Skip to content

Commit 308270a

Browse files
patternihapatterniha
authored
Freedom: Fix UDP reply mismatch-address (XTLS#4816)
1 parent 4024e60 commit 308270a

1 file changed

Lines changed: 17 additions & 7 deletions

File tree

proxy/freedom/freedom.go

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -239,7 +239,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
239239
if destination.Network == net.Network_TCP {
240240
reader = buf.NewReader(conn)
241241
} else {
242-
reader = NewPacketReader(conn, UDPOverride)
242+
reader = NewPacketReader(conn, UDPOverride, destination)
243243
}
244244
if err := buf.Copy(reader, output, buf.UpdateActivity(timer)); err != nil {
245245
return errors.New("failed to process response").Base(err)
@@ -274,7 +274,7 @@ func isTLSConn(conn stat.Connection) bool {
274274
return false
275275
}
276276

277-
func NewPacketReader(conn net.Conn, UDPOverride net.Destination) buf.Reader {
277+
func NewPacketReader(conn net.Conn, UDPOverride net.Destination, DialDest net.Destination) buf.Reader {
278278
iConn := conn
279279
statConn, ok := iConn.(*stat.CounterConnection)
280280
if ok {
@@ -284,10 +284,15 @@ func NewPacketReader(conn net.Conn, UDPOverride net.Destination) buf.Reader {
284284
if statConn != nil {
285285
counter = statConn.ReadCounter
286286
}
287-
if c, ok := iConn.(*internet.PacketConnWrapper); ok && UDPOverride.Address == nil && UDPOverride.Port == 0 {
287+
if c, ok := iConn.(*internet.PacketConnWrapper); ok {
288+
isAddrChanged := false
289+
if UDPOverride.Address != nil || UDPOverride.Port != 0 || DialDest.Address.Family().IsDomain() {
290+
isAddrChanged = true
291+
}
288292
return &PacketReader{
289293
PacketConnWrapper: c,
290294
Counter: counter,
295+
IsAddrChanged: isAddrChanged,
291296
}
292297
}
293298
return &buf.PacketReader{Reader: conn}
@@ -296,6 +301,7 @@ func NewPacketReader(conn net.Conn, UDPOverride net.Destination) buf.Reader {
296301
type PacketReader struct {
297302
*internet.PacketConnWrapper
298303
stats.Counter
304+
IsAddrChanged bool
299305
}
300306

301307
func (r *PacketReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
@@ -307,10 +313,14 @@ func (r *PacketReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
307313
return nil, err
308314
}
309315
b.Resize(0, int32(n))
310-
b.UDP = &net.Destination{
311-
Address: net.IPAddress(d.(*net.UDPAddr).IP),
312-
Port: net.Port(d.(*net.UDPAddr).Port),
313-
Network: net.Network_UDP,
316+
// if udp dest addr is changed, we are unable to get the correct src addr
317+
// so we don't attach src info to udp packet, break cone behavior, assuming the dial dest is the expected scr addr
318+
if !r.IsAddrChanged {
319+
b.UDP = &net.Destination{
320+
Address: net.IPAddress(d.(*net.UDPAddr).IP),
321+
Port: net.Port(d.(*net.UDPAddr).Port),
322+
Network: net.Network_UDP,
323+
}
314324
}
315325
if r.Counter != nil {
316326
r.Counter.Add(int64(n))

0 commit comments

Comments
 (0)