Merge branch 'release/0.6.0'

lparam · Jun 2, 2019 · 2afbd1a · 2afbd1a
2 parents e922add + 39a75b7
commit 2afbd1a
Show file tree

Hide file tree

Showing 40 changed files with 1,493 additions and 1,053 deletions.
diff --git a/3rd/libsodium b/3rd/libsodium
diff --git a/3rd/libuv b/3rd/libuv
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,3 +1,8 @@
+v0.6.0 (2019-6-01)
+-----------
+* Change: chacha20poly1305 instead of salsa208poly1305
+
+
 v0.5.2 (2017-8-30)
 -----------
 * Feature: NAT Keepalive

diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 MAJOR = 0
-MINOR = 5
-PATCH = 2
+MINOR = 6
+PATCH = 0
 NAME = xTun
 
 ifdef O
@@ -80,22 +80,26 @@ else
 LIBS += -lrt
 endif
 
+ifdef OPENWRT
+LIBS += -latomic
+endif
+
 LIBS += $(OBJTREE)/3rd/libuv/.libs/libuv.a
 LIBS += $(OBJTREE)/3rd/libsodium/src/libsodium/.libs/libsodium.a
 
 LIBS += -pthread -ldl
 
 LDFLAGS += $(LIBS)
 
-XTUN=$(OBJTREE)/xTun
-XTUN_STATIC=$(OBJTREE)/libxTun.a
+xTUN=$(OBJTREE)/xTun
+xTUN_STATIC=$(OBJTREE)/libxTun.a
 
 #########################################################################
 include $(SRCTREE)/config.mk
 #########################################################################
 
-all: libuv libsodium $(XTUN)
-android: libuv libsodium $(XTUN_STATIC)
+all: libuv libsodium $(xTUN)
+android: libuv libsodium $(xTUN_STATIC)
 
 3rd/libuv/autogen.sh:
 	$(Q)git submodule update --init
@@ -118,12 +122,12 @@ $(OBJTREE)/3rd/libsodium/Makefile: | 3rd/libsodium/autogen.sh
 
 libsodium: $(OBJTREE)/3rd/libsodium/Makefile
 
-$(XTUN): \
+$(xTUN): \
 	$(OBJTREE)/src/util.o \
-	$(OBJTREE)/src/common.o \
 	$(OBJTREE)/src/logger.o \
 	$(OBJTREE)/src/daemon.o \
 	$(OBJTREE)/src/signal.o \
+	$(OBJTREE)/src/buffer.o \
 	$(OBJTREE)/src/crypto.o \
 	$(OBJTREE)/src/peer.o \
 	$(OBJTREE)/src/packet.o \
@@ -135,10 +139,10 @@ $(XTUN): \
 	$(OBJTREE)/src/main.o
 	$(LINK) $^ -o $@ $(LDFLAGS)
 
-$(XTUN_STATIC): \
+$(xTUN_STATIC): \
 	$(OBJTREE)/src/util.o \
-	$(OBJTREE)/src/common.o \
 	$(OBJTREE)/src/logger.o \
+	$(OBJTREE)/src/buffer.o \
 	$(OBJTREE)/src/crypto.o \
 	$(OBJTREE)/src/checksum.o \
 	$(OBJTREE)/src/android.o \
@@ -149,15 +153,15 @@ $(XTUN_STATIC): \
 	$(OBJTREE)/src/tcp_server.o \
 	$(OBJTREE)/src/udp.o \
 	$(OBJTREE)/src/tun.o
-	$(BUILD_AR) rcu $@ $^
+	$(BUILD_AR) rc $@ $^
 	$(BUILD_RANLIB) $@
 
 clean:
 	@find $(OBJTREE)/src -type f \
 	\( -name '*.o' -o -name '*~' \
 	-o -name '*.tmp' \) -print \
 	| xargs rm -f
-	@rm -f $(XTUN) $(XTUN_STATIC)
+	@rm -f $(xTUN) $(xTUN_STATIC)
 
 distclean: clean
 ifeq ($(OBJTREE)/3rd/libsodium/Makefile, $(wildcard $(OBJTREE)/3rd/libsodium/Makefile))

diff --git a/openwrt/Makefile b/openwrt/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=xTun
-PKG_VERSION:=0.5.2
+PKG_VERSION:=0.6.0
 PKG_RELEASE=
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
@@ -27,7 +27,7 @@ endef
 
 define Package/xTun
   $(call Package/xTun/Default)
-  DEPENDS:=+libpthread +librt
+  DEPENDS:=+libatomic +libpthread +librt
 endef
 
 define Package/xTun/description

diff --git a/openwrt/files/xTun.init b/openwrt/files/xTun.init
@@ -8,7 +8,7 @@ FIREWALL_RELOAD=0
 IFACE=tun0
 IP=10.0.0.2/24
 SERVER=IP
-PORT=PORt
+PORT=PORT
 PASSWORD=PASSWORD
 
 IP_ROUTE_TABLE=xTun
@@ -56,7 +56,7 @@ net_start() {
         iptables -F $CHAIN
         iptables -Z $CHAIN
     )
-    iptables -I $CHAIN 1 -i $IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+    iptables -I $CHAIN 1 -i $IFACE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
     iptables -I $CHAIN 1 -o $IFACE -j ACCEPT
     iptables -I FORWARD -j $CHAIN
 

diff --git a/scripts/client.sh b/scripts/client.sh
@@ -0,0 +1,151 @@
+#!/bin/sh
+
+IFACE=tun0
+CIDR=10.0.0.2/24
+SERVER=216.250.96.80
+PORT=1082
+PASSWORD=password
+
+IP_ROUTE_TABLE=xTun
+FWMARK="0x023/0x023"
+SETNAME=wall
+CHAIN=xTun
+DNS=8.8.8.8
+BLACK_LIST=black_list
+
+start() {
+    xTun -i $IFACE -I $CIDR -k $PASSWORD -c $SERVER -p $PORT
+    net_start
+    acl add
+}
+
+stop() {
+    net_stop
+    acl del
+    xTun --signal stop
+}
+
+shutdown() {
+    net_stop
+    acl del
+    xTun --signal quit
+}
+
+net_start() {
+    sysctl -w net.ipv4.ip_forward=1 >> /dev/null
+
+    for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
+        echo 0 > $f
+    done
+
+    iptables -t nat -N $CHAIN > /dev/null 2>&1 || (
+        iptables -t nat -D POSTROUTING -j $CHAIN
+        iptables -t nat -F $CHAIN
+        iptables -t nat -Z $CHAIN
+    )
+    iptables -t nat -A $CHAIN -o $IFACE -j MASQUERADE
+    iptables -t nat -A POSTROUTING -j $CHAIN
+
+    iptables -N $CHAIN > /dev/null 2>&1 || (
+        iptables -D FORWARD -j $CHAIN
+        iptables -F $CHAIN
+        iptables -Z $CHAIN
+    )
+    iptables -I $CHAIN 1 -i $IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+    iptables -I $CHAIN 1 -o $IFACE -j ACCEPT
+    iptables -I FORWARD -j $CHAIN
+
+    iptables -t mangle -N $CHAIN > /dev/null 2>&1 || (
+        iptables -t mangle -D PREROUTING -j $CHAIN
+        iptables -t mangle -D OUTPUT -j $CHAIN
+        iptables -t mangle -F $CHAIN
+        iptables -t mangle -Z $CHAIN
+    )
+    ipset -N $SETNAME iphash -exist
+    iptables -t mangle -A $CHAIN -m set --match-set $SETNAME dst -j MARK --set-mark $FWMARK
+    iptables -t mangle -A PREROUTING -j $CHAIN
+    iptables -t mangle -A OUTPUT -j $CHAIN
+
+    xTun_rule_ids=`ip rule list | grep "lookup $IP_ROUTE_TABLE" | sed 's/://g' | awk '{print $1}'`
+    for rule_id in $xTun_rule_ids
+    do
+        ip rule del prio $rule_id
+    done
+
+    CHKIPROUTE=$(grep $IP_ROUTE_TABLE /etc/iproute2/rt_tables)
+    if [ -z "$CHKIPROUTE" ]; then
+        echo "200 $IP_ROUTE_TABLE" >> /etc/iproute2/rt_tables
+    fi
+
+    ip route add default dev $IFACE table $IP_ROUTE_TABLE
+    ip route list | grep -q "$DNS dev $IFACE" || ip route add $DNS dev $IFACE
+    ip rule list | grep -q "fwmark $FWMARK lookup $IP_ROUTE_TABLE" || ip rule add fwmark $FWMARK table $IP_ROUTE_TABLE
+
+    ip route flush cache
+}
+
+net_stop() {
+    iptables -t nat -D POSTROUTING -j $CHAIN > /dev/null 2>&1
+    iptables -t nat -F $CHAIN > /dev/null 2>&1
+    iptables -t nat -X $CHAIN > /dev/null 2>&1
+
+    iptables -D FORWARD -j $CHAIN > /dev/null 2>&1
+    iptables -F $CHAIN > /dev/null 2>&1
+    iptables -X $CHAIN > /dev/null 2>&1
+
+    iptables -t mangle -D PREROUTING -j $CHAIN > /dev/null 2>&1
+    iptables -t mangle -D OUTPUT -j $CHAIN > /dev/null 2>&1
+    iptables -t mangle -F $CHAIN > /dev/null 2>&1
+    iptables -t mangle -X $CHAIN > /dev/null 2>&1
+
+    ip route del default dev $IFACE table $IP_ROUTE_TABLE > /dev/null 2>&1
+    ip route del $DNS dev $IFACE > /dev/null 2>&1
+    xTun_rule_ids=`ip rule list | grep "lookup $IP_ROUTE_TABLE" | sed 's/://g' | awk '{print $1}'`
+    for rule_id in $xTun_rule_ids
+    do
+        ip rule del prio $rule_id
+    done
+
+    ip route flush cache
+}
+
+acl() {
+    if [ ! -f $BLACK_LIST ]; then
+        return
+    fi
+
+    while read line;do
+        [ -z "$line" ] && continue
+        case "$line" in \#*) continue ;; esac
+        ipset $1 $SETNAME $line --exist
+    done < $BLACK_LIST
+}
+
+show_help() {
+    echo "Usage: $ProgName <command> [options]"
+    echo "Commands:"
+    echo "    start   start tun"
+    echo "    stop    stop tun"
+    echo ""
+    echo "For help with each command run:"
+    echo "$ProgName <command> -h|--help"
+    echo ""
+}
+
+ProgName=$(basename $0)
+
+command=$1
+case $command in
+    "" | "-h" | "--help")
+        show_help
+        ;;
+    *)
+        shift
+        ${command} $@
+        if [ $? = 127 ]; then
+            echo "Error: '$command' is not a known command." >&2
+            echo "       Run '$ProgName --help' for a list of known commands." >&2
+            exit 1
+        fi
+        ;;
+esac
diff --git a/scripts/client_down.sh b/scripts/client_down.sh
diff --git a/scripts/client_up.sh b/scripts/client_up.sh