fix
This commit is contained in:
parent
3219efbd76
commit
dcddadb985
@ -401,26 +401,6 @@ actor SDLContextActor {
|
|||||||
self.natType = natType
|
self.natType = natType
|
||||||
}
|
}
|
||||||
|
|
||||||
// 开启注册任务
|
|
||||||
private func startRegisterLoop() {
|
|
||||||
guard self.registerTask == nil else {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
self.registerTask = Task {
|
|
||||||
while !Task.isCancelled {
|
|
||||||
self.doRegisterSuper()
|
|
||||||
try? await Task.sleep(for: .seconds(5))
|
|
||||||
if self.state == .registered {
|
|
||||||
await self.whenRegistedSuper()
|
|
||||||
break
|
|
||||||
}
|
|
||||||
SDLLogger.log("[SDLContext] register super failed, retry")
|
|
||||||
}
|
|
||||||
self.registerTask = nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// 注册成功super的回调函数
|
// 注册成功super的回调函数
|
||||||
private func whenRegistedSuper() async {
|
private func whenRegistedSuper() async {
|
||||||
self.updatePolicyTask?.cancel()
|
self.updatePolicyTask?.cancel()
|
||||||
@ -455,127 +435,6 @@ actor SDLContextActor {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private func handleRegisterSuperAck(registerSuperAck: SDLRegisterSuperAck) async {
|
|
||||||
// 需要对数据通过rsa的私钥解码
|
|
||||||
guard let key = try? self.rsaCipher.decode(data: Data(registerSuperAck.key)) else {
|
|
||||||
SDLLogger.log("[SDLContext] registerSuperAck invalid key")
|
|
||||||
let error = SDLError.invalidKey
|
|
||||||
self.failReady(error)
|
|
||||||
self.provider.cancelTunnelWithError(error)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
let algorithm = registerSuperAck.algorithm.lowercased()
|
|
||||||
let regionId = registerSuperAck.regionID
|
|
||||||
self.sessionToken = registerSuperAck.sessionToken
|
|
||||||
|
|
||||||
switch algorithm {
|
|
||||||
case "aes":
|
|
||||||
self.dataCipher = CCAESChiper(key: key)
|
|
||||||
case "chacha20":
|
|
||||||
self.dataCipher = CCChaCha20Cipher(regionId: regionId, keyData: key)
|
|
||||||
default:
|
|
||||||
SDLLogger.log("[SDLContext] registerSuperAck invalid algorithm \(algorithm)")
|
|
||||||
let error = SDLError.unsupportedAlgorithm(algorithm: algorithm)
|
|
||||||
self.failReady(error)
|
|
||||||
self.provider.cancelTunnelWithError(error)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
SDLLogger.log("[SDLContext] registerSuperAck, use algorithm \(algorithm), key len: \(key.count)")
|
|
||||||
// 服务器分配的tun网卡信息
|
|
||||||
do {
|
|
||||||
try await self.setNetworkSettings(config: self.config, dnsServer: DNSHelper.dnsServer)
|
|
||||||
SDLLogger.log("[SDLContext] setNetworkSettings successed")
|
|
||||||
self.state = .registered
|
|
||||||
self.startReader()
|
|
||||||
self.markReady()
|
|
||||||
} catch let err {
|
|
||||||
SDLLogger.log("[SDLContext] setTunnelNetworkSettings get error: \(err)")
|
|
||||||
self.failReady(err)
|
|
||||||
self.provider.cancelTunnelWithError(err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private func handleRegisterSuperNak(nakPacket: SDLRegisterSuperNak) {
|
|
||||||
let errorMessage = nakPacket.errorMessage
|
|
||||||
guard let errorCode = SDLNAKErrorCode(rawValue: UInt8(nakPacket.errorCode)) else {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
switch errorCode {
|
|
||||||
case .invalidToken, .nodeDisabled:
|
|
||||||
let alertNotice = NoticeMessage.alert(alert: errorMessage)
|
|
||||||
self.noticeClient?.send(data: alertNotice)
|
|
||||||
// 报告错误并退出
|
|
||||||
let error = NSError(domain: "com.jihe.punchnet.tun", code: -1)
|
|
||||||
self.failReady(error)
|
|
||||||
self.provider.cancelTunnelWithError(error)
|
|
||||||
|
|
||||||
case .noIpAddress, .networkFault, .internalFault:
|
|
||||||
let alertNotice = NoticeMessage.alert(alert: errorMessage)
|
|
||||||
self.noticeClient?.send(data: alertNotice)
|
|
||||||
}
|
|
||||||
SDLLogger.log("[SDLContext] Get a SuperNak message exit")
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
private func handleEvent(event: SDLEvent) async {
|
|
||||||
switch event.event {
|
|
||||||
case .natChanged(let natChangedEvent):
|
|
||||||
let dstMac = natChangedEvent.mac
|
|
||||||
SDLLogger.log("[SDLContext] natChangedEvent, dstMac: \(dstMac)")
|
|
||||||
sessionManager.removeSession(dstMac: dstMac)
|
|
||||||
case .sendRegister(let sendRegisterEvent):
|
|
||||||
SDLLogger.log("[SDLContext] sendRegisterEvent, ip: \(sendRegisterEvent)")
|
|
||||||
// 发送register包
|
|
||||||
var register = SDLRegister()
|
|
||||||
register.networkID = self.config.networkAddress.networkId
|
|
||||||
register.srcMac = self.config.networkAddress.mac
|
|
||||||
register.dstMac = sendRegisterEvent.dstMac
|
|
||||||
let registerData = try! register.serializedData()
|
|
||||||
|
|
||||||
if sendRegisterEvent.natIp > 0 && sendRegisterEvent.natPort > 0 {
|
|
||||||
let address = SDLUtil.int32ToIp(sendRegisterEvent.natIp)
|
|
||||||
if let remoteAddress = try? SocketAddress.makeAddressResolvingHost(address, port: Int(sendRegisterEvent.natPort)) {
|
|
||||||
self.sendPeerPacket(type: .register, data: registerData, remoteAddress: remoteAddress)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if sendRegisterEvent.hasV6Info, let remoteAddress = try? await sendRegisterEvent.v6Info.socketAddress() {
|
|
||||||
self.sendPeerPacket(type: .register, data: registerData, remoteAddress: remoteAddress)
|
|
||||||
}
|
|
||||||
case .shutdown(let shutdownEvent):
|
|
||||||
let alertNotice = NoticeMessage.alert(alert: shutdownEvent.message)
|
|
||||||
self.noticeClient?.send(data: alertNotice)
|
|
||||||
|
|
||||||
// 报告错误并退出
|
|
||||||
let error = NSError(domain: "com.jihe.punchnet.tun", code: -2)
|
|
||||||
self.failReady(error)
|
|
||||||
self.provider.cancelTunnelWithError(error)
|
|
||||||
case .none:
|
|
||||||
()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private func doRegisterSuper() {
|
|
||||||
// 注册
|
|
||||||
var registerSuper = SDLRegisterSuper()
|
|
||||||
registerSuper.clientID = self.config.clientId
|
|
||||||
registerSuper.networkID = self.config.networkAddress.networkId
|
|
||||||
registerSuper.mac = self.config.networkAddress.mac
|
|
||||||
registerSuper.ip = self.config.networkAddress.ip
|
|
||||||
registerSuper.maskLen = UInt32(self.config.networkAddress.maskLen)
|
|
||||||
registerSuper.hostname = self.config.hostname
|
|
||||||
registerSuper.pubKey = self.rsaCipher.pubKey
|
|
||||||
registerSuper.accessToken = self.config.accessToken
|
|
||||||
|
|
||||||
if let registerSuperData = try? registerSuper.serializedData() {
|
|
||||||
SDLLogger.log("[SDLContext] will send register super")
|
|
||||||
self.quicClient?.send(type: .registerSuper, data: registerSuperData)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// 开始读取数据, 用单独的线程处理packetFlow
|
// 开始读取数据, 用单独的线程处理packetFlow
|
||||||
private func startReader() {
|
private func startReader() {
|
||||||
// 停止之前的任务
|
// 停止之前的任务
|
||||||
@ -763,6 +622,152 @@ actor SDLContextActor {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// 处理和Super之间的通讯
|
||||||
|
extension SDLContextActor {
|
||||||
|
|
||||||
|
// 开启注册任务
|
||||||
|
private func startRegisterLoop() {
|
||||||
|
guard self.registerTask == nil else {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
self.registerTask = Task {
|
||||||
|
while !Task.isCancelled {
|
||||||
|
self.doRegisterSuper()
|
||||||
|
try? await Task.sleep(for: .seconds(5))
|
||||||
|
if self.state == .registered {
|
||||||
|
await self.whenRegistedSuper()
|
||||||
|
break
|
||||||
|
}
|
||||||
|
SDLLogger.log("[SDLContext] register super failed, retry")
|
||||||
|
}
|
||||||
|
self.registerTask = nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private func handleRegisterSuperAck(registerSuperAck: SDLRegisterSuperAck) async {
|
||||||
|
// 需要对数据通过rsa的私钥解码
|
||||||
|
guard let key = try? self.rsaCipher.decode(data: Data(registerSuperAck.key)) else {
|
||||||
|
SDLLogger.log("[SDLContext] registerSuperAck invalid key")
|
||||||
|
let error = SDLError.invalidKey
|
||||||
|
self.failReady(error)
|
||||||
|
self.provider.cancelTunnelWithError(error)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
let algorithm = registerSuperAck.algorithm.lowercased()
|
||||||
|
let regionId = registerSuperAck.regionID
|
||||||
|
self.sessionToken = registerSuperAck.sessionToken
|
||||||
|
|
||||||
|
switch algorithm {
|
||||||
|
case "aes":
|
||||||
|
self.dataCipher = CCAESChiper(key: key)
|
||||||
|
case "chacha20":
|
||||||
|
self.dataCipher = CCChaCha20Cipher(regionId: regionId, keyData: key)
|
||||||
|
default:
|
||||||
|
SDLLogger.log("[SDLContext] registerSuperAck invalid algorithm \(algorithm)")
|
||||||
|
let error = SDLError.unsupportedAlgorithm(algorithm: algorithm)
|
||||||
|
self.failReady(error)
|
||||||
|
self.provider.cancelTunnelWithError(error)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
SDLLogger.log("[SDLContext] registerSuperAck, use algorithm \(algorithm), key len: \(key.count)")
|
||||||
|
// 服务器分配的tun网卡信息
|
||||||
|
do {
|
||||||
|
try await self.setNetworkSettings(config: self.config, dnsServer: DNSHelper.dnsServer)
|
||||||
|
SDLLogger.log("[SDLContext] setNetworkSettings successed")
|
||||||
|
self.state = .registered
|
||||||
|
self.startReader()
|
||||||
|
self.markReady()
|
||||||
|
} catch let err {
|
||||||
|
SDLLogger.log("[SDLContext] setTunnelNetworkSettings get error: \(err)")
|
||||||
|
self.failReady(err)
|
||||||
|
self.provider.cancelTunnelWithError(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private func handleRegisterSuperNak(nakPacket: SDLRegisterSuperNak) {
|
||||||
|
let errorMessage = nakPacket.errorMessage
|
||||||
|
guard let errorCode = SDLNAKErrorCode(rawValue: UInt8(nakPacket.errorCode)) else {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
switch errorCode {
|
||||||
|
case .invalidToken, .nodeDisabled:
|
||||||
|
let alertNotice = NoticeMessage.alert(alert: errorMessage)
|
||||||
|
self.noticeClient?.send(data: alertNotice)
|
||||||
|
// 报告错误并退出
|
||||||
|
let error = NSError(domain: "com.jihe.punchnet.tun", code: -1)
|
||||||
|
self.failReady(error)
|
||||||
|
self.provider.cancelTunnelWithError(error)
|
||||||
|
|
||||||
|
case .noIpAddress, .networkFault, .internalFault:
|
||||||
|
let alertNotice = NoticeMessage.alert(alert: errorMessage)
|
||||||
|
self.noticeClient?.send(data: alertNotice)
|
||||||
|
}
|
||||||
|
SDLLogger.log("[SDLContext] Get a SuperNak message exit")
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private func handleEvent(event: SDLEvent) async {
|
||||||
|
switch event.event {
|
||||||
|
case .natChanged(let natChangedEvent):
|
||||||
|
let dstMac = natChangedEvent.mac
|
||||||
|
SDLLogger.log("[SDLContext] natChangedEvent, dstMac: \(dstMac)")
|
||||||
|
sessionManager.removeSession(dstMac: dstMac)
|
||||||
|
case .sendRegister(let sendRegisterEvent):
|
||||||
|
SDLLogger.log("[SDLContext] sendRegisterEvent, ip: \(sendRegisterEvent)")
|
||||||
|
// 发送register包
|
||||||
|
var register = SDLRegister()
|
||||||
|
register.networkID = self.config.networkAddress.networkId
|
||||||
|
register.srcMac = self.config.networkAddress.mac
|
||||||
|
register.dstMac = sendRegisterEvent.dstMac
|
||||||
|
let registerData = try! register.serializedData()
|
||||||
|
|
||||||
|
if sendRegisterEvent.natIp > 0 && sendRegisterEvent.natPort > 0 {
|
||||||
|
let address = SDLUtil.int32ToIp(sendRegisterEvent.natIp)
|
||||||
|
if let remoteAddress = try? SocketAddress.makeAddressResolvingHost(address, port: Int(sendRegisterEvent.natPort)) {
|
||||||
|
self.sendPeerPacket(type: .register, data: registerData, remoteAddress: remoteAddress)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if sendRegisterEvent.hasV6Info, let remoteAddress = try? await sendRegisterEvent.v6Info.socketAddress() {
|
||||||
|
self.sendPeerPacket(type: .register, data: registerData, remoteAddress: remoteAddress)
|
||||||
|
}
|
||||||
|
case .shutdown(let shutdownEvent):
|
||||||
|
let alertNotice = NoticeMessage.alert(alert: shutdownEvent.message)
|
||||||
|
self.noticeClient?.send(data: alertNotice)
|
||||||
|
|
||||||
|
// 报告错误并退出
|
||||||
|
let error = NSError(domain: "com.jihe.punchnet.tun", code: -2)
|
||||||
|
self.failReady(error)
|
||||||
|
self.provider.cancelTunnelWithError(error)
|
||||||
|
case .none:
|
||||||
|
()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private func doRegisterSuper() {
|
||||||
|
// 注册
|
||||||
|
var registerSuper = SDLRegisterSuper()
|
||||||
|
registerSuper.clientID = self.config.clientId
|
||||||
|
registerSuper.networkID = self.config.networkAddress.networkId
|
||||||
|
registerSuper.mac = self.config.networkAddress.mac
|
||||||
|
registerSuper.ip = self.config.networkAddress.ip
|
||||||
|
registerSuper.maskLen = UInt32(self.config.networkAddress.maskLen)
|
||||||
|
registerSuper.hostname = self.config.hostname
|
||||||
|
registerSuper.pubKey = self.rsaCipher.pubKey
|
||||||
|
registerSuper.accessToken = self.config.accessToken
|
||||||
|
|
||||||
|
if let registerSuperData = try? registerSuper.serializedData() {
|
||||||
|
SDLLogger.log("[SDLContext] will send register super")
|
||||||
|
self.quicClient?.send(type: .registerSuper, data: registerSuperData)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// 处理从Hole收到的数据
|
// 处理从Hole收到的数据
|
||||||
extension SDLContextActor {
|
extension SDLContextActor {
|
||||||
|
|
||||||
@ -874,11 +879,6 @@ extension SDLContextActor {
|
|||||||
let ruleMap = identitySnapshot.lookup(data.identityID)
|
let ruleMap = identitySnapshot.lookup(data.identityID)
|
||||||
|
|
||||||
if true || self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) {
|
if true || self.checkPolicy(ipPacket: ipPacket, ruleMap: ruleMap) {
|
||||||
// 用来做debug
|
|
||||||
if ipPacket.header.source == 168428037 {
|
|
||||||
SDLLogger.log("[SDLContext] hole data: \(Array(ipPacket.data)), len: \(ipPacket.data.count)", for: .trace)
|
|
||||||
}
|
|
||||||
|
|
||||||
let packet = NEPacket(data: ipPacket.data, protocolFamily: 2)
|
let packet = NEPacket(data: ipPacket.data, protocolFamily: 2)
|
||||||
self.provider.packetFlow.writePacketObjects([packet])
|
self.provider.packetFlow.writePacketObjects([packet])
|
||||||
SDLLogger.log("[SDLContext] hole identity: \(data.identityID), allow, data count: \(ipPacket.data.count)", for: .trace)
|
SDLLogger.log("[SDLContext] hole identity: \(data.identityID), allow, data count: \(ipPacket.data.count)", for: .trace)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user