fumiama/WireGold
1
0
Fork 0
mirror of https://github.com/fumiama/WireGold.git synced 2026-06-12 04:43:22 +08:00
Code Activity

优化封装

Browse Source
This commit is contained in:
fumiama
2022-01-01 14:52:46 +08:00
parent df8bee280a
commit a904ec5973
10 changed files with 159 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
gold/link/link.go
View File

@@ -22,6 +22,8 @@ type Link struct {
// 以秒为单位,小于等于 0 不发送 // 以秒为单位,小于等于 0 不发送
keepalive int64 keepalive int64
// 收到的包的队列 // 收到的包的队列
// 没有下层 nic 时
// 包会分发到此
pipe chan *head.Packet pipe chan *head.Packet
// peer 的虚拟 ip // peer 的虚拟 ip
peerip net.IP peerip net.IP

8
gold/link/listen.go
View File

@@ -68,7 +68,7 @@ func (m *Me) listen() (conn *net.UDPConn, err error) {
p.pipe <- packet p.pipe <- packet
logrus.Debugln("[link] deliver to pipe of", p.peerip) logrus.Debugln("[link] deliver to pipe of", p.peerip)
} else { } else {
m.pipe <- packet.Data m.nic.Write(packet.Data)
logrus.Debugln("[link] deliver", len(packet.Data), "bytes data to pipe of me") logrus.Debugln("[link] deliver", len(packet.Data), "bytes data to pipe of me")
} }
default: default:
@@ -103,12 +103,6 @@ func (m *Me) listen() (conn *net.UDPConn, err error) {
return return
} }
// Read 接收所有发送给本机的报文
// 需要开启 nopipe
func (m *Me) Read() []byte {
return <-m.pipe
}
// 从 conn 读取 sz 字节数据 // 从 conn 读取 sz 字节数据
func readAll(conn *net.UDPConn, sz int) ([]byte, error) { func readAll(conn *net.UDPConn, sz int) ([]byte, error) {
i := 0 i := 0

107
gold/link/me.go
View File

@@ -1,10 +1,16 @@
package link package link
import ( import (
"encoding/binary"
"io"
"net" "net"
"strconv"
"sync" "sync"
"github.com/fumiama/WireGold/gold/head" "github.com/fumiama/WireGold/gold/head"
"github.com/fumiama/WireGold/lower"
"github.com/fumiama/water/waterutil"
"github.com/sirupsen/logrus"
) )
// Me 是本机的抽象 // Me 是本机的抽象
@@ -28,8 +34,8 @@ type Me struct {
connmapmu sync.RWMutex connmapmu sync.RWMutex
// 本机监听的 endpoint // 本机监听的 endpoint
myconn *net.UDPConn myconn *net.UDPConn
// 不分目的 link 的接收队列 // 本机网卡
pipe chan []byte nic lower.NICIO
// 本机路由表 // 本机路由表
router *Router router *Router
// 本机未接收完全分片池 // 本机未接收完全分片池
@@ -39,11 +45,10 @@ type Me struct {
clock map[*head.Packet]uint8 clock map[*head.Packet]uint8
// 本机上层配置 // 本机上层配置
srcport, dstport, mtu uint16 srcport, dstport, mtu uint16
readptr []byte
} }
// NewMe 设置本机参数 // NewMe 设置本机参数
func NewMe(privateKey *[32]byte, myipwithmask string, myEndpoint string, nopipeinlink bool, srcport, dstport, mtu uint16) (m Me) { func NewMe(privateKey *[32]byte, myipwithmask string, myEndpoint string, nic lower.NICIO, srcport, dstport, mtu uint16) (m Me) {
m.privKey = *privateKey m.privKey = *privateKey
var err error var err error
m.myend, err = net.ResolveUDPAddr("udp", myEndpoint) m.myend, err = net.ResolveUDPAddr("udp", myEndpoint)
@@ -61,15 +66,13 @@ func NewMe(privateKey *[32]byte, myipwithmask string, myEndpoint string, nopipei
panic(err) panic(err)
} }
m.connections = make(map[string]*Link) m.connections = make(map[string]*Link)
if nopipeinlink { m.nic = nic
m.pipe = make(chan []byte, 32)
}
m.router = &Router{ m.router = &Router{
list: make([]*net.IPNet, 1, 16), list: make([]*net.IPNet, 1, 16),
table: make(map[string]*Link, 16), table: make(map[string]*Link, 16),
} }
m.router.SetDefault(nil) m.router.SetDefault(nil)
m.loop = m.AddPeer(m.me.String(), nil, "127.0.0.1:56789", []string{myipwithmask}, 0, false, nopipeinlink) m.loop = m.AddPeer(m.me.String(), nil, "127.0.0.1:56789", []string{myipwithmask}, 0, false, nic != nil)
m.srcport = srcport m.srcport = srcport
m.dstport = dstport m.dstport = dstport
m.mtu = mtu & 0xfff8 m.mtu = mtu & 0xfff8
@@ -88,3 +91,91 @@ func (m *Me) DstPort() uint16 {
func (m *Me) MTU() uint16 { func (m *Me) MTU() uint16 {
return m.mtu return m.mtu
} }
func (m *Me) ListenFromNIC() {
// 双缓冲区
buf := make([]byte, m.MTU()+68) // 增加报头长度与 TEA 冗余
buf2 := make([]byte, m.MTU()+68) // 增加报头长度与 TEA 冗余
off := 0
isrev := false
for { // 从 NIC 发送
var packet []byte
if off > 0 && !isrev {
packet = buf2
} else {
packet = buf
}
n, err := m.nic.Read(packet[off:])
if isrev {
off = 0
}
if err != nil {
logrus.Errorln("[lower] send read from nic err:", err)
break
}
if n == 0 {
continue
}
packet = packet[:n]
n, rem := m.send(m.nic, packet)
for len(rem) > 20 && n > 0 {
n, rem = m.send(m.nic, rem)
}
if len(rem) > 0 {
logrus.Debugln("[lower] remain", len(rem), "bytes to send")
if off > 0 {
off = copy(buf, rem)
isrev = true
} else {
off = copy(buf2, rem)
}
} else {
off = 0
}
}
}
func (m *Me) send(nc io.Reader, packet []byte) (n int, rem []byte) {
if !waterutil.IsIPv4(packet) {
if waterutil.IsIPv6(packet) {
n = int(binary.BigEndian.Uint16(packet[4:6])) + 40
if n > len(packet) {
rem = packet
logrus.Warnln("[lower] skip to send", len(packet), "bytes ipv6 packet head")
} else {
rem = packet[n:]
logrus.Warnln("[lower] skip to send", n, "bytes ipv6 packet")
}
return
}
logrus.Warnln("[lower] skip to send", len(packet), "bytes non-ipv4/v6 packet")
return len(packet), nil
}
totl := waterutil.IPv4TotalLength(packet)
if int(totl) > len(packet) {
buf := make([]byte, int(totl))
copy(buf, packet)
cnt, err := m.nic.Read(buf[len(packet):])
if err != nil {
rem = packet
return
}
packet = buf[:cnt+len(packet)]
}
rem = packet[totl:]
packet = packet[:totl]
n = int(totl)
dst := waterutil.IPv4Destination(packet)
logrus.Debugln("[lower] sending", len(packet), "bytes packet from :"+strconv.Itoa(int(m.SrcPort())), "to", dst.String()+":"+strconv.Itoa(int(m.DstPort())))
lnk, err := m.Connect(dst.String())
if err != nil {
logrus.Warnln("[lower] connect to peer", dst.String(), "err:", err)
return
}
_, err = lnk.Write(head.NewPacket(head.ProtoData, m.SrcPort(), dst, m.DstPort(), packet), false)
if err != nil {
logrus.Warnln("[lower] write to peer", dst.String(), "err:", err)
}
return
}

144
lower/nic.go
View File

@@ -1,111 +1,57 @@
package lower package lower
import ( import (
"encoding/binary" "io"
"os" "os"
"os/exec" "os/exec"
"strconv"
"github.com/fumiama/water" "github.com/fumiama/water"
"github.com/fumiama/water/waterutil"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/fumiama/WireGold/gold/head"
"github.com/fumiama/WireGold/gold/link"
) )
type NICIO interface {
io.ReadWriteCloser
Up()
Down()
}
// NIC 虚拟网卡 // NIC 虚拟网卡
type NIC struct { type NIC struct {
ifce *water.Interface ifce *water.Interface
ip string ip string
subnet string subnet string
cidrs []string cidrs []string
hasstart bool
} }
// NewNIC 新建 TUN 网络接口卡 // NewNIC 新建 TUN 网络接口卡
// 网卡地址为 ip, 所属子网为 subnet // 网卡地址为 ip, 所属子网为 subnet
// 所有路由为 cidrs // 以本网卡为下一跳的所有子网为 cidrs
func NewNIC(ip, subnet string, cidrs ...string) (n *NIC) { // cidrs 不包括本网卡 subnet
func NewNIC(ip, subnet string, cidrs ...string) NICIO {
ifce, err := water.New(water.Config{DeviceType: water.TUN}) ifce, err := water.New(water.Config{DeviceType: water.TUN})
if err != nil { if err != nil {
panic(err) panic(err)
} }
n = &NIC{ n := &NIC{
ifce: ifce, ifce: ifce,
ip: ip, ip: ip,
cidrs: cidrs, cidrs: cidrs,
subnet: subnet, subnet: subnet,
} }
n.prepare() return n
return
} }
// Start 开始处理网卡消息,阻塞 // Read 匹配 PacketsIO Interface
func (nc *NIC) Start(m *link.Me) { func (nc *NIC) Read(buf []byte) (int, error) {
if nc.hasstart { return nc.ifce.Read(buf)
return
}
nc.hasstart = true
go func() { // 接收到 NIC
for nc.hasstart {
data := m.Read()
n, err := nc.ifce.Write(data)
if err != nil {
logrus.Errorln("[lower] recv write to nic err:", err)
break
}
logrus.Debugln("[lower] recv write", n, "bytes packet to nic")
}
}()
buf := make([]byte, (m.MTU()+68)*4096) // 增加报头长度与 TEA 冗余
buf2 := make([]byte, (m.MTU()+68)*4096) // 增加报头长度与 TEA 冗余
off := 0
isrev := false
for nc.hasstart { // 从 NIC 发送
var packet []byte
if off > 0 && !isrev {
packet = buf2
} else {
packet = buf
}
n, err := nc.ifce.Read(packet[off:])
if isrev {
off = 0
}
if err != nil {
logrus.Errorln("[lower] send read from nic err:", err)
break
}
if n == 0 {
continue
}
packet = packet[:n]
n, rem := nc.send(m, packet)
for len(rem) > 20 && n > 0 {
n, rem = nc.send(m, rem)
}
if len(rem) > 0 {
logrus.Debugln("[lower] remain", len(rem), "bytes to send")
if off > 0 {
off = copy(buf, rem)
isrev = true
} else {
off = copy(buf2, rem)
}
} else {
off = 0
}
}
} }
// Stop 停止处理 func (nc *NIC) Write(packet []byte) (int, error) {
func (n *NIC) Stop() { return nc.ifce.Write(packet)
n.hasstart = false
} }
// Destroy 关闭网卡 // Close 关闭网卡
func (n *NIC) Destroy() error { func (n *NIC) Close() error {
return n.ifce.Close() return n.ifce.Close()
} }
@@ -120,47 +66,3 @@ func execute(c string, args ...string) {
logrus.Panicln("[lower] failed to exec cmd:", err) logrus.Panicln("[lower] failed to exec cmd:", err)
} }
} }
func (nc *NIC) send(m *link.Me, packet []byte) (n int, rem []byte) {
if !waterutil.IsIPv4(packet) {
if waterutil.IsIPv6(packet) {
n = int(binary.BigEndian.Uint16(packet[4:6])) + 40
if n > len(packet) {
rem = packet
logrus.Warnln("[lower] skip to send", len(packet), "bytes ipv6 packet head")
} else {
rem = packet[n:]
logrus.Warnln("[lower] skip to send", n, "bytes ipv6 packet")
}
return
}
logrus.Warnln("[lower] skip to send", len(packet), "bytes non-ipv4/v6 packet")
return len(packet), nil
}
totl := waterutil.IPv4TotalLength(packet)
if int(totl) > len(packet) {
buf := make([]byte, int(totl))
copy(buf, packet)
cnt, err := nc.ifce.Read(buf[len(packet):])
if err != nil {
rem = packet
return
}
packet = buf[:cnt+len(packet)]
}
rem = packet[totl:]
packet = packet[:totl]
n = int(totl)
dst := waterutil.IPv4Destination(packet)
logrus.Debugln("[lower] sending", len(packet), "bytes packet from :"+strconv.Itoa(int(m.SrcPort())), "to", dst.String()+":"+strconv.Itoa(int(m.DstPort())))
lnk, err := m.Connect(dst.String())
if err != nil {
logrus.Warnln("[lower] connect to peer", dst.String(), "err:", err)
return
}
_, err = lnk.Write(head.NewPacket(head.ProtoData, m.SrcPort(), dst, m.DstPort(), packet), false)
if err != nil {
logrus.Warnln("[lower] write to peer", dst.String(), "err:", err)
}
return
}

10
lower/tun_darwin.go
View File

@@ -3,7 +3,7 @@
package lower package lower
func (n *NIC) prepare() { func (n *NIC) Up() {
execute("ifconfig", n.ifce.Name(), "inet", n.ip, n.ip, "up") execute("ifconfig", n.ifce.Name(), "inet", n.ip, n.ip, "up")
execute("route", "add", n.subnet, "-interface", n.ifce.Name()) execute("route", "add", n.subnet, "-interface", n.ifce.Name())
for _, c := range n.cidrs { for _, c := range n.cidrs {
@@ -11,10 +11,10 @@ func (n *NIC) prepare() {
} }
} }
func (n *NIC) Up() {
execute("ifconfig", n.ifce.Name(), "inet", n.ip, n.ip, "up")
}
func (n *NIC) Down() { func (n *NIC) Down() {
execute("ifconfig", n.ifce.Name(), "down") execute("ifconfig", n.ifce.Name(), "down")
execute("route", "delete", n.subnet, "-interface", n.ifce.Name())
for _, c := range n.cidrs {
execute("route", "delete", c, "-interface", n.ifce.Name())
}
} }

10
lower/tun_linux.go
View File

@@ -3,7 +3,7 @@
package lower package lower
func (n *NIC) prepare() { func (n *NIC) Up() {
execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "mtu", "1500") execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "mtu", "1500")
execute("/sbin/ip", "addr", "add", n.ip, "dev", n.ifce.Name()) execute("/sbin/ip", "addr", "add", n.ip, "dev", n.ifce.Name())
execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "up") execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "up")
@@ -13,10 +13,10 @@ func (n *NIC) prepare() {
} }
} }
func (n *NIC) Up() {
execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "up")
}
func (n *NIC) Down() { func (n *NIC) Down() {
execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "down") execute("/sbin/ip", "link", "set", "dev", n.ifce.Name(), "down")
execute("/sbin/ip", "route", "del", n.subnet, "dev", n.ifce.Name())
for _, c := range n.cidrs {
execute("/sbin/ip", "route", "del", c, "dev", n.ifce.Name())
}
} }

8
lower/tun_stub.go
View File

@@ -3,14 +3,10 @@
package lower package lower
func (n *NIC) prepare() {
panic("not support this os now")
}
func (n *NIC) Up() { func (n *NIC) Up() {
panic("not support this os now") panic("not support lower on this os now")
} }
func (n *NIC) Down() { func (n *NIC) Down() {
panic("not support this os now") panic("not support lower on this os now")
} }

16
lower/tun_windows.go
View File

@@ -5,7 +5,8 @@ package lower
import "net" import "net"
func (n *NIC) prepare() { func (n *NIC) Up() {
// execute("netsh", "interface", "set", "interface", n.ifce.Name(), "enabled")
_, ipn, err := net.ParseCIDR(n.subnet) _, ipn, err := net.ParseCIDR(n.subnet)
if err != nil { if err != nil {
panic(err) panic(err)
@@ -20,12 +21,13 @@ func (n *NIC) prepare() {
} }
} }
func (n *NIC) Up() {
// execute("netsh", "interface", "set", "interface", n.ifce.Name(), "enabled")
// don't need to bring up the device by hand
}
func (n *NIC) Down() { func (n *NIC) Down() {
// execute("netsh", "interface", "set", "interface", n.ifce.Name(), "disabled") // execute("netsh", "interface", "set", "interface", n.ifce.Name(), "disabled")
// don't need to bring up the device by hand for _, c := range n.cidrs {
ip, _, err := net.ParseCIDR(c)
if err != nil {
panic(err)
}
execute("cmd", "/c", "route DELETE "+ip.String())
}
} }

4
upper/services/tunnel/tunnel_test.go
View File

@@ -27,9 +27,9 @@ func TestTunnel(t *testing.T) {
t.Log("peer priv key:", hex.EncodeToString(peerpk.Private()[:])) t.Log("peer priv key:", hex.EncodeToString(peerpk.Private()[:]))
t.Log("peer publ key:", hex.EncodeToString(peerpk.Public()[:])) t.Log("peer publ key:", hex.EncodeToString(peerpk.Public()[:]))
m := link.NewMe(selfpk.Private(), "192.168.1.2/32", "127.0.0.1:1236", false, 1, 1, 4096) m := link.NewMe(selfpk.Private(), "192.168.1.2/32", "127.0.0.1:1236", nil, 1, 1, 4096)
m.AddPeer("192.168.1.3", peerpk.Public(), "127.0.0.1:1237", []string{"192.168.1.3/32"}, 0, false, false) m.AddPeer("192.168.1.3", peerpk.Public(), "127.0.0.1:1237", []string{"192.168.1.3/32"}, 0, false, false)
p := link.NewMe(peerpk.Private(), "192.168.1.3/32", "127.0.0.1:1237", false, 1, 1, 4096) p := link.NewMe(peerpk.Private(), "192.168.1.3/32", "127.0.0.1:1237", nil, 1, 1, 4096)
p.AddPeer("192.168.1.2", selfpk.Public(), "127.0.0.1:1236", []string{"192.168.1.2/32"}, 0, false, false) p.AddPeer("192.168.1.2", selfpk.Public(), "127.0.0.1:1236", []string{"192.168.1.2/32"}, 0, false, false)
tunnme, err := Create(&m, "192.168.1.3") tunnme, err := Create(&m, "192.168.1.3")
if err != nil { if err != nil {

18
upper/services/wg/wg.go
View File

@@ -19,7 +19,7 @@ type WG struct {
c *config.Config c *config.Config
key [32]byte key [32]byte
PublicKey string PublicKey string
nic *lower.NIC nic lower.NICIO
me link.Me me link.Me
} }
@@ -50,19 +50,18 @@ func NewWireGold(c *config.Config) (wg WG, err error) {
func (wg *WG) Start(srcport, destport, mtu uint16) { func (wg *WG) Start(srcport, destport, mtu uint16) {
wg.init(srcport, destport, mtu) wg.init(srcport, destport, mtu)
wg.nic.Up() wg.nic.Up()
go wg.nic.Start(&wg.me) go wg.me.ListenFromNIC()
} }
func (wg *WG) Run(srcport, destport, mtu uint16) { func (wg *WG) Run(srcport, destport, mtu uint16) {
wg.init(srcport, destport, mtu) wg.init(srcport, destport, mtu)
wg.nic.Up() wg.nic.Up()
wg.nic.Start(&wg.me) wg.me.ListenFromNIC()
} }
func (wg *WG) Stop() { func (wg *WG) Stop() {
wg.nic.Stop() wg.nic.Close()
wg.nic.Down() wg.nic.Down()
wg.nic.Destroy()
} }
func (wg *WG) init(srcport, destport, mtu uint16) { func (wg *WG) init(srcport, destport, mtu uint16) {
@@ -89,8 +88,13 @@ func (wg *WG) init(srcport, destport, mtu uint16) {
i++ i++
} }
wg.nic = lower.NewNIC(wg.c.IP, wg.c.SubNet, cidrs...) wg.me = link.NewMe(
wg.me = link.NewMe(&wg.key, wg.c.IP+"/32", wg.c.EndPoint, true, srcport, destport, mtu) &wg.key,
wg.c.IP+"/32",
wg.c.EndPoint,
lower.NewNIC(wg.c.IP, wg.c.SubNet, cidrs...),
srcport, destport, mtu,
)
for _, peer := range wg.c.Peers { for _, peer := range wg.c.Peers {
var peerkey [32]byte var peerkey [32]byte