Merge pull request #415 from brlin-tw/patch-3

Fix typo (ubuntun -> ubuntu; use proper colons)
2025-09-16 12:14:27 +08:00 · 2022-01-26 01:00:09 -05:00 · 2022-01-14 14:16:49 +08:00 · 2020-07-15 03:59:58 -04:00 · 2020-07-15 02:59:42 -04:00 · 2020-07-15 01:58:26 -04:00
10 changed files with 117 additions and 32 deletions
--- a/common.h
+++ b/common.h
@@ -347,12 +347,12 @@ struct not_copy_able_t
 	}
 };
-const int single_max_data_len=1800;
+const int huge_data_len=65535+100; //a packet with link level header might be larger than 65535
-const int max_data_len=single_max_data_len*10;
+const int huge_buf_len=huge_data_len+100;
-const int buf_len=max_data_len+800;
+
 const int max_data_len=1800;
 const int buf_len=max_data_len+400;
 //const int max_data_len_gro=max_data_len*10;
 //const int buf_len_gro=max_data_len_gro+400;
 //const int max_address_len=512;
 u64_t get_current_time();
--- a/connection.cpp
+++ b/connection.cpp
@@ -497,9 +497,16 @@ int send_safer(conn_info_t &conn_info,char type,const char* data,int len)  //saf
            return -1;
        }
        write_u16(send_data_buf2,new_len);
        send_data_buf2[0]^=gro_xor[0];
        send_data_buf2[1]^=gro_xor[1];
        new_len+=2;
 	if(cipher_mode==cipher_xor)
 	{
 	    send_data_buf2[0]^=gro_xor[0];
 	    send_data_buf2[1]^=gro_xor[1];
 	}
 	else if(cipher_mode==cipher_aes128cbc||cipher_mode==cipher_aes128cbc)
 	{
 	    aes_ecb_encrypt1(send_data_buf2);
 	}
    }
@@ -656,14 +663,21 @@ int recv_safer_multi(conn_info_t &conn_info,vector<char> &type_arr,vector<string
        int ori_recv_len=recv_len;
        //mylog(log_debug,"recv_len:%d\n",recv_len);
        int cnt=0;
-        while(recv_len>2)
+        while(recv_len>=16)
        {
            cnt++;
            int single_len_no_xor;
            single_len_no_xor=read_u16(recv_data);
            int single_len;
-            recv_data[0]^=gro_xor[0];
+	    if(cipher_mode==cipher_xor)
-            recv_data[1]^=gro_xor[1];
+	    {
 		recv_data[0]^=gro_xor[0];
 		recv_data[1]^=gro_xor[1];
 	    }
 	    else if(cipher_mode==cipher_aes128cbc||cipher_mode==cipher_aes128cbc)
 	    {
 		aes_ecb_decrypt1(recv_data);
 	    }
            single_len=read_u16(recv_data);
            recv_len-=2;
            recv_data+=2;
@@ -672,9 +686,10 @@ int recv_safer_multi(conn_info_t &conn_info,vector<char> &type_arr,vector<string
                mylog(log_debug,"illegal single_len %d(%d), recv_len %d left,dropped\n",single_len,single_len_no_xor,recv_len);
                break;
            }
-            if(single_len> single_max_data_len )
+            if(single_len> max_data_len )
            {
-                mylog(log_warn,"single_len %d(%d) > %d, maybe you need to turn down mtu at upper level\n",single_len,single_len_no_xor,single_max_data_len);
+                mylog(log_warn,"single_len %d(%d) > %d, maybe you need to turn down mtu at upper level\n",single_len,single_len_no_xor,max_data_len);
 		break;
            }
            int ret = reserved_parse_safer(conn_info, recv_data, single_len, type, data, len);
--- a/doc/build_guide.md
+++ b/doc/build_guide.md
@@ -8,7 +8,7 @@ the guide on how to build udp2raw
 such as PC,raspberry pi
 ##### install git
-run on debian/ubuntun：
+run on debian/ubuntu:
 ```
 sudo apt-get install git
 ```
@@ -18,7 +18,7 @@ sudo yum install git
 ```
 ##### clone git code
-run in any dir：
+run in any dir:
 ```
 git clone https://github.com/wangyu-/udp2raw-tunnel.git
@@ -26,7 +26,7 @@ cd udp2raw-tunnel
 ```
 ##### install compile tool
-run on debian/ubuntun：
+run on debian/ubuntu:
 ```
 sudo apt-get install build-essential
 ```
@@ -42,7 +42,7 @@ run 'make'，compilation done. the udp2raw file is the just compiled binary
 such as openwrt router,run following instructions on your PC
 ##### install git
-run on debian/ubuntun：
+run on debian/ubuntu:
 ```
 sudo apt-get install git
 ```
--- a/encrypt.cpp
+++ b/encrypt.cpp
@@ -37,6 +37,8 @@ auth_mode_t auth_mode=auth_md5;
 cipher_mode_t cipher_mode=cipher_aes128cbc;
 int is_hmac_used=0;
 int aes128cfb_old=0;
 //TODO key negotiation and forward secrecy
 int my_init_keys(const char * user_passwd,int is_client)
@@ -53,7 +55,7 @@ int my_init_keys(const char * user_passwd,int is_client)
 	if(auth_mode==auth_hmac_sha1)
 		is_hmac_used=1;
-	if(is_hmac_used||g_fix_gro)
+	if(is_hmac_used||g_fix_gro||1)
 	{
 		unsigned char salt[400]="";
 		char salt_text[400]="udp2raw_salt1";
@@ -297,6 +299,40 @@ int de_padding(const char *data ,int &data_len,int padding_num)
 	}
 	return 0;
 }
 void aes_ecb_encrypt(const char *data,char *output)
 {
 	static int first_time=1;
 	char *key=(char*)cipher_key_encrypt;
 	if(aes_key_optimize)
 	{
 		if(first_time==0) key=0;
 		else first_time=0;
 	}	
 	AES_ECB_encrypt_buffer((uint8_t*)data,(uint8_t*)key,(uint8_t*)output);
 }
 void aes_ecb_encrypt1(char *data)
 {
    char buf[16];
    memcpy(buf,data,16);
    aes_ecb_encrypt(buf,data);
 }
 void aes_ecb_decrypt(const char *data,char *output)
 {
 	static int first_time=1;
 	char *key=(char*)cipher_key_decrypt;
 	if(aes_key_optimize)
 	{
 		if(first_time==0) key=0;
 		else first_time=0;
 	}	
 	AES_ECB_decrypt_buffer((uint8_t*)data,(uint8_t*)key,(uint8_t*)output);
 }
 void aes_ecb_decrypt1(char *data)
 {
    char buf[16];
    memcpy(buf,data,16);
    aes_ecb_decrypt(buf,data);
 }
 int cipher_aes128cbc_encrypt(const char *data,char *output,int &len,char * key)
 {
 	static int first_time=1;
@@ -318,6 +354,7 @@ int cipher_aes128cbc_encrypt(const char *data,char *output,int &len,char * key)
 int cipher_aes128cfb_encrypt(const char *data,char *output,int &len,char * key)
 {
 	static int first_time=1;
 	assert(len>=16);
 	char buf[buf_len];
 	memcpy(buf,data,len);//TODO inefficient code
@@ -326,6 +363,10 @@ int cipher_aes128cfb_encrypt(const char *data,char *output,int &len,char * key)
 		if(first_time==0) key=0;
 		else first_time=0;
 	}
 	if(!aes128cfb_old)
 	{
 	    aes_ecb_encrypt(data,buf); //encrypt the first block
 	}
 	AES_CFB_encrypt_buffer((unsigned char *)output,(unsigned char *)buf,len,(unsigned char *)key,(unsigned char *)zero_iv);
 	return 0;
@@ -369,12 +410,19 @@ int cipher_aes128cbc_decrypt(const char *data,char *output,int &len,char * key)
 int cipher_aes128cfb_decrypt(const char *data,char *output,int &len,char * key)
 {
 	static int first_time=1;
 	if(len<16) return -1;
 	if(aes_key_optimize)
 	{
 		if(first_time==0) key=0;
 		else first_time=0;
 	}
 	AES_CFB_decrypt_buffer((unsigned char *)output,(unsigned char *)data,len,(unsigned char *)key,(unsigned char *)zero_iv);
 	if(!aes128cfb_old)
 	    aes_ecb_decrypt1(output); //decrypt the first block
 	//if(de_padding(output,len,16)<0) return -1;
 	return 0;
 }
--- a/encrypt.h
+++ b/encrypt.h
@@ -12,6 +12,7 @@
 //extern char key[16];
 const int aes_key_optimize=1; //if enabled,once you used a key for aes,you cant change it anymore
 extern int aes128cfb_old;
 int my_init_keys(const char *,int);
@@ -39,4 +40,10 @@ extern char gro_xor[256+100];
 int cipher_decrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only
 int cipher_encrypt(const char *data,char *output,int &len,char * key);//internal interface ,exposed for test only
 void aes_ecb_encrypt(const char *data,char *output);
 void aes_ecb_decrypt(const char *data,char *output);
 void aes_ecb_encrypt1(char *data);
 void aes_ecb_decrypt1(char *data);
 #endif
--- a/lib/aes_acc/aesacc.c
+++ b/lib/aes_acc/aesacc.c
@@ -366,7 +366,7 @@ void AES_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, co
  decrypt_cbc(rk, length, iv_tmp, input, output);
 }
-void AES_ECB_encrypt(const uint8_t* input, const uint8_t* key, uint8_t* output, const uint32_t length)
+void AES_ECB_encrypt_buffer(const uint8_t* input, const uint8_t* key, uint8_t* output)
 {
  static uint8_t rk[AES_RKSIZE];
@@ -376,7 +376,7 @@ void AES_ECB_encrypt(const uint8_t* input, const uint8_t* key, uint8_t* output,
  encrypt_ecb(AES_NR, rk, input, output);
 }
-void AES_ECB_decrypt(const uint8_t* input, const uint8_t* key, uint8_t *output, const uint32_t length)
+void AES_ECB_decrypt_buffer(const uint8_t* input, const uint8_t* key, uint8_t *output)
 {
  static uint8_t rk[AES_RKSIZE];
--- a/lib/aes_faster_c/wrapper.cpp
+++ b/lib/aes_faster_c/wrapper.cpp
@@ -12,7 +12,7 @@
 #endif
-void AES_ECB_encrypt(const uint8_t* input, const uint8_t* key, uint8_t *output, const uint32_t length)
+void AES_ECB_encrypt_buffer(const uint8_t* input, const uint8_t* key, uint8_t *output)
 {
 	static aes_context ctx;
 	if(key!=0)
@@ -24,7 +24,7 @@ void AES_ECB_encrypt(const uint8_t* input, const uint8_t* key, uint8_t *output,
 	assert(ret==0);
 	return ;
 }
-void AES_ECB_decrypt(const uint8_t* input, const uint8_t* key, uint8_t *output, const uint32_t length)
+void AES_ECB_decrypt_buffer(const uint8_t* input, const uint8_t* key, uint8_t *output)
 {
 	static aes_context ctx;
 	if(key!=0)
--- a/misc.cpp
+++ b/misc.cpp
@@ -563,9 +563,16 @@ void process_arg(int argc, char *argv[])  //process all options
 			}
 			else if(strcmp(long_options[option_index].name,"cipher-mode")==0)
 			{
 				string s=optarg;
 				if(s=="aes128cfb_0")
 				{
 					s="aes128cfb";
 					aes128cfb_old=1;
 					mylog(log_warn,"aes128cfb_0 is used\n");
 				}
 				for(i=0;i<cipher_end;i++)
 				{
-					if(strcmp(optarg,cipher_mode_tostring[i])==0)
+					if(strcmp(s.c_str(),cipher_mode_tostring[i])==0)
 					{
 						cipher_mode=(cipher_mode_t)i;
 						break;
--- a/network.cpp
+++ b/network.cpp
@@ -43,7 +43,7 @@ const u32_t receive_window_lower_bound=40960;
 const u32_t receive_window_random_range=512;
 const unsigned char wscale=0x05;
-char g_packet_buf[buf_len]; //looks dirty but works well
+char g_packet_buf[huge_buf_len]; //looks dirty but works well
 int g_packet_buf_len=-1;
 int g_packet_buf_cnt=0;
@@ -834,29 +834,37 @@ int pre_recv_raw_packet()
 	assert(g_packet_buf_cnt==0);
 	g_sockaddr_len=sizeof(g_sockaddr.ll);
-	g_packet_buf_len = recvfrom(raw_recv_fd, g_packet_buf, max_data_len+1, 0 ,(sockaddr*)&g_sockaddr , &g_sockaddr_len);
+	g_packet_buf_len = recvfrom(raw_recv_fd, g_packet_buf, huge_data_len+1, 0 ,(sockaddr*)&g_sockaddr , &g_sockaddr_len);
 	//assert(g_sockaddr_len==sizeof(g_sockaddr.ll)); //g_sockaddr_len=18, sizeof(g_sockaddr.ll)=20, why its not equal? maybe its bc sll_halen is 6?
 	//assert(g_addr_ll_size==sizeof(g_addr_ll));
-	if(g_packet_buf_len==max_data_len+1)
+	if(g_packet_buf_len==huge_data_len+1)
 	{
-		mylog(log_warn,"huge packet, data_len %d > %d(max_data_len),dropped\n",g_packet_buf_len,max_data_len);
+		if(g_fix_gro==0)
 		{
 		mylog(log_warn,"huge packet, data_len %d > %d,dropped\n",g_packet_buf_len,huge_data_len);
 		return -1;
 		}
 		else
 		{
 			mylog(log_debug,"huge packet, data_len %d > %d,not dropped\n",g_packet_buf_len,huge_data_len);  
 			g_packet_buf_len=huge_data_len;
 		}
 	}
-    if(g_packet_buf_len> single_max_data_len+1)
+    if(g_packet_buf_len> max_data_len+1)
    {
        if(g_fix_gro==0)
        {
-            mylog(log_warn, "huge packet, data_len %d > %d(single_max_data_len) dropped, maybe you need to turn down mtu at upper level, or you may take a look at --fix-gro\n", g_packet_buf_len,
+            mylog(log_warn, "huge packet, data_len %d > %d(max_data_len) dropped, maybe you need to turn down mtu at upper level, or you may take a look at --fix-gro\n", g_packet_buf_len,
-                  single_max_data_len);
+                  max_data_len);
            return -1;
        }
        else
        {
-            mylog(log_debug, "huge packet, data_len %d > %d(single_max_data_len) not dropped\n", g_packet_buf_len,
+            mylog(log_debug, "huge packet, data_len %d > %d(max_data_len) not dropped\n", g_packet_buf_len,
-                  single_max_data_len);
+                  max_data_len);
            //return -1;
        }
--- a/network.h
+++ b/network.h
@@ -27,7 +27,7 @@ extern int random_drop;
 extern int ifindex;
-extern char g_packet_buf[buf_len];
+extern char g_packet_buf[huge_buf_len];
 extern int g_packet_buf_len;
 extern int g_packet_buf_cnt;
Author	SHA1	Message	Date
Yancey Wang	165cabb5a3	Merge pull request #415 from brlin-tw/patch-3 Fix typo (ubuntun -> ubuntu; use proper colons)	2022-01-26 01:00:09 -05:00
林博仁(Buo-ren, Lin)	b51df0089e	Fix typo (ubuntun -> ubuntu; use proper colons) Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>	2022-01-14 14:16:49 +08:00
wangyu	79bb28fd12	introduce huge_buf_len and huge_data_len	2020-07-15 03:59:58 -04:00
wangyu	b3e06de4cb	do not drop truncated packet if fix_gro enabled	2020-07-15 02:59:42 -04:00
wangyu	b03ae53df6	update	2020-07-15 01:58:26 -04:00
wangyu	15c15d5bcb	aes128cfb_0	2020-07-15 01:37:47 -04:00
wangyu	2f0328a41a	update	2020-07-14 14:48:29 -04:00
wangyu	779ebdd37a	change gro scheme	2020-07-14 14:30:26 -04:00
wangyu	5340f0726e	fix last commit	2020-07-14 12:30:57 -04:00
wangyu	e95ee70351	sync `ca4a5d3`	2020-07-14 11:46:02 -04:00