diff --git a/Cargo.lock b/Cargo.lock index e75f8957f610..8fcade0fc162 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1337,20 +1337,26 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "07698b8420e2f0d6447a436ba999ec85d8fbf2a398bbd737b82cac4a2e96e512" dependencies = [ "async-trait", + "bytes", "cfg-if", "data-encoding", "enum-as-inner", "futures-channel", "futures-io", "futures-util", + "h2 0.3.26", + "http 0.2.12", "idna 0.4.0", "ipnet", "once_cell", "rand 0.8.5", + "rustls", + "rustls-pemfile", "serde", "thiserror", "tinyvec", "tokio", + "tokio-rustls", "tracing", "url", ] @@ -1370,10 +1376,12 @@ dependencies = [ "parking_lot", "rand 0.8.5", "resolv-conf", + "rustls", "serde", "smallvec", "thiserror", "tokio", + "tokio-rustls", "tracing", ] @@ -2314,6 +2322,17 @@ dependencies = [ "talpid-platform-metadata", ] +[[package]] +name = "mullvad-obfuscated-dns-proxy" +version = "0.0.0" +dependencies = [ + "byteorder", + "hickory-resolver", + "rustls", + "tokio", + "webpki-roots", +] + [[package]] name = "mullvad-paths" version = "0.0.0" @@ -4703,6 +4722,12 @@ version = "0.2.92" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96" +[[package]] +name = "webpki-roots" +version = "0.25.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" + [[package]] name = "which" version = "4.4.2" diff --git a/Cargo.toml b/Cargo.toml index 8c7073901d51..cef82e453366 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,7 +17,7 @@ members = [ "mullvad-ios", "mullvad-jni", "mullvad-management-interface", - "mullvad-nsis", + "mullvad-nsis", "mullvad-obfuscated-dns-proxy", "mullvad-paths", "mullvad-problem-report", "mullvad-relay-selector", diff --git a/mullvad-obfuscated-dns-proxy/Cargo.lock b/mullvad-obfuscated-dns-proxy/Cargo.lock new file mode 100644 index 000000000000..88e6049d31ee --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/Cargo.lock @@ -0,0 +1,1221 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "addr2line" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e4503c46a5c0c7844e948c9a4d6acd9f50cccb4de1c48eb9e291ea17470c678" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + +[[package]] +name = "async-trait" +version = "0.1.82" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a27b8a3a6e1a44fa4c8baf1f653e4172e81486d4941f2237e20dc2d0cf4ddff1" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "autocfg" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0" + +[[package]] +name = "backtrace" +version = "0.3.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5cc23269a4f8976d0a4d2e7109211a419fe30e8d88d677cd60b6bc79c5732e0a" +dependencies = [ + "addr2line", + "cc", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", +] + +[[package]] +name = "base64" +version = "0.21.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" + +[[package]] +name = "bitflags" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de" + +[[package]] +name = "bumpalo" +version = "3.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c" + +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + +[[package]] +name = "bytes" +version = "1.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8318a53db07bb3f8dca91a600466bdb3f2eaadeedfdbcf02e1accbad9271ba50" + +[[package]] +name = "cc" +version = "1.1.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57b6a275aa2903740dc87da01c62040406b8812552e97129a63ea8850a17c6e6" +dependencies = [ + "shlex", +] + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "data-encoding" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e8566979429cf69b49a5c740c60791108e86440e8be149bbea4fe54d2c32d6e2" + +[[package]] +name = "endian-type" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c34f04666d835ff5d62e058c3995147c06f42fe86ff053337632bca83e42702d" + +[[package]] +name = "enum-as-inner" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ffccbb6966c05b32ef8fbac435df276c4ae4d3dc55a8cd0eb9745e6c12f546a" +dependencies = [ + "heck", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "form_urlencoded" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "futures-channel" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78" +dependencies = [ + "futures-core", +] + +[[package]] +name = "futures-core" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" + +[[package]] +name = "futures-io" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" + +[[package]] +name = "futures-sink" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5" + +[[package]] +name = "futures-task" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" + +[[package]] +name = "futures-util" +version = "0.3.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" +dependencies = [ + "futures-core", + "futures-task", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "getrandom" +version = "0.2.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7" +dependencies = [ + "cfg-if", + "libc", + "wasi", +] + +[[package]] +name = "gimli" +version = "0.29.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "40ecd4077b5ae9fd2e9e169b102c6c330d0605168eb0e8bf79952b256dbefffd" + +[[package]] +name = "h2" +version = "0.3.26" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "hashbrown" +version = "0.14.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" + +[[package]] +name = "heck" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" + +[[package]] +name = "hermit-abi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d231dfb89cfffdbc30e7fc41579ed6066ad03abda9e567ccafae602b97ec5024" + +[[package]] +name = "hickory-client" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab9683b08d8f8957a857b0236455d80e1886eaa8c6178af556aa7871fb61b55" +dependencies = [ + "cfg-if", + "data-encoding", + "futures-channel", + "futures-util", + "hickory-proto", + "once_cell", + "radix_trie", + "rand", + "rustls", + "thiserror", + "tokio", + "tracing", +] + +[[package]] +name = "hickory-proto" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07698b8420e2f0d6447a436ba999ec85d8fbf2a398bbd737b82cac4a2e96e512" +dependencies = [ + "async-trait", + "bytes", + "cfg-if", + "data-encoding", + "enum-as-inner", + "futures-channel", + "futures-io", + "futures-util", + "h2", + "http", + "idna 0.4.0", + "ipnet", + "once_cell", + "rand", + "ring 0.16.20", + "rustls", + "rustls-pemfile", + "thiserror", + "tinyvec", + "tokio", + "tokio-rustls", + "tracing", + "url", +] + +[[package]] +name = "hickory-resolver" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "28757f23aa75c98f254cf0405e6d8c25b831b32921b050a66692427679b1f243" +dependencies = [ + "cfg-if", + "futures-util", + "hickory-proto", + "ipconfig", + "lru-cache", + "once_cell", + "parking_lot", + "rand", + "resolv-conf", + "rustls", + "smallvec", + "thiserror", + "tokio", + "tokio-rustls", + "tracing", +] + +[[package]] +name = "hostname" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c731c3e10504cc8ed35cfe2f1db4c9274c3d35fa486e3b31df46f068ef3e867" +dependencies = [ + "libc", + "match_cfg", + "winapi", +] + +[[package]] +name = "http" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "idna" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d20d6b07bfbc108882d88ed8e37d39636dcc260e15e30c45e6ba089610b917c" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "idna" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "indexmap" +version = "2.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +dependencies = [ + "equivalent", + "hashbrown", +] + +[[package]] +name = "ipconfig" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b58db92f96b720de98181bbbe63c831e87005ab460c1bf306eb2622b4707997f" +dependencies = [ + "socket2", + "widestring", + "windows-sys 0.48.0", + "winreg", +] + +[[package]] +name = "ipnet" +version = "2.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f518f335dce6725a761382244631d86cf0ccb2863413590b31338feb467f9c3" + +[[package]] +name = "itoa" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" + +[[package]] +name = "js-sys" +version = "0.3.70" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1868808506b929d7b0cfa8f75951347aa71bb21144b7791bae35d9bccfcfe37a" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "libc" +version = "0.2.158" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439" + +[[package]] +name = "linked-hash-map" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" + +[[package]] +name = "lock_api" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17" +dependencies = [ + "autocfg", + "scopeguard", +] + +[[package]] +name = "log" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24" + +[[package]] +name = "lru-cache" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31e24f1ad8321ca0e8a1e0ac13f23cb668e6f5466c2c57319f6a5cf1cc8e3b1c" +dependencies = [ + "linked-hash-map", +] + +[[package]] +name = "match_cfg" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffbee8634e0d45d258acb448e7eaab3fce7a0a467395d4d9f228e3c1f01fb2e4" + +[[package]] +name = "memchr" +version = "2.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" + +[[package]] +name = "miniz_oxide" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8a240ddb74feaf34a79a7add65a741f3167852fba007066dcac1ca548d89c08" +dependencies = [ + "adler", +] + +[[package]] +name = "mio" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80e04d1dcff3aae0704555fe5fee3bcfaf3d1fdf8a7e521d5b9d2b42acb52cec" +dependencies = [ + "hermit-abi", + "libc", + "wasi", + "windows-sys 0.52.0", +] + +[[package]] +name = "mullvad-dns-proxy" +version = "0.1.0" +dependencies = [ + "byteorder", + "hickory-client", + "hickory-resolver", + "rustls", + "tokio", + "webpki-roots", +] + +[[package]] +name = "nibble_vec" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77a5d83df9f36fe23f0c3648c6bbb8b0298bb5f1939c8f2704431371f4b84d43" +dependencies = [ + "smallvec", +] + +[[package]] +name = "object" +version = "0.36.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "084f1a5821ac4c651660a94a7153d27ac9d8a53736203f58b31945ded098070a" +dependencies = [ + "memchr", +] + +[[package]] +name = "once_cell" +version = "1.19.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" + +[[package]] +name = "parking_lot" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1bf18183cf54e8d6059647fc3063646a1801cf30896933ec2311622cc4b9a27" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets 0.52.6", +] + +[[package]] +name = "percent-encoding" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" + +[[package]] +name = "pin-project-lite" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "ppv-lite86" +version = "0.2.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04" +dependencies = [ + "zerocopy", +] + +[[package]] +name = "proc-macro2" +version = "1.0.86" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quick-error" +version = "1.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0" + +[[package]] +name = "quote" +version = "1.0.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "radix_trie" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c069c179fcdc6a2fe24d8d18305cf085fdbd4f922c041943e203685d6a1c58fd" +dependencies = [ + "endian-type", + "nibble_vec", +] + +[[package]] +name = "rand" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +dependencies = [ + "libc", + "rand_chacha", + "rand_core", +] + +[[package]] +name = "rand_chacha" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" +dependencies = [ + "ppv-lite86", + "rand_core", +] + +[[package]] +name = "rand_core" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" +dependencies = [ + "getrandom", +] + +[[package]] +name = "redox_syscall" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a908a6e00f1fdd0dfd9c0eb08ce85126f6d8bbda50017e74bc4a4b7d4a926a4" +dependencies = [ + "bitflags", +] + +[[package]] +name = "resolv-conf" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52e44394d2086d010551b14b53b1f24e31647570cd1deb0379e2c21b329aba00" +dependencies = [ + "hostname", + "quick-error", +] + +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin 0.5.2", + "untrusted 0.7.1", + "web-sys", + "winapi", +] + +[[package]] +name = "ring" +version = "0.17.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d" +dependencies = [ + "cc", + "cfg-if", + "getrandom", + "libc", + "spin 0.9.8", + "untrusted 0.9.0", + "windows-sys 0.52.0", +] + +[[package]] +name = "rustc-demangle" +version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" + +[[package]] +name = "rustls" +version = "0.21.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f56a14d1f48b391359b22f731fd4bd7e43c97f3c50eee276f3aa09c94784d3e" +dependencies = [ + "log", + "ring 0.17.8", + "rustls-webpki", + "sct", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c" +dependencies = [ + "base64", +] + +[[package]] +name = "rustls-webpki" +version = "0.101.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b6275d1ee7a1cd780b64aca7726599a1dbc893b1e64144529e55c3c2f745765" +dependencies = [ + "ring 0.17.8", + "untrusted 0.9.0", +] + +[[package]] +name = "scopeguard" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" + +[[package]] +name = "sct" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da046153aa2352493d6cb7da4b6e5c0c057d8a1d0a9aa8560baffdd945acd414" +dependencies = [ + "ring 0.17.8", + "untrusted 0.9.0", +] + +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + +[[package]] +name = "signal-hook-registry" +version = "1.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1" +dependencies = [ + "libc", +] + +[[package]] +name = "slab" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67" +dependencies = [ + "autocfg", +] + +[[package]] +name = "smallvec" +version = "1.13.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" + +[[package]] +name = "socket2" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" +dependencies = [ + "libc", + "windows-sys 0.52.0", +] + +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + +[[package]] +name = "syn" +version = "2.0.77" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9f35bcdf61fd8e7be6caf75f429fdca8beb3ed76584befb503b1569faee373ed" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "thiserror" +version = "1.0.63" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0342370b38b6a11b6cc11d6a805569958d54cfa061a29969c3b5ce2ea405724" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.63" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tinyvec" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "445e881f4f6d382d5f27c034e25eb92edd7c784ceab92a0937db7f2e9471b938" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + +[[package]] +name = "tokio" +version = "1.40.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998" +dependencies = [ + "backtrace", + "bytes", + "libc", + "mio", + "parking_lot", + "pin-project-lite", + "signal-hook-registry", + "socket2", + "tokio-macros", + "windows-sys 0.52.0", +] + +[[package]] +name = "tokio-macros" +version = "2.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tokio-rustls" +version = "0.24.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" +dependencies = [ + "rustls", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.7.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cf6b47b3771c49ac75ad09a6162f53ad4b8088b76ac60e8ec1455b31a189fe1" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tracing" +version = "0.1.40" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" +dependencies = [ + "pin-project-lite", + "tracing-attributes", + "tracing-core", +] + +[[package]] +name = "tracing-attributes" +version = "0.1.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tracing-core" +version = "0.1.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" +dependencies = [ + "once_cell", +] + +[[package]] +name = "unicode-bidi" +version = "0.3.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08f95100a766bf4f8f28f90d77e0a5461bbdb219042e7679bebe79004fed8d75" + +[[package]] +name = "unicode-ident" +version = "1.0.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" + +[[package]] +name = "unicode-normalization" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a56d1686db2308d901306f92a263857ef59ea39678a5458e7cb17f01415101f5" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + +[[package]] +name = "url" +version = "2.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "22784dbdf76fdde8af1aeda5622b546b422b6fc585325248a2bf9f5e41e94d6c" +dependencies = [ + "form_urlencoded", + "idna 0.5.0", + "percent-encoding", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a82edfc16a6c469f5f44dc7b571814045d60404b55a0ee849f9bcfa2e63dd9b5" +dependencies = [ + "cfg-if", + "once_cell", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9de396da306523044d3302746f1208fa71d7532227f15e347e2d93e4145dd77b" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "585c4c91a46b072c92e908d99cb1dcdf95c5218eeb6f3bf1efa991ee7a68cccf" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.93" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c62a0a307cb4a311d3a07867860911ca130c3494e8c2719593806c08bc5d0484" + +[[package]] +name = "web-sys" +version = "0.3.70" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26fdeaafd9bd129f65e7c031593c24d62186301e0c72c8978fa1678be7d532c0" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webpki-roots" +version = "0.25.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" + +[[package]] +name = "widestring" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7219d36b6eac893fa81e84ebe06485e7dcbb616177469b142df14f1f4deb1311" + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets 0.48.5", +] + +[[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.6", +] + +[[package]] +name = "windows-targets" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" +dependencies = [ + "windows_aarch64_gnullvm 0.48.5", + "windows_aarch64_msvc 0.48.5", + "windows_i686_gnu 0.48.5", + "windows_i686_msvc 0.48.5", + "windows_x86_64_gnu 0.48.5", + "windows_x86_64_gnullvm 0.48.5", + "windows_x86_64_msvc 0.48.5", +] + +[[package]] +name = "windows-targets" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" +dependencies = [ + "windows_aarch64_gnullvm 0.52.6", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", + "windows_i686_gnullvm", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", + "windows_x86_64_gnullvm 0.52.6", + "windows_x86_64_msvc 0.52.6", +] + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" + +[[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" + +[[package]] +name = "windows_aarch64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" + +[[package]] +name = "windows_i686_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" + +[[package]] +name = "windows_i686_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" + +[[package]] +name = "windows_i686_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" + +[[package]] +name = "windows_i686_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" + +[[package]] +name = "windows_i686_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" + +[[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.48.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.52.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" + +[[package]] +name = "winreg" +version = "0.50.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1" +dependencies = [ + "cfg-if", + "windows-sys 0.48.0", +] + +[[package]] +name = "zerocopy" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0" +dependencies = [ + "byteorder", + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] diff --git a/mullvad-obfuscated-dns-proxy/Cargo.toml b/mullvad-obfuscated-dns-proxy/Cargo.toml new file mode 100644 index 000000000000..8004813c5837 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "mullvad-obfuscated-dns-proxy" +authors.workspace = true +repository.workspace = true +license.workspace = true +edition.workspace = true +rust-version.workspace = true + +[lints] +workspace = true + +[dependencies] +tokio = { version = "1", features = [ "full" ]} +byteorder = "1" +hickory-resolver = { version = "0.24.1", features = [ "dns-over-https-rustls" ]} +webpki-roots = "0.25.0" +rustls = "0.21" diff --git a/mullvad-obfuscated-dns-proxy/src/config/mod.rs b/mullvad-obfuscated-dns-proxy/src/config/mod.rs new file mode 100644 index 000000000000..34858da55e66 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/config/mod.rs @@ -0,0 +1,88 @@ +use std::{ + io::Cursor, + net::{Ipv6Addr, SocketAddrV4}, +}; + +use byteorder::{LittleEndian, ReadBytesExt}; + +mod plain; +mod xor; +pub use plain::Plain; +pub use xor::Xor; + +#[derive(Debug)] +pub enum Error { + UnknownType(u16), + InvalidXor(xor::Error), + InvalidPlain(plain::Error), +} + +enum ProxyType { + Plain, + XorV1, + XorV2, +} + +impl TryFrom for ProxyType { + type Error = Error; + + fn try_from(value: Ipv6Addr) -> Result { + let mut data = Cursor::new(value.octets()); + // skip the first 2 bytes since it's just padding to make the IP look more like a legit + // IPv6 address. + let _ = data + .read_u16::() + .expect("IPv6 must have at least 16 bytes"); + + match data + .read_u16::() + .expect("IPv6 must have at least 16 bytes") + { + 0x01 => Ok(Self::Plain), + 0x02 => Ok(Self::XorV1), + 0x03 => Ok(Self::XorV2), + unknown => Err(Error::UnknownType(unknown)), + } + } +} + +impl TryFrom> for AvailableProxies { + type Error = Error; + + fn try_from(ips: Vec) -> Result { + let mut proxies = AvailableProxies { + plain: vec![], + xor: vec![], + }; + + for ip in ips { + match ProxyType::try_from(ip)? { + ProxyType::Plain => { + proxies + .plain + .push(Plain::try_from(ip).map_err(Error::InvalidPlain)?); + } + ProxyType::XorV2 => { + proxies + .xor + .push(Xor::try_from(ip).map_err(Error::InvalidXor)?); + } + // this type is ignored. + ProxyType::XorV1 => continue, + } + } + + Ok(proxies) + } +} + +pub struct AvailableProxies { + pub plain: Vec, + pub xor: Vec, +} + +pub trait Obfuscator: Send { + fn addr(&self) -> SocketAddrV4; + fn obfuscate(&mut self, buffer: &mut [u8]); + fn clone(&self) -> Box; +} diff --git a/mullvad-obfuscated-dns-proxy/src/config/plain.rs b/mullvad-obfuscated-dns-proxy/src/config/plain.rs new file mode 100644 index 000000000000..740426cb71c1 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/config/plain.rs @@ -0,0 +1,99 @@ +use byteorder::{LittleEndian, ReadBytesExt}; +use std::{ + io::{self, Cursor, Read}, + net::{Ipv4Addr, Ipv6Addr, SocketAddrV4}, +}; +use tokio::io::{AsyncRead, AsyncWrite}; + +#[derive(PartialEq, Debug, Clone)] +pub struct Plain { + pub addr: SocketAddrV4, +} + +impl Plain { + pub async fn forward( + &self, + mut source: impl AsyncRead + Unpin, + mut sink: impl AsyncWrite + Unpin, + ) -> io::Result<()> { + let _ = tokio::io::copy(&mut source, &mut sink).await?; + Ok(()) + } +} + +#[derive(Debug)] +pub enum Error { + UnexpectedType(u16), +} + +impl TryFrom for Plain { + type Error = Error; + + fn try_from(ip: Ipv6Addr) -> Result { + let mut cursor = Cursor::new(ip.octets()); + + // skip the first 2 bytes since it's just padding to make the IP look more like a legit + // IPv6 address. + let _ = cursor.read_u16::().unwrap(); + let proxy_type = cursor.read_u16::().unwrap(); + if proxy_type != 0x01 { + return Err(Error::UnexpectedType(proxy_type)); + } + + let mut ipv4_bytes = [0u8; 4]; + cursor.read_exact(&mut ipv4_bytes).unwrap(); + let v4_addr = Ipv4Addr::from(ipv4_bytes); + + let port = cursor.read_u16::().unwrap(); + + Ok(Self { + addr: SocketAddrV4::new(v4_addr, port), + }) + } +} + +impl super::Obfuscator for Plain { + // can be a noop, since this configuration is just a port forward. + fn obfuscate(&mut self, _buffer: &mut [u8]) {} + + fn addr(&self) -> SocketAddrV4 { + self.addr + } + + fn clone(&self) -> Box { + Box::new(Clone::clone(self)) + } +} + +#[test] +fn test_parsing() { + struct Test { + input: Ipv6Addr, + expected: Plain, + } + let tests = vec![ + Test { + input: "2001:100:7f00:1:3905::".parse::().unwrap(), + expected: Plain { + addr: "127.0.0.1:1337".parse::().unwrap(), + }, + }, + Test { + input: "2001:100:c0a8:101:bb01::".parse::().unwrap(), + expected: Plain { + addr: "192.168.1.1:443".parse::().unwrap(), + }, + }, + Test { + input: "2001:100:c0a8:101:bb01:404::".parse::().unwrap(), + expected: Plain { + addr: "192.168.1.1:443".parse::().unwrap(), + }, + }, + ]; + + for t in tests { + let parsed = Plain::try_from(t.input).unwrap(); + assert_eq!(parsed, t.expected); + } +} diff --git a/mullvad-obfuscated-dns-proxy/src/config/xor.rs b/mullvad-obfuscated-dns-proxy/src/config/xor.rs new file mode 100644 index 000000000000..64f8dbfa9166 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/config/xor.rs @@ -0,0 +1,148 @@ +use byteorder::{LittleEndian, ReadBytesExt}; +use std::{ + io::{Cursor, Read}, + net::{Ipv4Addr, Ipv6Addr, SocketAddrV4}, +}; + +use crate::config::Obfuscator; + +#[derive(PartialEq, Debug)] +pub struct Xor { + addr: SocketAddrV4, + // the key to be used for Xor + xor_key: Vec, + key_index: usize, +} + +#[derive(Debug)] +pub enum Error { + EmptyXorKey, + UnexpectedType(u16), +} + +impl TryFrom for Xor { + type Error = Error; + + fn try_from(ip: Ipv6Addr) -> Result { + let mut cursor = Cursor::new(ip.octets()); + + let _ = cursor.read_u16::().unwrap(); + let proxy_type = cursor.read_u16::().unwrap(); + if proxy_type != 0x03 { + return Err(Error::UnexpectedType(proxy_type)); + } + + let mut ipv4_bytes = [0u8; 4]; + cursor.read_exact(&mut ipv4_bytes).unwrap(); + let v4_addr = Ipv4Addr::from(ipv4_bytes); + + let port = cursor.read_u16::().unwrap(); + + let mut key_bytes = [0u8; 6]; + cursor.read_exact(&mut key_bytes).unwrap(); + let xor_key = key_bytes + .into_iter() + .filter(|byte| *byte != 0x00) + .collect::>(); + if xor_key.is_empty() { + return Err(Error::EmptyXorKey); + } + + Ok(Self { + addr: SocketAddrV4::new(v4_addr, port), + xor_key, + key_index: 0, + }) + } +} + +impl Obfuscator for Xor { + fn addr(&self) -> SocketAddrV4 { + self.addr + } + + fn obfuscate(&mut self, buffer: &mut [u8]) { + for byte in buffer.iter_mut() { + *byte ^= self.xor_key[self.key_index % self.xor_key.len()]; + self.key_index = (self.key_index + 1) % self.xor_key.len(); + } + } + + fn clone(&self) -> Box { + Box::new(Self { + xor_key: self.xor_key.clone(), + addr: self.addr, + key_index: 0, + }) + } +} + +#[test] +fn test_xor_parsing() { + struct Test { + input: Ipv6Addr, + expected: Xor, + } + let tests = vec![ + Test { + input: "2001:300:7f00:1:3905:0102:304:506" + .parse::() + .unwrap(), + expected: Xor { + addr: "127.0.0.1:1337".parse::().unwrap(), + xor_key: vec![0x01, 0x02, 0x03, 0x04, 0x05, 0x06], + key_index: 0, + }, + }, + Test { + input: "2001:300:7f00:1:3905:0100:304:506" + .parse::() + .unwrap(), + expected: Xor { + addr: "127.0.0.1:1337".parse::().unwrap(), + xor_key: vec![0x01, 0x03, 0x04, 0x05, 0x06], + key_index: 0, + }, + }, + Test { + input: "2001:300:c0a8:101:bb01:ff04:204:0" + .parse::() + .unwrap(), + expected: Xor { + addr: "192.168.1.1:443".parse::().unwrap(), + xor_key: vec![0xff, 0x04, 0x02, 0x04], + key_index: 0, + }, + }, + ]; + + for t in tests { + let parsed = Xor::try_from(t.input).unwrap(); + assert_eq!(parsed, t.expected); + } +} + +#[test] +fn test_obfuscation() { + let input = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]; + let mut obfuscated = input.to_vec(); + let mut xor = Xor { + addr: "192.168.1.1:443".parse::().unwrap(), + xor_key: vec![0xff, 0x04, 0x02, 0x04], + key_index: 0, + }; + let mut dexor = xor.clone(); + xor.obfuscate(&mut obfuscated); + dexor.obfuscate(&mut obfuscated); + assert_eq!(input, obfuscated.as_slice()); +} + +#[test] +fn test_old_xor_addr() { + let _ = Xor::try_from( + "2001:200:7f00:1:3905:0102:304:506" + .parse::() + .unwrap(), + ) + .unwrap_err(); +} diff --git a/mullvad-obfuscated-dns-proxy/src/config_resolver.rs b/mullvad-obfuscated-dns-proxy/src/config_resolver.rs new file mode 100644 index 000000000000..eb1545152363 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/config_resolver.rs @@ -0,0 +1,108 @@ +use crate::config; +use hickory_resolver::{config::*, error::ResolveError, TokioAsyncResolver}; +use rustls::ClientConfig; +use std::{net::IpAddr, sync::Arc}; + +pub struct Nameserver { + pub name: String, + pub addr: Vec, +} + +#[derive(Debug)] +pub enum Error { + ResolutionError(ResolveError), + ParsingError(config::Error), +} + +pub fn default_resolvers() -> Vec { + vec![ + Nameserver { + name: "one.one.one.one".to_string(), + addr: vec!["1.1.1.1".parse().unwrap(), "1.0.0.1".parse().unwrap()], + }, + Nameserver { + name: "dns.google".to_string(), + addr: vec!["8.8.8.8".parse().unwrap(), "8.8.4.4".parse().unwrap()], + }, + Nameserver { + name: "dns.quad9.net".to_string(), + addr: vec![ + "9.9.9.9".parse().unwrap(), + "149.112.112.112".parse().unwrap(), + ], + }, + ] +} + +pub async fn resolve_configs( + resolvers: Vec, + domain: &str, +) -> Result { + let mut resolver_config = ResolverConfig::new(); + for resolver in resolvers.into_iter() { + let ns_config_group = + NameServerConfigGroup::from_ips_https(&resolver.addr, 443, resolver.name, false) + .into_inner(); + for ns_config in ns_config_group { + resolver_config.add_name_server(ns_config); + } + } + + resolver_config.set_tls_client_config(Arc::new(client_config_tls12())); + + resolve_config_with_resolverconfig(resolver_config, Default::default(), domain).await +} + +pub async fn resolve_config_with_resolverconfig( + resolver_config: ResolverConfig, + options: ResolverOpts, + domain: &str, +) -> Result { + let resolver = TokioAsyncResolver::tokio(resolver_config, options); + let lookup = resolver + .ipv6_lookup(domain) + .await + .map_err(Error::ResolutionError)?; + + let addrs = lookup + .into_iter() + .map(|aaaa_record| aaaa_record.0) + .collect::>(); + + config::AvailableProxies::try_from(addrs).map_err(Error::ParsingError) +} + +fn client_config_tls12() -> ClientConfig { + use rustls::RootCertStore; + let mut root_store = RootCertStore::empty(); + root_store.add_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| { + rustls::OwnedTrustAnchor::from_subject_spki_name_constraints( + ta.subject, + ta.spki, + ta.name_constraints, + ) + })); + + ClientConfig::builder() + .with_safe_default_cipher_suites() + .with_safe_default_kx_groups() + .with_safe_default_protocol_versions() // this enables TLS 1.2 and 1.3 + .unwrap() + .with_root_certificates(root_store) + .with_no_client_auth() +} + +#[tokio::test] +async fn test_resolution() { + let nameservers = vec![Nameserver { + addr: vec!["1.1.1.1".parse().unwrap()], + name: "one.one.one.one".to_string(), + }]; + + let _ = resolve_configs(nameservers, "frakta.eu").await.unwrap(); +} + +#[test] +fn default_resolvers_dont_panic() { + let _ = default_resolvers(); +} diff --git a/mullvad-obfuscated-dns-proxy/src/forwarder/forwarder/mod.rs b/mullvad-obfuscated-dns-proxy/src/forwarder/forwarder/mod.rs new file mode 100644 index 000000000000..7e0c49599698 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/forwarder/forwarder/mod.rs @@ -0,0 +1,116 @@ +use std::{io, task::Poll}; + +use tokio::{ + io::{AsyncRead, AsyncWrite}, + net::TcpStream, +}; + +use crate::config::Obfuscator; + +pub struct Forwarder { + read_obfuscator: Box, + write_obfuscator: Box, + server_connection: TcpStream, +} + +impl Forwarder { + pub async fn connect(read_obfuscator: Box) -> io::Result { + let server_connection = TcpStream::connect(read_obfuscator.addr()).await?; + let write_obfuscator = read_obfuscator.clone(); + + Ok(Self { + read_obfuscator, + write_obfuscator, + server_connection, + }) + } + pub async fn forward(self, client_stream: TcpStream) { + let (server_read, server_write) = self.server_connection.into_split(); + let (client_read, client_write) = client_stream.into_split(); + let handle = tokio::spawn(async move { + tokio::spawn(forward(self.read_obfuscator, client_read, server_write)); + }); + let _ = forward(self.write_obfuscator, server_read, client_write).await; + let _ = handle.await; + } +} + +impl tokio::io::AsyncRead for Forwarder { + fn poll_read( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + buf: &mut tokio::io::ReadBuf<'_>, + ) -> std::task::Poll> { + // Need to keep track of how many bytes in the buffer have already been deobfuscated. + let new_read_start = buf.remaining(); + + let socket = std::pin::pin!(&mut self.server_connection); + match socket.poll_read(cx, buf) { + // in this case, we can read and deobfuscate. + Poll::Ready(Ok(())) => { + let newly_read_bytes = &mut buf.filled_mut()[new_read_start..]; + self.read_obfuscator.obfuscate(newly_read_bytes); + Poll::Ready(Ok(())) + } + Poll::Pending => Poll::Pending, + Poll::Ready(Err(err)) => Poll::Ready(Err(err)), + } + } +} + +impl tokio::io::AsyncWrite for Forwarder { + fn poll_write( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + buf: &[u8], + ) -> Poll> { + let socket = std::pin::pin!(&mut self.server_connection); + match socket.poll_write_ready(cx) { + Poll::Ready(Ok(())) => {} + Poll::Ready(Err(err)) => { + return Poll::Ready(Err(err)); + } + Poll::Pending => { + return Poll::Pending; + } + }; + std::mem::drop(socket); + let mut owned_buf = buf.to_vec(); + self.write_obfuscator.obfuscate(owned_buf.as_mut_slice()); + let socket = std::pin::pin!(&mut self.server_connection); + socket.poll_write(cx, &owned_buf) + } + + fn poll_flush( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + ) -> Poll> { + std::pin::pin!(&mut self.server_connection).poll_flush(cx) + } + + fn poll_shutdown( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + ) -> Poll> { + std::pin::pin!(&mut self.server_connection).poll_shutdown(cx) + } +} + +pub async fn forward( + mut obfuscator: Box, + mut source: impl AsyncRead + Unpin, + mut sink: impl AsyncWrite + Unpin, +) -> io::Result<()> { + use tokio::io::{AsyncReadExt, AsyncWriteExt}; + let mut buf = vec![0u8; 1024 * 64]; + while let Ok(n_bytes_read) = AsyncReadExt::read(&mut source, &mut buf).await { + if n_bytes_read == 0 { + break; + } + let mut bytes_received = &mut buf[..n_bytes_read]; + + obfuscator.obfuscate(&mut bytes_received); + sink.write_all(&bytes_received).await?; + } + Ok(()) +} diff --git a/mullvad-obfuscated-dns-proxy/src/forwarder/mod.rs b/mullvad-obfuscated-dns-proxy/src/forwarder/mod.rs new file mode 100644 index 000000000000..c8f54962d2d4 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/forwarder/mod.rs @@ -0,0 +1,116 @@ +use std::{io, task::Poll}; + +use tokio::{ + io::{AsyncRead, AsyncWrite}, + net::TcpStream, +}; + +use crate::config::Obfuscator; + +pub struct Forwarder { + read_obfuscator: Box, + write_obfuscator: Box, + server_connection: TcpStream, +} + +impl Forwarder { + pub async fn connect(read_obfuscator: Box) -> io::Result { + let server_connection = TcpStream::connect(read_obfuscator.addr()).await?; + let write_obfuscator = read_obfuscator.clone(); + + Ok(Self { + read_obfuscator, + write_obfuscator, + server_connection, + }) + } + pub async fn forward(self, client_stream: TcpStream) { + let (server_read, server_write) = self.server_connection.into_split(); + let (client_read, client_write) = client_stream.into_split(); + let handle = tokio::spawn(async move { + tokio::spawn(forward(self.read_obfuscator, client_read, server_write)); + }); + let _ = forward(self.write_obfuscator, server_read, client_write).await; + let _ = handle.await; + } +} + +impl tokio::io::AsyncRead for Forwarder { + fn poll_read( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + buf: &mut tokio::io::ReadBuf<'_>, + ) -> std::task::Poll> { + // Need to keep track of how many bytes in the buffer have already been deobfuscated. + let new_read_start = buf.remaining(); + + let socket = std::pin::pin!(&mut self.server_connection); + match socket.poll_read(cx, buf) { + // in this case, we can read and deobfuscate. + Poll::Ready(Ok(())) => { + let newly_read_bytes = &mut buf.filled_mut()[new_read_start..]; + self.read_obfuscator.obfuscate(newly_read_bytes); + Poll::Ready(Ok(())) + } + Poll::Pending => Poll::Pending, + Poll::Ready(Err(err)) => Poll::Ready(Err(err)), + } + } +} + +impl tokio::io::AsyncWrite for Forwarder { + fn poll_write( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + buf: &[u8], + ) -> Poll> { + let socket = std::pin::pin!(&mut self.server_connection); + match socket.poll_write_ready(cx) { + Poll::Ready(Ok(())) => {} + Poll::Ready(Err(err)) => { + return Poll::Ready(Err(err)); + } + Poll::Pending => { + return Poll::Pending; + } + }; + + let mut owned_buf = buf.to_vec(); + self.write_obfuscator.obfuscate(owned_buf.as_mut_slice()); + let socket = std::pin::pin!(&mut self.server_connection); + socket.poll_write(cx, &owned_buf) + } + + fn poll_flush( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + ) -> Poll> { + std::pin::pin!(&mut self.server_connection).poll_flush(cx) + } + + fn poll_shutdown( + mut self: std::pin::Pin<&mut Self>, + cx: &mut std::task::Context<'_>, + ) -> Poll> { + std::pin::pin!(&mut self.server_connection).poll_shutdown(cx) + } +} + +async fn forward( + mut obfuscator: Box, + mut source: impl AsyncRead + Unpin, + mut sink: impl AsyncWrite + Unpin, +) -> io::Result<()> { + use tokio::io::{AsyncReadExt, AsyncWriteExt}; + let mut buf = vec![0u8; 1024 * 64]; + while let Ok(n_bytes_read) = AsyncReadExt::read(&mut source, &mut buf).await { + if n_bytes_read == 0 { + break; + } + let bytes_received = &mut buf[..n_bytes_read]; + + obfuscator.obfuscate(bytes_received); + sink.write_all(bytes_received).await?; + } + Ok(()) +} diff --git a/mullvad-obfuscated-dns-proxy/src/lib.rs b/mullvad-obfuscated-dns-proxy/src/lib.rs new file mode 100644 index 000000000000..79ff8852d2d9 --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/lib.rs @@ -0,0 +1,3 @@ +pub mod config; +pub mod config_resolver; +pub mod forwarder; diff --git a/mullvad-obfuscated-dns-proxy/src/main.rs b/mullvad-obfuscated-dns-proxy/src/main.rs new file mode 100644 index 000000000000..7e37a4f4da1a --- /dev/null +++ b/mullvad-obfuscated-dns-proxy/src/main.rs @@ -0,0 +1,28 @@ +use std::env::args; + +use mullvad_obfuscated_dns_proxy::{config::Obfuscator, config_resolver, forwarder}; +use tokio::net::TcpListener; + +/// This can be tested out by using curl: +/// `curl https://api.mullvad.net:$port/api/v1/relays --resolve api.mullvad.net:$port:$addr` +/// where $addr and $port are the listening address of the proxy (bind_addr). +#[tokio::main] +async fn main() { + let mut configs = + config_resolver::resolve_configs(config_resolver::default_resolvers(), "frakta.eu") + .await + .expect("Failed to resolve configs"); + let bind_addr = args().nth(1).expect("No bind addr supplied"); + let obfuscator = configs.xor.pop().expect("No XOR config"); + println!("Obfuscator in use - {:?}", obfuscator); + let obfuscator: Box = Box::new(obfuscator); + let listener = TcpListener::bind(bind_addr) + .await + .expect("Failed to bind listener socket"); + while let Ok((client_conn, _client_addr)) = listener.accept().await { + let connected = crate::forwarder::Forwarder::connect(obfuscator.clone()) + .await + .expect("failed to connect to obfuscator"); + let _ = connected.forward(client_conn).await; + } +}