSConfig contains the TLS configuration fields that we want to expose to the user. type TLSConfig struct { + ServerName string InsecureSkipVerify bool RootCAs *x509.CertPool } diff --git a/core/go.mod b/core/go.mod index 0a16cfb..6e9fed9 100644 --- a/core/go.mod +++ b/core/go.mod @@ -27,4 +27,4 @@ require ( google.golang.org/protobuf v1.28.1 // indirect ) -replace github.com/quic-go/quic-go => github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473 +replace github.com/quic-go/quic-go => github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77 diff --git a/core/go.sum b/core/go.sum index 7339984..1654e92 100644 --- a/core/go.sum +++ b/core/go.sum @@ -1,5 +1,5 @@ -github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473 h1:3KFetJ/lUFn0m9xTFg+rMmz2nyHg+D2boJX0Rp4OF6c= -github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77 h1:rjs1mhuPqbw+oQEr+ZEEurhZ251Q3CQeltFlAg4KRwI= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= diff --git a/core/internal/integration_tests/close_test.go b/core/internal/integration_tests/close_test.go index a0a0008..bd1a23e 100644 --- a/core/internal/integration_tests/close_test.go +++ b/core/internal/integration_tests/close_test.go @@ -37,7 +37,6 @@ func TestClientServerTCPClose(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) @@ -161,7 +160,6 @@ func TestClientServerUDPClose(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) diff --git a/core/internal/integration_tests/masq_test.go b/core/internal/integration_tests/masq_test.go index 4d23dfb..b665414 100644 --- a/core/internal/integration_tests/masq_test.go +++ b/core/internal/integration_tests/masq_test.go @@ -49,7 +49,7 @@ func TestServerMasquerade(t *testing.T) { InsecureSkipVerify: true, }, Dial: func(ctx context.Context, _ string, tlsCfg *tls.Config, cfg *quic.Config) (quic.EarlyConnection, error) { - qc, err := quic.DialAddrEarlyContext(ctx, udpAddr.String(), tlsCfg, cfg) + qc, err := quic.DialAddrEarly(ctx, udpAddr.String(), tlsCfg, cfg) if err != nil { return nil, err } diff --git a/core/internal/integration_tests/smoke_test.go b/core/internal/integration_tests/smoke_test.go index b9c4e62..b5cefb1 100644 --- a/core/internal/integration_tests/smoke_test.go +++ b/core/internal/integration_tests/smoke_test.go @@ -19,7 +19,6 @@ func TestClientNoServer(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 14514}, - ServerName: "not_a_real_server", }) if err != nil { t.Fatal("error creating client:", err) @@ -68,7 +67,6 @@ func TestClientServerBadAuth(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "wrong password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) @@ -127,7 +125,6 @@ func TestClientServerTCPEcho(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) @@ -194,7 +191,6 @@ func TestClientServerUDPEcho(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) diff --git a/core/internal/integration_tests/stress_test.go b/core/internal/integration_tests/stress_test.go index b71ae2d..eebb5ee 100644 --- a/core/internal/integration_tests/stress_test.go +++ b/core/internal/integration_tests/stress_test.go @@ -163,7 +163,6 @@ func TestClientServerTCPStress(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) @@ -219,7 +218,6 @@ func TestClientServerUDPStress(t *testing.T) { // Create client c, err := client.NewClient(&client.Config{ ServerAddr: udpAddr, - ServerName: udpAddr.String(), Auth: "password", TLSConfig: client.TLSConfig{InsecureSkipVerify: true}, }) diff --git a/core/server/server.go b/core/server/server.go index e85195e..a3681ed 100644 --- a/core/server/server.go +++ b/core/server/server.go @@ -54,7 +54,7 @@ func NewServer(config *Config) (Server, error) { type serverImpl struct { config *Config - listener quic.Listener + listener *quic.Listener } func (s *serverImpl) Serve() error { diff --git a/extras/go.mod b/extras/go.mod index c841665..87d0d25 100644 --- a/extras/go.mod +++ b/extras/go.mod @@ -22,6 +22,6 @@ require ( golang.org/x/tools v0.3.0 // indirect ) -replace github.com/quic-go/quic-go => github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473 +replace github.com/quic-go/quic-go => github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77 replace github.com/apernet/hysteria/core => ../core diff --git a/extras/go.sum b/extras/go.sum index e61296f..b2bea35 100644 --- a/extras/go.sum +++ b/extras/go.sum @@ -1,5 +1,5 @@ -github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473 h1:3KFetJ/lUFn0m9xTFg+rMmz2nyHg+D2boJX0Rp4OF6c= -github.com/apernet/quic-go v0.34.1-0.20230507231629-ec008b7e8473/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77 h1:rjs1mhuPqbw+oQEr+ZEEurhZ251Q3CQeltFlAg4KRwI= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= diff --git a/go.work.sum b/go.work.sum index a8b39af..ec243d9 100644 --- a/go.work.sum +++ b/go.work.sum @@ -1,6 +1,4 @@ -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/apernet/quic-go v0.35.2-0.20230602223639-95e643736b77/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g= golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= @@ -8,5 +6,3 @@ golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=