bytedance · zh-jq · Nov 20, 2024 · Nov 20, 2024 · Nov 20, 2024
diff --git a/g3proxy/src/escape/direct_fixed/udp_relay/send.rs b/g3proxy/src/escape/direct_fixed/udp_relay/send.rs
@@ -98,6 +98,10 @@ where
         self.bind_v6 = bind;
     }
 
+    pub(crate) fn usable(&self) -> bool {
+        self.inner_v4.is_some() || self.inner_v6.is_some()
+    }
+
     fn poll_send_packet(
         &mut self,
         cx: &mut Context<'_>,

diff --git a/g3proxy/src/escape/direct_float/udp_relay/mod.rs b/g3proxy/src/escape/direct_float/udp_relay/mod.rs
@@ -17,6 +17,7 @@
 use std::net::SocketAddr;
 use std::sync::Arc;
 
+use anyhow::anyhow;
 use tokio::net::UdpSocket;
 
 use g3_io_ext::{LimitedUdpRecv, LimitedUdpSend, UdpRecvHalf, UdpSendHalf};
@@ -53,17 +54,27 @@ impl DirectFloatEscaper {
         );
 
         if !self.config.no_ipv4 {
-            let (bind, r, w) =
-                self.get_relay_socket(AddressFamily::Ipv4, task_conf, task_notes, &wrapper_stats)?;
-            recv.enable_v4(r, bind);
-            send.enable_v4(w, bind);
+            if let Ok((bind, r, w)) =
+                self.get_relay_socket(AddressFamily::Ipv4, task_conf, task_notes, &wrapper_stats)
+            {
+                recv.enable_v4(r, bind);
+                send.enable_v4(w, bind);
+            }
         }
 
         if !self.config.no_ipv6 {
-            let (bind, r, w) =
-                self.get_relay_socket(AddressFamily::Ipv6, task_conf, task_notes, &wrapper_stats)?;
-            recv.enable_v6(r, bind);
-            send.enable_v6(w, bind);
+            if let Ok((bind, r, w)) =
+                self.get_relay_socket(AddressFamily::Ipv6, task_conf, task_notes, &wrapper_stats)
+            {
+                recv.enable_v6(r, bind);
+                send.enable_v6(w, bind);
+            }
+        }
+
+        if !send.usable() {
+            return Err(UdpRelaySetupError::EscaperNotUsable(anyhow!(
+                "no ipv4 / ipv6 bind address found"
+            )));
         }
 
         Ok((Box::new(recv), Box::new(send), self.escape_logger.clone()))

diff --git a/scripts/coverage/g3proxy.sh b/scripts/coverage/g3proxy.sh
@@ -26,6 +26,11 @@ export SSL_CERT_FILE="${SCRIPTS_DIR}/g3proxy/rootCA.pem"
 
 # run g3proxy integration tests
 
+g3proxy_ctl()
+{
+	"${PROJECT_DIR}"/target/debug/g3proxy-ctl -G ${TEST_NAME} -p $PROXY_PID "$@"
+}
+
 set -x
 
 for dir in $(find "${SCRIPTS_DIR}/g3proxy/" -type d | sort)
@@ -42,7 +47,7 @@ do
 	[ -f "${dir}/testcases.sh" ] || continue
 	. "${dir}/testcases.sh"
 
-	"${PROJECT_DIR}"/target/debug/g3proxy-ctl -G ${TEST_NAME} -p $PROXY_PID offline
+	g3proxy_ctl offline
 	wait $PROXY_PID
 done
 

diff --git a/scripts/coverage/g3proxy/0007_chain_socks_proxy/g3proxy.yaml b/scripts/coverage/g3proxy/0007_chain_socks_proxy/g3proxy.yaml
@@ -28,24 +28,24 @@ escaper:
   - name: chained_socks5
     type: proxy_socks5
     resolver: hickory
-    proxy_addr: g3proxy.local:7080
+    proxy_addr: g3proxy.local:6080
   - name: chained_socks5s
     type: proxy_socks5s
     resolver: hickory
-    proxy_addr: g3proxy.local:7443
+    proxy_addr: g3proxy.local:6443
     tls_client:
       ca-certificate: ../rootCA.pem
     tls_name: g3proxy.local
 
 server:
   - name: chained_socks
     type: socks_proxy
-    listen: 127.0.0.1:7080
+    listen: 127.0.0.1:6080
     escaper: default
     use_udp_associate: true
   - name: chained_socks5s_port
     type: plain_tls_port
-    listen: 127.0.0.1:7443
+    listen: 127.0.0.1:6443
     server: chained_socks
     tls_server:
       cert_pairs:

diff --git a/scripts/coverage/g3proxy/0010_escaper_direct_float/g3proxy.yaml b/scripts/coverage/g3proxy/0010_escaper_direct_float/g3proxy.yaml
@@ -0,0 +1,33 @@
+---
+
+log: journal
+
+resolver:
+  - name: default
+    type: c-ares
+    server:
+      - 127.0.0.1
+
+escaper:
+  - name: direct_lazy
+    type: direct_float
+    resolver: default
+    resolve_strategy: IPv4First
+    egress_net_filter:
+      default: allow
+      allow: 127.0.0.1
+
+server:
+  - name: http
+    type: http_proxy
+    listen: 127.0.0.1:8080
+    escaper: direct_lazy
+  - name: socks1
+    type: socks_proxy
+    listen: 127.0.0.1:1080
+    escaper: direct_lazy
+  - name: socks2
+    type: socks_proxy
+    listen: 127.0.0.1:1081
+    escaper: direct_lazy
+    use-udp-associate: true
diff --git a/scripts/coverage/g3proxy/0010_escaper_direct_float/testcases.sh b/scripts/coverage/g3proxy/0010_escaper_direct_float/testcases.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+
+g3proxy_ctl escaper direct_lazy publish "{\"ipv4\": \"127.0.0.1\"}"
+
+
+HTTP_PROXY="http://127.0.0.1:8080"
+test_http_proxy_http_forward
+test_http_proxy_ftp_over_http
+
+
+for port in 1080 1081
+do
+	SOCKS5_PROXY="socks5h://127.0.0.1:${port}"
+	test_socks5_proxy_http
+	test_socks5_proxy_dns
+
+
+	SOCKS4_PROXY="socks4a://127.0.0.1:${port}"
+	test_socks4_proxy_http
+done
diff --git a/scripts/coverage/g3proxy/0011_escaper_proxy_float/g3proxy.yaml b/scripts/coverage/g3proxy/0011_escaper_proxy_float/g3proxy.yaml
@@ -0,0 +1,65 @@
+---
+
+log: journal
+
+resolver:
+  - name: default
+    type: c-ares
+    server:
+      - 127.0.0.1
+
+escaper:
+  - name: default
+    type: direct_fixed
+    resolver: default
+    egress_net_filter:
+      default: allow
+      allow: 127.0.0.1
+  - name: float_passive
+    type: proxy_float
+    source:
+      type: passive
+    tls_client:
+      ca_certificate: ../rootCA.pem
+
+server:
+  - name: chained_http
+    type: http_proxy
+    listen: 127.0.0.1:7080
+    escaper: default
+  - name: chained_https
+    type: http_proxy
+    listen: 127.0.0.1:7443
+    escaper: default
+    tls_server:
+      cert_pairs:
+        certificate: ../g3proxy.local.pem
+        private-key: ../g3proxy.local-key.pem
+    tls_client:
+      ca_certificate: ../rootCA.pem
+  - name: chained_socks
+    type: socks_proxy
+    listen: 127.0.0.1:6080
+    escaper: default
+    use_udp_associate: true
+  - name: chained_socks5s_port
+    type: native_tls_port
+    listen: 127.0.0.1:6443
+    server: chained_socks
+    tls_server:
+      cert_pairs:
+        certificate: ../g3proxy.local.pem
+        private-key: ../g3proxy.local-key.pem
+  - name: http
+    type: http_proxy
+    listen: 127.0.0.1:8080
+    escaper: float_passive
+  - name: socks1
+    type: socks_proxy
+    listen: 127.0.0.1:1080
+    escaper: float_passive
+  - name: socks2
+    type: socks_proxy
+    listen: 127.0.0.1:1081
+    escaper: float_passive
+    use-udp-associate: true
diff --git a/scripts/coverage/g3proxy/0011_escaper_proxy_float/testcases.sh b/scripts/coverage/g3proxy/0011_escaper_proxy_float/testcases.sh
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+
+g3proxy_ctl escaper float_passive publish '{"type":"http","addr":"127.0.0.1:7080"}'
+
+
+HTTP_PROXY="http://127.0.0.1:8080"
+test_http_proxy_http_forward
+
+
+for port in 1080 1081
+do
+	SOCKS5_PROXY="socks5h://127.0.0.1:${port}"
+	test_socks5_proxy_http
+
+
+	SOCKS4_PROXY="socks4a://127.0.0.1:${port}"
+	test_socks4_proxy_http
+done
+
+
+g3proxy_ctl escaper float_passive publish '{"type":"https","addr":"127.0.0.1:7443", "tls_name": "g3proxy.local"}'
+
+
+HTTP_PROXY="http://127.0.0.1:8080"
+test_http_proxy_http_forward
+
+
+for port in 1080 1081
+do
+	SOCKS5_PROXY="socks5h://127.0.0.1:${port}"
+	test_socks5_proxy_http
+
+
+	SOCKS4_PROXY="socks4a://127.0.0.1:${port}"
+	test_socks4_proxy_http
+done
+
+g3proxy_ctl escaper float_passive publish '{"type":"socks5","addr":"127.0.0.1:6080"}'
+
+
+HTTP_PROXY="http://127.0.0.1:8080"
+test_http_proxy_http_forward
+
+
+for port in 1080 1081
+do
+	SOCKS5_PROXY="socks5h://127.0.0.1:${port}"
+	test_socks5_proxy_http
+	test_socks5_proxy_dns
+
+
+	SOCKS4_PROXY="socks4a://127.0.0.1:${port}"
+	test_socks4_proxy_http
+done
+
+
+g3proxy_ctl escaper float_passive publish '{"type":"socks5s","addr":"127.0.0.1:6443", "tls_name": "g3proxy.local"}'
+
+
+HTTP_PROXY="http://127.0.0.1:8080"
+test_http_proxy_http_forward
+
+
+for port in 1080 1081
+do
+	SOCKS5_PROXY="socks5h://127.0.0.1:${port}"
+	test_socks5_proxy_http
+	test_socks5_proxy_dns
+
+
+	SOCKS4_PROXY="socks4a://127.0.0.1:${port}"
+	test_socks4_proxy_http
+done
+