admin/sing-tun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:v0.6.5
Branches Tags
admin:main admin:dev admin:sing-vpn-fd-patch
admin:v0.7.12 admin:v0.8.2 admin:v0.8.1 admin:v0.8.0-beta.18 admin:v0.8.0 admin:v0.8.0-beta.17 admin:v0.7.11 admin:v0.8.0-beta.16 admin:v0.7.10 admin:v0.8.0-beta.15 admin:v0.7.9 admin:v0.8.0-beta.14 admin:v0.7.8 admin:v0.7.6 admin:v0.7.5 admin:v0.8.0-beta.13 admin:v0.8.0-beta.12 admin:v0.7.3 admin:v0.8.0-beta.11 admin:v0.8.0-beta.10 admin:v0.8.0-beta.9 admin:v0.7.2 admin:v0.8.0-beta.8 admin:v0.7.1 admin:v0.7.0 admin:v0.8.0-beta.1 admin:v0.4.7 admin:v0.7.0-beta.1 admin:v0.6.9 admin:v0.6.8 admin:v0.6.7 admin:v0.6.6 admin:v0.6.5 admin:v0.6.4 admin:v0.6.3 admin:v0.6.2 admin:v0.6.1 admin:v0.6.0 admin:v0.4.6 admin:v0.6.0-beta.8 admin:v0.6.0-beta.7 admin:v0.6.0-beta.6 admin:v0.4.5 admin:v0.6.0-beta.4 admin:v0.6.0-beta.2 admin:v0.6.0-beta.1 admin:v0.6.0-alpha.17 admin:v0.6.0-alpha.16 admin:v0.6.0-alpha.15 admin:v0.6.0-alpha.14 admin:v0.6.0-alpha.13 admin:v0.6.0-alpha.12 admin:v0.4.2 admin:v0.6.0-alpha.11 admin:v0.6.0-alpha.10 admin:v0.6.0-alpha.9 admin:v0.4.1 admin:v0.6.0-alpha.8 admin:v0.6.0-alpha.7 admin:v0.6.0-alpha.6 admin:v0.6.0-alpha.5 admin:v0.6.0-alpha.4 admin:v0.6.0-alpha.3 admin:v0.6.0-alpha.2 admin:v0.5.0-alpha.1 admin:v0.4.0-rc.5 admin:v0.4.0-rc.4 admin:v0.4.0-rc.3 admin:v0.4.0-rc.2 admin:v0.4.0-rc.1 admin:v0.3.3 admin:v0.4.0-beta.16 admin:v0.4.0-beta.15 admin:v0.4.0-beta.14 admin:v0.4.0-beta.13 admin:v0.4.0-beta.12 admin:v0.4.0-beta.11 admin:v0.4.0-beta.10 admin:v0.4.0-beta.9 admin:v0.4.0-beta.8 admin:v0.4.0-beta.7 admin:v0.3.2 admin:v0.3.1 admin:v0.4.0-beta.6 admin:v0.4.0-beta.5 admin:v0.4.0-beta.3 admin:v0.4.0-beta.2 admin:v0.4.0-beta.1 admin:v0.3.0-beta.6 admin:v0.3.0 admin:v0.3.0-beta.5 admin:v0.3.0-beta.4 admin:v0.3.0-beta.3 admin:v0.3.0-beta.2 admin:v0.3.0-beta.1 admin:v0.2.8-beta.1 admin:v0.2.7 admin:v0.2.7-beta.2 admin:v0.2.7-beta.1 admin:v0.2.6 admin:v0.2.6-beta.1 admin:v0.2.5 admin:v0.2.5-beta.2 admin:v0.2.5-beta.1 admin:v0.2.4 admin:v0.2.4-beta.1 admin:v0.2.3 admin:v0.2.3-beta.1 admin:v0.2.2 admin:v0.2.2-beta.3 admin:v0.2.2-beta.1 admin:v0.2.1 admin:v0.2.0 admin:v0.2.0-rc.1 admin:v0.2.0-beta.4 admin:v0.2.0-beta.3 admin:v0.2.0-beta.2 admin:v0.2.0-beta.1 admin:v0.1.24 admin:v0.1.23 admin:v0.1.22 admin:v0.1.21 admin:v0.1.20 admin:v0.1.19 admin:v0.1.18 admin:v0.1.16 admin:v0.1.15 admin:v0.1.14 admin:v0.1.12 admin:v0.1.11 admin:v0.1.10 admin:v0.1.8 admin:v0.1.7 admin:v0.1.6 admin:v0.1.5 admin:v0.1.4 admin:v0.1.3 admin:v0.1.2 admin:v0.1.1 admin:v0.1.0
..
compare: admin:v0.6.9
Branches Tags
admin:main admin:dev admin:sing-vpn-fd-patch
admin:v0.7.12 admin:v0.8.2 admin:v0.8.1 admin:v0.8.0-beta.18 admin:v0.8.0 admin:v0.8.0-beta.17 admin:v0.7.11 admin:v0.8.0-beta.16 admin:v0.7.10 admin:v0.8.0-beta.15 admin:v0.7.9 admin:v0.8.0-beta.14 admin:v0.7.8 admin:v0.7.6 admin:v0.7.5 admin:v0.8.0-beta.13 admin:v0.8.0-beta.12 admin:v0.7.3 admin:v0.8.0-beta.11 admin:v0.8.0-beta.10 admin:v0.8.0-beta.9 admin:v0.7.2 admin:v0.8.0-beta.8 admin:v0.7.1 admin:v0.7.0 admin:v0.8.0-beta.1 admin:v0.4.7 admin:v0.7.0-beta.1 admin:v0.6.9 admin:v0.6.8 admin:v0.6.7 admin:v0.6.6 admin:v0.6.5 admin:v0.6.4 admin:v0.6.3 admin:v0.6.2 admin:v0.6.1 admin:v0.6.0 admin:v0.4.6 admin:v0.6.0-beta.8 admin:v0.6.0-beta.7 admin:v0.6.0-beta.6 admin:v0.4.5 admin:v0.6.0-beta.4 admin:v0.6.0-beta.2 admin:v0.6.0-beta.1 admin:v0.6.0-alpha.17 admin:v0.6.0-alpha.16 admin:v0.6.0-alpha.15 admin:v0.6.0-alpha.14 admin:v0.6.0-alpha.13 admin:v0.6.0-alpha.12 admin:v0.4.2 admin:v0.6.0-alpha.11 admin:v0.6.0-alpha.10 admin:v0.6.0-alpha.9 admin:v0.4.1 admin:v0.6.0-alpha.8 admin:v0.6.0-alpha.7 admin:v0.6.0-alpha.6 admin:v0.6.0-alpha.5 admin:v0.6.0-alpha.4 admin:v0.6.0-alpha.3 admin:v0.6.0-alpha.2 admin:v0.5.0-alpha.1 admin:v0.4.0-rc.5 admin:v0.4.0-rc.4 admin:v0.4.0-rc.3 admin:v0.4.0-rc.2 admin:v0.4.0-rc.1 admin:v0.3.3 admin:v0.4.0-beta.16 admin:v0.4.0-beta.15 admin:v0.4.0-beta.14 admin:v0.4.0-beta.13 admin:v0.4.0-beta.12 admin:v0.4.0-beta.11 admin:v0.4.0-beta.10 admin:v0.4.0-beta.9 admin:v0.4.0-beta.8 admin:v0.4.0-beta.7 admin:v0.3.2 admin:v0.3.1 admin:v0.4.0-beta.6 admin:v0.4.0-beta.5 admin:v0.4.0-beta.3 admin:v0.4.0-beta.2 admin:v0.4.0-beta.1 admin:v0.3.0-beta.6 admin:v0.3.0 admin:v0.3.0-beta.5 admin:v0.3.0-beta.4 admin:v0.3.0-beta.3 admin:v0.3.0-beta.2 admin:v0.3.0-beta.1 admin:v0.2.8-beta.1 admin:v0.2.7 admin:v0.2.7-beta.2 admin:v0.2.7-beta.1 admin:v0.2.6 admin:v0.2.6-beta.1 admin:v0.2.5 admin:v0.2.5-beta.2 admin:v0.2.5-beta.1 admin:v0.2.4 admin:v0.2.4-beta.1 admin:v0.2.3 admin:v0.2.3-beta.1 admin:v0.2.2 admin:v0.2.2-beta.3 admin:v0.2.2-beta.1 admin:v0.2.1 admin:v0.2.0 admin:v0.2.0-rc.1 admin:v0.2.0-beta.4 admin:v0.2.0-beta.3 admin:v0.2.0-beta.2 admin:v0.2.0-beta.1 admin:v0.1.24 admin:v0.1.23 admin:v0.1.22 admin:v0.1.21 admin:v0.1.20 admin:v0.1.19 admin:v0.1.18 admin:v0.1.16 admin:v0.1.15 admin:v0.1.14 admin:v0.1.12 admin:v0.1.11 admin:v0.1.10 admin:v0.1.8 admin:v0.1.7 admin:v0.1.6 admin:v0.1.5 admin:v0.1.4 admin:v0.1.3 admin:v0.1.2 admin:v0.1.1 admin:v0.1.0

4 Commits
v0.6.5 ... v0.6.9

Author SHA1 Message Date
世界
2121bc3f01 Fix error usages 2025-06-20 12:47:57 +08:00
世界
bea26198e7 Fix "Fix gLazyConn race" 2025-06-16 14:01:32 +08:00
世界
3df19f464e Fix gLazyConn race 2025-06-13 18:18:53 +08:00
世界
494b0ef858 redirect: Fix unreachable 2025-06-13 18:18:53 +08:00
5 changed files with 81 additions and 62 deletions
Expand all files Collapse all files

4
redirect_nftables_rules.go
View File

@@ -742,9 +742,7 @@ func (r *autoRedirect) nftablesCreateUnreachable(
Data: []byte{uint8(nfProto)},
},
&expr.Counter{},
&expr.Verdict{
Kind: expr.VerdictDrop,
},
&expr.Reject{},
},
})
}

126
stack_gvisor_lazy.go
View File

@@ -4,8 +4,10 @@ package tun
import (
"context"
"errors"
"net"
"os"
"sync"
"time"
"github.com/sagernet/gvisor/pkg/tcpip"
@@ -17,19 +19,25 @@ import (
)
type gLazyConn struct {
tcpConn *gonet.TCPConn
parentCtx context.Context
stack *stack.Stack
request *tcp.ForwarderRequest
localAddr net.Addr
remoteAddr net.Addr
handshakeDone bool
handshakeErr error
tcpConn *gonet.TCPConn
parentCtx context.Context
stack *stack.Stack
request *tcp.ForwarderRequest
localAddr net.Addr
remoteAddr net.Addr
handshakeAccess sync.Mutex
handshakeDone bool
handshakeErr error
}
func (c *gLazyConn) HandshakeContext(ctx context.Context) error {
if c.handshakeDone {
return nil
return c.handshakeErr
}
c.handshakeAccess.Lock()
defer c.handshakeAccess.Unlock()
if c.handshakeDone {
return c.handshakeErr
}
defer func() {
c.handshakeDone = true
@@ -67,7 +75,12 @@ func (c *gLazyConn) HandshakeFailure(err error) error {
if c.handshakeDone {
return os.ErrInvalid
}
c.request.Complete(err != ErrDrop)
c.handshakeAccess.Lock()
defer c.handshakeAccess.Unlock()
if c.handshakeDone {
return os.ErrInvalid
}
c.request.Complete(!errors.Is(err, ErrDrop))
c.handshakeDone = true
c.handshakeErr = err
return nil
@@ -78,25 +91,17 @@ func (c *gLazyConn) HandshakeSuccess() error {
}
func (c *gLazyConn) Read(b []byte) (n int, err error) {
if !c.handshakeDone {
err = c.HandshakeContext(context.Background())
if err != nil {
return
}
} else if c.handshakeErr != nil {
return 0, c.handshakeErr
err = c.HandshakeContext(context.Background())
if err != nil {
return
}
return c.tcpConn.Read(b)
}
func (c *gLazyConn) Write(b []byte) (n int, err error) {
if !c.handshakeDone {
err = c.HandshakeContext(context.Background())
if err != nil {
return
}
} else if c.handshakeErr != nil {
return 0, c.handshakeErr
err = c.HandshakeContext(context.Background())
if err != nil {
return
}
return c.tcpConn.Write(b)
}
@@ -110,46 +115,41 @@ func (c *gLazyConn) RemoteAddr() net.Addr {
}
func (c *gLazyConn) SetDeadline(t time.Time) error {
if !c.handshakeDone {
err := c.HandshakeContext(context.Background())
if err != nil {
return err
}
} else if c.handshakeErr != nil {
return c.handshakeErr
err := c.HandshakeContext(context.Background())
if err != nil {
return err
}
return c.tcpConn.SetDeadline(t)
}
func (c *gLazyConn) SetReadDeadline(t time.Time) error {
if !c.handshakeDone {
err := c.HandshakeContext(context.Background())
if err != nil {
return err
}
} else if c.handshakeErr != nil {
return c.handshakeErr
err := c.HandshakeContext(context.Background())
if err != nil {
return err
}
return c.tcpConn.SetReadDeadline(t)
}
func (c *gLazyConn) SetWriteDeadline(t time.Time) error {
if !c.handshakeDone {
err := c.HandshakeContext(context.Background())
if err != nil {
return err
}
} else if c.handshakeErr != nil {
return c.handshakeErr
err := c.HandshakeContext(context.Background())
if err != nil {
return err
}
return c.tcpConn.SetWriteDeadline(t)
}
func (c *gLazyConn) Close() error {
if !c.handshakeDone {
c.request.Complete(true)
c.handshakeErr = net.ErrClosed
return nil
c.handshakeAccess.Lock()
if !c.handshakeDone {
c.request.Complete(true)
c.handshakeErr = net.ErrClosed
c.handshakeDone = true
return nil
} else if c.handshakeErr != nil {
return nil
}
c.handshakeAccess.Unlock()
} else if c.handshakeErr != nil {
return nil
}
@@ -158,9 +158,16 @@ func (c *gLazyConn) Close() error {
func (c *gLazyConn) CloseRead() error {
if !c.handshakeDone {
c.request.Complete(true)
c.handshakeErr = net.ErrClosed
return nil
c.handshakeAccess.Lock()
if !c.handshakeDone {
c.request.Complete(true)
c.handshakeErr = net.ErrClosed
c.handshakeDone = true
return nil
} else if c.handshakeErr != nil {
return nil
}
c.handshakeAccess.Unlock()
} else if c.handshakeErr != nil {
return nil
}
@@ -169,9 +176,16 @@ func (c *gLazyConn) CloseRead() error {
func (c *gLazyConn) CloseWrite() error {
if !c.handshakeDone {
c.request.Complete(true)
c.handshakeErr = net.ErrClosed
return nil
c.handshakeAccess.Lock()
if !c.handshakeDone {
c.request.Complete(true)
c.handshakeErr = net.ErrClosed
c.handshakeDone = true
return nil
} else if c.handshakeErr != nil {
return nil
}
c.handshakeAccess.Unlock()
} else if c.handshakeErr != nil {
return nil
}
@@ -179,10 +193,14 @@ func (c *gLazyConn) CloseWrite() error {
}
func (c *gLazyConn) ReaderReplaceable() bool {
c.handshakeAccess.Lock()
defer c.handshakeAccess.Unlock()
return c.handshakeDone && c.handshakeErr == nil
}
func (c *gLazyConn) WriterReplaceable() bool {
c.handshakeAccess.Lock()
defer c.handshakeAccess.Unlock()
return c.handshakeDone && c.handshakeErr == nil
}

3
stack_gvisor_tcp.go
View File

@@ -4,6 +4,7 @@ package tun
import (
"context"
"errors"
"github.com/sagernet/gvisor/pkg/tcpip/stack"
"github.com/sagernet/gvisor/pkg/tcpip/transport/tcp"
@@ -37,7 +38,7 @@ func (f *TCPForwarder) Forward(r *tcp.ForwarderRequest) {
destination := M.SocksaddrFrom(AddrFromAddress(r.ID().LocalAddress), r.ID().LocalPort)
pErr := f.handler.PrepareConnection(N.NetworkTCP, source, destination)
if pErr != nil {
r.Complete(pErr != ErrDrop)
r.Complete(!errors.Is(pErr, ErrDrop))
return
}
conn := &gLazyConn{

3
stack_gvisor_udp.go
View File

@@ -4,6 +4,7 @@ package tun
import (
"context"
"errors"
"math"
"net/netip"
"os"
@@ -59,7 +60,7 @@ func rangeIterate(r stack.Range, fn func(*buffer.View))
func (f *UDPForwarder) PreparePacketConnection(source M.Socksaddr, destination M.Socksaddr, userData any) (bool, context.Context, N.PacketWriter, N.CloseHandlerFunc) {
pErr := f.handler.PrepareConnection(N.NetworkUDP, source, destination)
if pErr != nil {
if pErr != ErrDrop {
if !errors.Is(pErr, ErrDrop) {
gWriteUnreachable(f.stack, userData.(*stack.PacketBuffer))
}
return false, nil, nil, nil

7
stack_system.go
View File

@@ -2,6 +2,7 @@ package tun
import (
"context"
"errors"
"net"
"net/netip"
"syscall"
@@ -354,7 +355,7 @@ func (s *System) processIPv4TCP(ipHdr header.IPv4, tcpHdr header.TCP) (bool, err
} else {
natPort, err := s.tcpNat.Lookup(source, destination, s.handler)
if err != nil {
if err == ErrDrop {
if errors.Is(err, ErrDrop) {
return false, nil
} else {
return false, s.resetIPv4TCP(ipHdr, tcpHdr)
@@ -441,7 +442,7 @@ func (s *System) processIPv6TCP(ipHdr header.IPv6, tcpHdr header.TCP) (bool, err
} else {
natPort, err := s.tcpNat.Lookup(source, destination, s.handler)
if err != nil {
if err == ErrDrop {
if errors.Is(err, ErrDrop) {
return false, nil
} else {
return false, s.resetIPv6TCP(ipHdr, tcpHdr)
@@ -536,7 +537,7 @@ func (s *System) processIPv6UDP(ipHdr header.IPv6, udpHdr header.UDP) error {
func (s *System) preparePacketConnection(source M.Socksaddr, destination M.Socksaddr, userData any) (bool, context.Context, N.PacketWriter, N.CloseHandlerFunc) {
pErr := s.handler.PrepareConnection(N.NetworkUDP, source, destination)
if pErr != nil {
if pErr != ErrDrop {
if !errors.Is(pErr, ErrDrop) {
if source.IsIPv4() {
ipHdr := userData.(header.IPv4)
s.rejectIPv4WithICMP(ipHdr, header.ICMPv4PortUnreachable)