void/amneziawg-go
2
0
Fork 0
mirror of https://github.com/amnezia-vpn/amneziawg-go.git synced 2025-06-05 04:43:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

awg-2 working with identity generator

Browse source
This commit is contained in:
Mark Puha 2025-02-09 18:26:57 +01:00
parent f4bc11733d
commit 1e532c1e71
6 changed files with 54 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
adapter/lua.go
View file

@ -69,6 +69,7 @@ func (l *Lua) Parse(data []byte) ([]byte, error) {
result := l.state.ToBytes(-1) result := l.state.ToBytes(-1)
l.state.Pop(1) l.state.Pop(1)
// copy(data, result)
return result, nil return result, nil
} }

6
adapter/lua_test.go
View file

@ -13,11 +13,11 @@ func newLua() *Lua {
end end
function d_parse(data) function d_parse(data)
local header = "10header" local header = "1header"
return string.sub(data, #header+1) return string.sub(data, #header+1)
end end
*/ */
Base64LuaCode: "CmZ1bmN0aW9uIGRfZ2VuKG1zZ190eXBlLCBkYXRhLCBjb3VudGVyKQoJbG9jYWwgaGVhZGVyID0gImhlYWRlciIKCXJldHVybiBjb3VudGVyIC4uIGhlYWRlciAuLiBkYXRhCmVuZAoKZnVuY3Rpb24gZF9wYXJzZShkYXRhKQoJbG9jYWwgaGVhZGVyID0gIjEwaGVhZGVyIgoJcmV0dXJuIHN0cmluZy5zdWIoZGF0YSwgI2hlYWRlcisxKQplbmQK", Base64LuaCode: "CmZ1bmN0aW9uIGRfZ2VuKG1zZ190eXBlLCBkYXRhLCBjb3VudGVyKQoJbG9jYWwgaGVhZGVyID0gImhlYWRlciIKCXJldHVybiBjb3VudGVyIC4uIGhlYWRlciAuLiBkYXRhCmVuZAoKZnVuY3Rpb24gZF9wYXJzZShkYXRhKQoJbG9jYWwgaGVhZGVyID0gIjFoZWFkZXIiCglyZXR1cm4gc3RyaW5nLnN1YihkYXRhLCAjaGVhZGVyKzEpCmVuZAo=",
}) })
return lua return lua
} }
@ -47,7 +47,7 @@ func TestLua_Parse(t *testing.T) {
t.Run("", func(t *testing.T) { t.Run("", func(t *testing.T) {
l := newLua() l := newLua()
defer l.Close() defer l.Close()
got, err := l.Parse([]byte("10headertest")) got, err := l.Parse([]byte("1headertest"))
if err != nil { if err != nil {
t.Errorf("Lua.Parse() error = %v, wantErr %v", err, nil) t.Errorf("Lua.Parse() error = %v, wantErr %v", err, nil)
return return

14
device/device.go
View file

@ -92,7 +92,7 @@ type Device struct {
ipcMutex sync.RWMutex ipcMutex sync.RWMutex
closed chan struct{} closed chan struct{}
log *Logger log *Logger
awg awgType awg awgType
} }
@ -833,3 +833,15 @@ func (device *Device) handlePostConfig(tempAwgType *awgType) (err error) {
return err return err
} }
func (device *Device) codecPacket(msgType uint32, packet []byte) ([]byte, error) {
if device.awg.luaAdapter != nil {
var err error
packet, err = device.awg.luaAdapter.Generate(int64(msgType),packet)
if err != nil {
device.log.Errorf("%v - Failed to run codec generate: %v", device, err)
return nil, err
}
}
return packet, nil
}

9
device/device_test.go
View file

@ -107,6 +107,7 @@ func genASecurityConfigs(tb testing.TB) (cfgs, endpointCfgs [2]string) {
"private_key", hex.EncodeToString(key1[:]), "private_key", hex.EncodeToString(key1[:]),
"listen_port", "0", "listen_port", "0",
"replace_peers", "true", "replace_peers", "true",
"lua_codec", "CQkJZnVuY3Rpb24gZF9nZW4obXNnX3R5cGUsIGRhdGEsIGNvdW50ZXIpCgkJCQlyZXR1cm4gZGF0YQoJCQllbmQKCgkJCWZ1bmN0aW9uIGRfcGFyc2UoZGF0YSkKCQkJCXJldHVybiBkYXRhCgkJCWVuZAo=",
"jc", "5", "jc", "5",
"jmin", "500", "jmin", "500",
"jmax", "1000", "jmax", "1000",
@ -114,8 +115,8 @@ func genASecurityConfigs(tb testing.TB) (cfgs, endpointCfgs [2]string) {
"s2", "40", "s2", "40",
"h1", "123456", "h1", "123456",
"h2", "67543", "h2", "67543",
"h4", "32345",
"h3", "123123", "h3", "123123",
"h4", "32345",
"public_key", hex.EncodeToString(pub2[:]), "public_key", hex.EncodeToString(pub2[:]),
"protocol_version", "1", "protocol_version", "1",
"replace_allowed_ips", "true", "replace_allowed_ips", "true",
@ -129,6 +130,7 @@ func genASecurityConfigs(tb testing.TB) (cfgs, endpointCfgs [2]string) {
"private_key", hex.EncodeToString(key2[:]), "private_key", hex.EncodeToString(key2[:]),
"listen_port", "0", "listen_port", "0",
"replace_peers", "true", "replace_peers", "true",
"lua_codec", "CQkJZnVuY3Rpb24gZF9nZW4obXNnX3R5cGUsIGRhdGEsIGNvdW50ZXIpCgkJCQlyZXR1cm4gZGF0YQoJCQllbmQKCgkJCWZ1bmN0aW9uIGRfcGFyc2UoZGF0YSkKCQkJCXJldHVybiBkYXRhCgkJCWVuZAo=",
"jc", "5", "jc", "5",
"jmin", "500", "jmin", "500",
"jmax", "1000", "jmax", "1000",
@ -136,8 +138,8 @@ func genASecurityConfigs(tb testing.TB) (cfgs, endpointCfgs [2]string) {
"s2", "40", "s2", "40",
"h1", "123456", "h1", "123456",
"h2", "67543", "h2", "67543",
"h4", "32345",
"h3", "123123", "h3", "123123",
"h4", "32345",
"public_key", hex.EncodeToString(pub1[:]), "public_key", hex.EncodeToString(pub1[:]),
"protocol_version", "1", "protocol_version", "1",
"replace_allowed_ips", "true", "replace_allowed_ips", "true",
@ -192,6 +194,7 @@ func (pair *testPair) Send(
var err error var err error
select { select {
case msgRecv := <-p0.tun.Inbound: case msgRecv := <-p0.tun.Inbound:
fmt.Printf("len(%d) msg: %x\nlen(%d) rec: %x\n", len(msg), msg, len(msgRecv), msgRecv)
if !bytes.Equal(msg, msgRecv) { if !bytes.Equal(msg, msgRecv) {
err = fmt.Errorf("%s did not transit correctly", ping) err = fmt.Errorf("%s did not transit correctly", ping)
} }
@ -275,7 +278,7 @@ func TestTwoDevicePing(t *testing.T) {
} }
// Run test with -race=false to avoid the race for setting the default msgTypes 2 times // Run test with -race=false to avoid the race for setting the default msgTypes 2 times
func TestTwoDevicePingASecurity(t *testing.T) { func TestASecurityTwoDevicePing(t *testing.T) {
goroutineLeakCheck(t) goroutineLeakCheck(t)
pair := genTestPair(t, true, true) pair := genTestPair(t, true, true)
t.Run("ping 1.0.0.1", func(t *testing.T) { t.Run("ping 1.0.0.1", func(t *testing.T) {

29
device/receive.go
View file

@ -9,9 +9,11 @@ import (
"bytes" "bytes"
"encoding/binary" "encoding/binary"
"errors" "errors"
"fmt"
"net" "net"
"sync" "sync"
"time" "time"
"unsafe"
"github.com/amnezia-vpn/amneziawg-go/conn" "github.com/amnezia-vpn/amneziawg-go/conn"
"golang.org/x/crypto/chacha20poly1305" "golang.org/x/crypto/chacha20poly1305"
@ -138,8 +140,24 @@ func (device *Device) RoutineReceiveIncoming(
// check size of packet // check size of packet
packet := bufsArrs[i][:size] packet := bufsArrs[i][:size]
fmt.Printf("bufsArrs size: %d\n%.100x\n", size, bufsArrs[i])
fmt.Printf("packet before: %x\n", packet)
if device.awg.luaAdapter != nil { if device.awg.luaAdapter != nil {
packet, err = device.awg.luaAdapter.Parse(packet) ptr:= unsafe.Pointer(bufsArrs[i]) // Get pointer to the array
slicePtr:= (*byte)(ptr) // Type conversion to the array type
realPacket, err := device.awg.luaAdapter.Parse(packet)
// Copy data from newSlice to the memory pointed to by slicedPtr
newSliceLen:= len(realPacket)
for j:= 0; j < newSliceLen; j++ {
*(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(slicePtr)) + uintptr(j))) = realPacket[j]
}
fmt.Printf("packet after: %x\n", packet)
fmt.Printf("bufsArs after size: %d\n%.100x\n", size, bufsArrs[i])
// diff := size - len(packet)
// bufsArrs[i][:len(packet)] = bufsArrs[i][diff:len(packet)]
size = len(packet)
fmt.Println("after size: ", size)
if err != nil { if err != nil {
device.log.Verbosef("Couldn't parse message; reason: %v", err) device.log.Verbosef("Couldn't parse message; reason: %v", err)
continue continue
@ -151,7 +169,7 @@ func (device *Device) RoutineReceiveIncoming(
junkSize := msgTypeToJunkSize[assumedMsgType] junkSize := msgTypeToJunkSize[assumedMsgType]
// transport size can align with other header types; // transport size can align with other header types;
// making sure we have the right msgType // making sure we have the right msgType
msgType = binary.LittleEndian.Uint32(packet[junkSize : junkSize+4]) msgType = binary.LittleEndian.Uint32(packet[junkSize:junkSize+4])
if msgType == assumedMsgType { if msgType == assumedMsgType {
packet = packet[junkSize:] packet = packet[junkSize:]
} else { } else {
@ -285,15 +303,18 @@ func (device *Device) RoutineDecryption(id int) {
elem.counter = binary.LittleEndian.Uint64(counter) elem.counter = binary.LittleEndian.Uint64(counter)
// copy counter to nonce // copy counter to nonce
binary.LittleEndian.PutUint64(nonce[0x4:0xc], elem.counter) binary.LittleEndian.PutUint64(nonce[0x4:0xc], elem.counter)
fmt.Printf("before decrypt: %x\n", elem.packet)
elem.packet, err = elem.keypair.receive.Open( elem.packet, err = elem.keypair.receive.Open(
content[:0], content[:0],
nonce[:], nonce[:],
content, content,
nil, nil,
) )
if err != nil { if err != nil {
elem.packet = nil elem.packet = nil
} }
fmt.Printf("decrypt: %x\n", elem.packet)
} }
elemsContainer.Unlock() elemsContainer.Unlock()
} }
@ -551,10 +572,13 @@ func (peer *Peer) RoutineSequentialReceiver(maxBatchSize int) {
continue continue
} }
fmt.Printf("bufs packet: %x\n", elem.packet)
fmt.Printf("bufs packet: %x\n", elem.buffer[len(elem.packet)+1:MessageTransportOffsetContent+len(elem.packet)])
bufs = append( bufs = append(
bufs, bufs,
elem.buffer[:MessageTransportOffsetContent+len(elem.packet)], elem.buffer[:MessageTransportOffsetContent+len(elem.packet)],
) )
fmt.Printf("bufs before send: %.100x\n", elem.buffer)
} }
peer.rxBytes.Add(rxBytesLen) peer.rxBytes.Add(rxBytesLen)
@ -568,6 +592,7 @@ func (peer *Peer) RoutineSequentialReceiver(maxBatchSize int) {
peer.timersDataReceived() peer.timersDataReceived()
} }
if len(bufs) > 0 { if len(bufs) > 0 {
fmt.Printf("bufs: %x\n", bufs)
_, err := device.tun.device.Write(bufs, MessageTransportOffsetContent) _, err := device.tun.device.Write(bufs, MessageTransportOffsetContent)
if err != nil && !device.isClosed() { if err != nil && !device.isClosed() {
device.log.Errorf("Failed to write packets to TUN device: %v", err) device.log.Errorf("Failed to write packets to TUN device: %v", err)

17
device/send.go
View file

@ -9,6 +9,7 @@ import (
"bytes" "bytes"
"encoding/binary" "encoding/binary"
"errors" "errors"
"fmt"
"net" "net"
"os" "os"
"sync" "sync"
@ -547,18 +548,6 @@ func calculatePaddingSize(packetSize, mtu int) int {
return paddedSize - lastUnit return paddedSize - lastUnit
} }
func (device *Device) codecPacket(msgType uint32, packet []byte) ([]byte, error) {
if device.awg.luaAdapter != nil {
var err error
packet, err = device.awg.luaAdapter.Generate(int64(msgType),packet)
if err != nil {
device.log.Errorf("%v - Failed to run codec generate: %v", device, err)
return nil, err
}
}
return packet, nil
}
/* Encrypts the elements in the queue /* Encrypts the elements in the queue
* and marks them for sequential consumption (by releasing the mutex) * and marks them for sequential consumption (by releasing the mutex)
* *
@ -603,11 +592,12 @@ func (device *Device) RoutineEncryption(id int) {
elem.packet, elem.packet,
nil, nil,
) )
fmt.Printf("msg: %x\n", elem.packet)
var err error var err error
if elem.packet, err = device.codecPacket(DefaultMessageTransportType, elem.packet); err != nil { if elem.packet, err = device.codecPacket(DefaultMessageTransportType, elem.packet); err != nil {
continue continue
} }
fmt.Printf("msgmsg: %x\n", elem.packet)
} }
elemsContainer.Unlock() elemsContainer.Unlock()
} }
@ -662,6 +652,7 @@ func (peer *Peer) RoutineSequentialSender(maxBatchSize int) {
peer.timersDataSent() peer.timersDataSent()
} }
for _, elem := range elemsContainer.elems { for _, elem := range elemsContainer.elems {
fmt.Printf("send buffer: %.200x\n", elem.buffer)
device.PutMessageBuffer(elem.buffer) device.PutMessageBuffer(elem.buffer)
device.PutOutboundElement(elem) device.PutOutboundElement(elem)
} }