alterwain/Frida
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changes to be committed:

Browse Source 
modified:   src/client.rs
	modified:   src/config.rs
	modified:   src/main.rs
	modified:   src/server.rs
This commit is contained in:
Michael Wain 2024-08-22 22:28:09 +03:00
parent d004af8413
commit 694d90a3ea
4 changed files with 28 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/client.rs
View File

@ -1,13 +1,10 @@
use crossbeam_channel::{unbounded}; use crossbeam_channel::unbounded;
use tokio::{net::UdpSocket, sync::{Mutex}}; use tokio::{net::UdpSocket, sync::Mutex};
use std::io::{Read, Write}; use std::io::{Read, Write};
use base64::prelude::*;
use log::{error, info, warn}; use log::{error, info, warn};
use std::sync::Arc; use std::sync::Arc;
use std::net::{ Ipv4Addr }; use std::net::Ipv4Addr;
use std::process::Command; use std::process::Command;
use x25519_dalek::{PublicKey, StaticSecret}; use x25519_dalek::{PublicKey, StaticSecret};
use aes_gcm::{ use aes_gcm::{
@ -108,7 +105,7 @@ pub async fn client_mode(client_config: ClientConfiguration) {
} }
}); });
let priv_key = base64::decode(client_config.client.private_key).unwrap(); let priv_key = BASE64_STANDARD.decode(client_config.client.private_key).unwrap();
let cipher_shared_clone = cipher_shared.clone(); let cipher_shared_clone = cipher_shared.clone();
tokio::spawn(async move { tokio::spawn(async move {
@ -140,7 +137,7 @@ pub async fn client_mode(client_config: ClientConfiguration) {
let aes = Aes256Gcm::new(s_cipher.as_ref().unwrap().as_bytes().into()); let aes = Aes256Gcm::new(s_cipher.as_ref().unwrap().as_bytes().into());
let nonce = Nonce::clone_from_slice(&wrapped_packet.nonce); let nonce = Nonce::clone_from_slice(&wrapped_packet.nonce);
match aes.decrypt(&nonce, &wrapped_packet.data[..]) { match aes.decrypt(&nonce, &wrapped_packet.data[..]) {
Ok(decrypted) => { tx.send(decrypted); }, Ok(decrypted) => { let _ = tx.send(decrypted); },
Err(error) => error!("Decryption error! {:?}", error) Err(error) => error!("Decryption error! {:?}", error)
} }
} else { } else {
@ -157,7 +154,7 @@ pub async fn client_mode(client_config: ClientConfiguration) {
} }
}); });
let pkey = base64::decode(client_config.client.public_key).unwrap(); let pkey = BASE64_STANDARD.decode(client_config.client.public_key).unwrap();
let handshake = UDPVpnHandshake{ public_key: pkey, request_ip: client_config.client.address.parse::<Ipv4Addr>().unwrap() }; let handshake = UDPVpnHandshake{ public_key: pkey, request_ip: client_config.client.address.parse::<Ipv4Addr>().unwrap() };
sock_snd.send(&handshake.serialize()).await.unwrap(); sock_snd.send(&handshake.serialize()).await.unwrap();

13
src/config.rs
View File

@ -4,6 +4,7 @@ use serde_derive::Deserialize;
use std::str::FromStr; use std::str::FromStr;
use x25519_dalek::{StaticSecret, PublicKey}; use x25519_dalek::{StaticSecret, PublicKey};
use rand::{rngs::StdRng, SeedableRng}; use rand::{rngs::StdRng, SeedableRng};
use base64::prelude::*;
#[derive(Serialize, Deserialize, PartialEq, Debug)] #[derive(Serialize, Deserialize, PartialEq, Debug)]
pub struct ServerInterface { pub struct ServerInterface {
@ -44,12 +45,12 @@ pub struct ServerConfiguration {
impl ServerConfiguration { impl ServerConfiguration {
pub fn default(bind_address: &str, internal_address: &str, broadcast_mode: bool, keepalive: u8, obfs_type: ObfsProtocol) -> Self { pub fn default(bind_address: &str, internal_address: &str, broadcast_mode: bool, keepalive: u8, obfs_type: ObfsProtocol) -> Self {
let mut csprng = StdRng::from_entropy(); let mut csprng = StdRng::from_entropy();
let secret = StaticSecret::new(&mut csprng); let secret = StaticSecret::random_from_rng(&mut csprng);
ServerConfiguration { interface: ServerInterface { ServerConfiguration { interface: ServerInterface {
bind_address: String::from_str(bind_address).unwrap(), bind_address: String::from_str(bind_address).unwrap(),
internal_address: String::from_str(internal_address).unwrap(), internal_address: String::from_str(internal_address).unwrap(),
private_key: base64::encode(secret.as_bytes()), private_key: BASE64_STANDARD.encode(secret.as_bytes()),
public_key: base64::encode(PublicKey::from(&secret).as_bytes()), public_key: BASE64_STANDARD.encode(PublicKey::from(&secret).as_bytes()),
broadcast_mode, broadcast_mode,
keepalive keepalive
}, },
@ -96,11 +97,11 @@ pub struct ClientConfiguration {
impl ClientConfiguration { impl ClientConfiguration {
pub fn default(endpoint: &str, keepalive: u8, public_key: &str, internal_address: &str) -> Self { pub fn default(endpoint: &str, keepalive: u8, public_key: &str, internal_address: &str) -> Self {
let mut csprng = StdRng::from_entropy(); let mut csprng = StdRng::from_entropy();
let secret = StaticSecret::new(&mut csprng); let secret = StaticSecret::random_from_rng(&mut csprng);
ClientConfiguration { ClientConfiguration {
client: ClientInterface { client: ClientInterface {
private_key: base64::encode(secret.as_bytes()), private_key: BASE64_STANDARD.encode(secret.as_bytes()),
public_key: base64::encode(PublicKey::from(&secret).as_bytes()), public_key: BASE64_STANDARD.encode(PublicKey::from(&secret).as_bytes()),
address: String::from_str(internal_address).unwrap() address: String::from_str(internal_address).unwrap()
}, },
server: EndpointInterface { server: EndpointInterface {

6
src/main.rs
View File

@ -29,7 +29,7 @@ fn generate_server_config(matches: &ArgMatches, config_path: &str) {
_ => ObfsProtocol::XOR _ => ObfsProtocol::XOR
}; };
fs::write(config_path, serde_yaml::to_string(&ServerConfiguration::default(bind_address, internal_address, broadcast_mode, keepalive, obfs_type)).unwrap()); let _ = fs::write(config_path, serde_yaml::to_string(&ServerConfiguration::default(bind_address, internal_address, broadcast_mode, keepalive, obfs_type)).unwrap());
} }
fn generate_peer_config(matches: &ArgMatches, config_path: &str, cfg_raw: &String) { fn generate_peer_config(matches: &ArgMatches, config_path: &str, cfg_raw: &String) {
@ -60,9 +60,9 @@ fn generate_peer_config(matches: &ArgMatches, config_path: &str, cfg_raw: &Strin
config.peers.push(ServerPeer { public_key: cl_cfg.client.public_key.clone(), ip: internal_address.clone() }); config.peers.push(ServerPeer { public_key: cl_cfg.client.public_key.clone(), ip: internal_address.clone() });
fs::write(peer_cfg, serde_yaml::to_string(cl_cfg).unwrap()); let _ = fs::write(peer_cfg, serde_yaml::to_string(cl_cfg).unwrap());
fs::write(config_path, serde_yaml::to_string(&config).unwrap()); let _ = fs::write(config_path, serde_yaml::to_string(&config).unwrap());
} }
async fn init_server(cfg_raw: &str ) { async fn init_server(cfg_raw: &str ) {

26
src/server.rs
View File

@ -1,20 +1,16 @@
use crossbeam_channel::{unbounded}; use crossbeam_channel::unbounded;
use tokio::{net::{UdpSocket}, sync::{Mutex}}; use tokio::{net::UdpSocket, sync::Mutex};
use x25519_dalek::{PublicKey, StaticSecret}; use x25519_dalek::{PublicKey, StaticSecret};
use std::io::{Read, Write}; use std::io::{Read, Write};
use base64::prelude::*;
use log::{error, info}; use log::{error, info};
use std::sync::Arc; use std::sync::Arc;
use std::net::{ SocketAddr, Ipv4Addr, IpAddr }; use std::net::{ SocketAddr, Ipv4Addr, IpAddr };
use std::collections::HashMap; use std::collections::HashMap;
use aes_gcm::{ aead::{Aead, AeadCore, KeyInit, OsRng}, use aes_gcm::{ aead::{Aead, AeadCore, KeyInit, OsRng},
Aes256Gcm, Nonce }; Aes256Gcm, Nonce };
use crate::config::{ ServerConfiguration, ServerPeer}; use crate::config::{ ServerConfiguration, ServerPeer};
use crate::udp::{UDPSerializable, UDPVpnHandshake, UDPVpnPacket}; use crate::udp::{UDPSerializable, UDPVpnHandshake, UDPVpnPacket};
pub async fn server_mode(server_config: ServerConfiguration) { pub async fn server_mode(server_config: ServerConfiguration) {
@ -56,7 +52,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
tokio::spawn(async move { tokio::spawn(async move {
loop { loop {
if let Ok((handshake, addr)) = recv2hnd.recv() { if let Ok((handshake, addr)) = recv2hnd.recv() {
sock_hnd.send_to(&handshake.serialize(), addr).await; let _ = sock_hnd.send_to(&handshake.serialize(), addr).await;
} }
} }
}); });
@ -78,7 +74,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
if let Ok(ciphered_d) = ciphered_data { if let Ok(ciphered_d) = ciphered_data {
let vpn_packet = UDPVpnPacket{ data: ciphered_d, nonce: nonce.to_vec()}; let vpn_packet = UDPVpnPacket{ data: ciphered_d, nonce: nonce.to_vec()};
sock_snd.send_to(&vpn_packet.serialize(), peer.addr).await; let _ = sock_snd.send_to(&vpn_packet.serialize(), peer.addr).await;
} else { } else {
error!("Traffic encryption failed."); error!("Traffic encryption failed.");
} }
@ -108,8 +104,8 @@ pub async fn server_mode(server_config: ServerConfiguration) {
0 => { 0 => {
// (&buf[1..len]).to_vec() // (&buf[1..len]).to_vec()
let handshake = UDPVpnHandshake::deserialize(&buf); let handshake = UDPVpnHandshake::deserialize(&buf);
info!("Got handshake! ip: {:?}; key: {:?}", handshake.request_ip, base64::encode(&handshake.public_key)); info!("Got handshake! ip: {:?}; key: {:?}", handshake.request_ip, BASE64_STANDARD.encode(&handshake.public_key));
let skey = base64::encode(&handshake.public_key); let skey = BASE64_STANDARD.encode(&handshake.public_key);
if plp.iter().any(|c| c.ip == handshake.request_ip && c.public_key == skey) { if plp.iter().any(|c| c.ip == handshake.request_ip && c.public_key == skey) {
let internal_ip = IpAddr::V4(handshake.request_ip); let internal_ip = IpAddr::V4(handshake.request_ip);
info!("Accepted client"); info!("Accepted client");
@ -117,7 +113,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
for (&x, p) in handshake.public_key.iter().zip(k.iter_mut()) { for (&x, p) in handshake.public_key.iter().zip(k.iter_mut()) {
*p = x; *p = x;
} }
let static_secret = base64::decode(&server_config.interface.private_key).unwrap(); let static_secret = BASE64_STANDARD.decode(&server_config.interface.private_key).unwrap();
let mut k1 = [0u8; 32]; let mut k1 = [0u8; 32];
for (&x, p) in static_secret.iter().zip(k1.iter_mut()) { for (&x, p) in static_secret.iter().zip(k1.iter_mut()) {
*p = x; *p = x;
@ -126,9 +122,9 @@ pub async fn server_mode(server_config: ServerConfiguration) {
.diffie_hellman(&PublicKey::from(k)); .diffie_hellman(&PublicKey::from(k));
mp.insert(internal_ip, UDPeer { addr, shared_secret: *shared_secret.as_bytes() }); mp.insert(internal_ip, UDPeer { addr, shared_secret: *shared_secret.as_bytes() });
let handshake_response = UDPVpnHandshake{ public_key: base64::decode(&server_config.interface.public_key).unwrap(), request_ip: handshake.request_ip }; let handshake_response = UDPVpnHandshake{ public_key: BASE64_STANDARD.decode(&server_config.interface.public_key).unwrap(), request_ip: handshake.request_ip };
send2hnd.send((handshake_response, addr)); let _ = send2hnd.send((handshake_response, addr));
} else { } else {
info!("Bad handshake"); info!("Bad handshake");
plp.iter().for_each(|c| info!("ip: {:?}; pkey: {:?}", c.ip, c.public_key)); plp.iter().for_each(|c| info!("ip: {:?}; pkey: {:?}", c.ip, c.public_key));
@ -141,7 +137,7 @@ pub async fn server_mode(server_config: ServerConfiguration) {
let aes = Aes256Gcm::new(&p.shared_secret.into()); let aes = Aes256Gcm::new(&p.shared_secret.into());
let nonce = Nonce::clone_from_slice(&packet.nonce[..]); let nonce = Nonce::clone_from_slice(&packet.nonce[..]);
match aes.decrypt(&nonce, &packet.data[..]) { match aes.decrypt(&nonce, &packet.data[..]) {
Ok(decrypted) => { send2tun.send(decrypted); }, Ok(decrypted) => { let _ = send2tun.send(decrypted); },
Err(error) => error!("Decryption error! {:?}", error) Err(error) => error!("Decryption error! {:?}", error)
} }
}); });