rebase onto new master layout

refraction-networking · Jul 11, 2023 · 3ed7fe2 · 3ed7fe2
1 parent 64114eb
commit 3ed7fe2
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 135 deletions.
diff --git a/docker/README.md b/docker/README.md
@@ -154,7 +154,7 @@ CJ_IP4_ADDR=127.0.0.1
 CJ_IP6_ADDR=[::1]
 
 # application
-CJ_STATION_CONFIG=/var/lib/conjure/application_config.toml
+CJ_STATION_CONFIG=/var/lib/conjure/app_config.toml
 PHANTOM_SUBNET_LOCATION=/var/lib/conjure/phantom_subnets.toml
 
 # registration server
@@ -269,4 +269,4 @@ For detailed and up-to-date installation instructions refer to official ntop doc
 
 - Encountered err when creating Reg: Failed to select phantom IP address: generation number not recognized
   - Make sure conjure/docker/phantom_subnets.toml contains the client's generations
-  - Can be caused by clients using API trying to connect, since API is enabled by default. Can be disabled by removing `[[connect_sockets]]` entry for the API from `conjure/application/config.toml`
+  - Can be caused by clients using API trying to connect, since API is enabled by default. Can be disabled by removing `[[connect_sockets]]` entry for the API from `cmd/application/app_config.toml`
diff --git a/go.mod b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/pelletier/go-toml v1.9.5
 	github.com/pion/stun v0.3.5
 	github.com/refraction-networking/gotapdance v1.5.5
-	github.com/refraction-networking/utls v1.2.0
+	github.com/refraction-networking/utls v1.3.2
 	github.com/sirupsen/logrus v1.9.0
 	github.com/stretchr/testify v1.8.1
 	gitlab.com/yawning/obfs4.git v0.0.0-20230519154740-645026c2ada4
@@ -31,13 +31,15 @@ require (
 
 require (
 	filippo.io/edwards25519 v1.0.0 // indirect
-	github.com/andybalholm/brotli v1.0.4 // indirect
+	github.com/andybalholm/brotli v1.0.5 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dchest/siphash v1.2.3 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
+	github.com/flynn/noise v1.0.0 // indirect
+	github.com/gaukas/godicttls v0.0.3 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/klauspost/compress v1.15.12 // indirect
+	github.com/klauspost/compress v1.16.5 // indirect
 	github.com/oschwald/maxminddb-golang v1.10.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/sergeyfrolov/bsbuffer v0.0.0-20180903213811-94e85abb8507 // indirect

diff --git a/go.sum b/go.sum
diff --git a/pkg/transports/wrapping/min/client.go b/pkg/transports/wrapping/min/client.go
@@ -22,6 +22,10 @@ type ClientTransport struct {
 	connectTag []byte
 }
 
+const (
+	HMACString = "MinTrasportHMACString"
+)
+
 // Name returns a string identifier for the Transport for logging
 func (*ClientTransport) Name() string {
 	return "min"
@@ -92,6 +96,6 @@ func (t *ClientTransport) WrapConn(conn net.Conn) (net.Conn, error) {
 // as well as bytes from the deterministic random generator associated with the registration
 // that this ClientTransport is attached t
 func (t *ClientTransport) PrepareKeys(pubkey [32]byte, sharedSecret []byte, dRand io.Reader) error {
-	t.connectTag = core.ConjureHMAC(sharedSecret, hmacString)
+	t.connectTag = core.ConjureHMAC(sharedSecret, HMACString)
 	return nil
 }
diff --git a/...cation/transports/wrapping/utls/client.go → pkg/transports/wrapping/utls/client.go b/...cation/transports/wrapping/utls/client.go → pkg/transports/wrapping/utls/client.go
@@ -3,8 +3,8 @@ package utls
 import (
 	"fmt"
 
-	"github.com/refraction-networking/conjure/application/transports"
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	"github.com/refraction-networking/conjure/pkg/transports"
+	pb "github.com/refraction-networking/conjure/proto"
 	"google.golang.org/protobuf/proto"
 )
 

diff --git a/application/transports/wrapping/utls/utls.go → pkg/transports/wrapping/utls/utls.go b/application/transports/wrapping/utls/utls.go → pkg/transports/wrapping/utls/utls.go
@@ -10,9 +10,10 @@ import (
 	"net"
 	"regexp"
 
-	dd "github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/transports"
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	"github.com/refraction-networking/conjure/pkg/core"
+	dd "github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/transports"
+	pb "github.com/refraction-networking/conjure/proto"
 	tls "github.com/refraction-networking/utls"
 	"google.golang.org/protobuf/proto"
 	"google.golang.org/protobuf/types/known/anypb"
@@ -58,7 +59,7 @@ func (Transport) LogPrefix() string { return "UTLS" }
 // identifier should be unique for each registration on a given phantom;
 // registrations on different phantoms can have the same identifier.
 func (Transport) GetIdentifier(d *dd.DecoyRegistration) string {
-	return string(d.Keys.ConjureHMAC(hmacString))
+	return string(core.ConjureHMAC(d.Keys.SharedSecret, hmacString))
 }
 
 // GetProto returns the next layer protocol that the transport uses. Implements

diff --git a/...ion/transports/wrapping/utls/utls_test.go → pkg/transports/wrapping/utls/utls_test.go b/...ion/transports/wrapping/utls/utls_test.go → pkg/transports/wrapping/utls/utls_test.go
@@ -21,10 +21,11 @@ import (
 	"github.com/stretchr/testify/require"
 	"google.golang.org/protobuf/types/known/anypb"
 
-	cj "github.com/refraction-networking/conjure/application/lib"
-	"github.com/refraction-networking/conjure/application/transports"
-	"github.com/refraction-networking/conjure/application/transports/wrapping/internal/tests"
-	pb "github.com/refraction-networking/gotapdance/protobuf"
+	"github.com/refraction-networking/conjure/pkg/core"
+	cj "github.com/refraction-networking/conjure/pkg/station/lib"
+	"github.com/refraction-networking/conjure/pkg/transports"
+	"github.com/refraction-networking/conjure/pkg/transports/wrapping/internal/tests"
+	pb "github.com/refraction-networking/conjure/proto"
 	tls "github.com/refraction-networking/utls"
 )
 
@@ -34,7 +35,7 @@ func connect(conn net.Conn, reg *cj.DecoyRegistration) (net.Conn, error) {
 	config := tls.Config{ServerName: "", InsecureSkipVerify: true}
 
 	uTLSConn := tls.UClient(conn, &config, helloID)
-	hmacID := reg.Keys.ConjureHMAC(hmacString)
+	hmacID := core.ConjureHMAC(reg.Keys.SharedSecret, hmacString)
 
 	newRand := make([]byte, 32)
 	_, err := rand.Read(newRand)
@@ -97,7 +98,7 @@ func TestByteRegex(t *testing.T) {
 }
 
 func TestSuccessfulWrap(t *testing.T) {
-	testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/application/lib/test/phantom_subnets.toml"
+	testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/pkg/lib/test/phantom_subnets.toml"
 	os.Setenv("PHANTOM_SUBNET_LOCATION", testSubnetPath)
 
 	var transport Transport
@@ -156,7 +157,7 @@ func TestSuccessfulWrap(t *testing.T) {
 func TestUnsuccessfulWrap(t *testing.T) {
 	var transport Transport
 	manager := tests.SetupRegistrationManager(tests.Transport{Index: pb.TransportType_Prefix, Transport: transport})
-	c2p, sfp, reg := tests.SetupPhantomConnections(manager, pb.TransportType_Prefix)
+	c2p, sfp, reg := tests.SetupPhantomConnections(manager, pb.TransportType_Prefix, nil, randomizeDstPortMinVersion)
 	defer c2p.Close()
 	defer sfp.Close()
 
@@ -183,7 +184,7 @@ func TestTryAgain(t *testing.T) {
 	var transport Transport
 	var err error
 	manager := tests.SetupRegistrationManager(tests.Transport{Index: pb.TransportType_Prefix, Transport: transport})
-	c2p, sfp, reg := tests.SetupPhantomConnections(manager, pb.TransportType_Prefix)
+	c2p, sfp, reg := tests.SetupPhantomConnections(manager, pb.TransportType_Prefix, nil, randomizeDstPortMinVersion)
 	defer c2p.Close()
 	defer sfp.Close()
 
@@ -212,12 +213,12 @@ func TestTryAgain(t *testing.T) {
 }
 
 func TestSuccessfulWrapLargeMessage(t *testing.T) {
-	testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/application/lib/test/phantom_subnets.toml"
+	testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/pkg/lib/test/phantom_subnets.toml"
 	os.Setenv("PHANTOM_SUBNET_LOCATION", testSubnetPath)
 
 	var transport Transport
 	manager := tests.SetupRegistrationManager(tests.Transport{Index: pb.TransportType_Prefix, Transport: transport})
-	c2p, sfp, reg := tests.SetupPhantomConnections(manager, pb.TransportType_Prefix)
+	c2p, sfp, reg := tests.SetupPhantomConnections(manager, pb.TransportType_Prefix, nil, randomizeDstPortMinVersion)
 	defer c2p.Close()
 	defer sfp.Close()
 	require.NotNil(t, reg)
@@ -296,7 +297,7 @@ func TestTryParamsToDstPort(t *testing.T) {
 }
 
 func TestUtlsSessionResumption(t *testing.T) {
-	// testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/application/lib/test/phantom_subnets.toml"
+	// testSubnetPath := os.Getenv("GOPATH") + "/src/github.com/refraction-networking/conjure/pkg/lib/test/phantom_subnets.toml"
 	// os.Setenv("PHANTOM_SUBNET_LOCATION", testSubnetPath)
 
 	// var transport Transport