diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000..fb1e7fd5 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,29 @@ +name: CodeQL + +on: + push: + branches: [ rm ] +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + language: ['go'] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml new file mode 100644 index 00000000..f6b622f5 --- /dev/null +++ b/.github/workflows/linter.yml @@ -0,0 +1,27 @@ +name: Linter +on: [push, pull_request] +jobs: + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Get latest go version + id: version + run: | + echo ::set-output name=go_version::$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g') + + - name: Setup Go + uses: actions/setup-go@v2 + #with: + # go-version: ${{ steps.version.outputs.go_version }} + with: + go-version: 1.18.x + + - name: golangci-lint + #uses: golangci/golangci-lint-action@v3 + #with: + # version: latest + run: | + go install github.com/golangci/golangci-lint/cmd/golangci-lint@ec95236 + golangci-lint run ./... diff --git a/.golangci.yaml b/.golangci.yaml index a0764585..05cf626a 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -4,7 +4,9 @@ linters: - gofumpt - staticcheck - govet - - gci +# - gci + - gofmt + - goimports linters-settings: gci: diff --git a/Makefile b/Makefile index 9004a660..1a016b73 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ PLATFORM_LIST = \ linux-armv5 \ linux-armv6 \ linux-armv7 \ - linux-armv8 \ + linux-arm64 \ linux-mips64 \ linux-mips64le \ linux-mips-softfloat \ @@ -26,20 +26,15 @@ PLATFORM_LIST = \ freebsd-amd64 \ freebsd-arm64 - WINDOWS_ARCH_LIST = \ windows-386 \ windows-amd64 \ windows-arm64 \ windows-arm32v7 - -all:linux-amd64\ - linux-armv7\ +all:linux-amd64 linux-arm64\ darwin-amd64 darwin-arm64\ - windows-amd64 windows-386 \ - linux-mips-hardfloat linux-mips-softfloat linux-mips64 linux-mips64le linux-mipsle-hardfloat linux-mipsle-softfloat# Most used - + windows-amd64 windows-arm64 \ docker: GOAMD64=v3 $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ @@ -55,9 +50,6 @@ linux-386: linux-amd64: GOARCH=amd64 GOOS=linux GOAMD64=v3 $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ -linux-amd64-AutoIptables: - GOARCH=amd64 GOOS=linux $(GOBUILDOP) -o $(BINDIR)/$(NAME)-$@ - linux-arm64: GOARCH=arm64 GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ @@ -70,7 +62,7 @@ linux-armv6: linux-armv7: GOARCH=arm GOOS=linux GOARM=7 $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ -linux-armv8: +linux-arm64: GOARCH=arm64 GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ linux-mips-softfloat: @@ -91,7 +83,7 @@ linux-mips64: linux-mips64le: GOARCH=mips64le GOOS=linux $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ -android-armv8: +android-arm64: GOARCH=arm64 GOOS=android $(GOBUILD) -o $(BINDIR)/$(NAME)-$@ freebsd-386: @@ -128,5 +120,12 @@ $(zip_releases): %.zip : % all-arch: $(PLATFORM_LIST) $(WINDOWS_ARCH_LIST) releases: $(gz_releases) $(zip_releases) + +vet: + go vet ./... + +lint: + golangci-lint run ./... + clean: - rm $(BINDIR)/* + rm $(BINDIR)/* \ No newline at end of file diff --git a/adapter/outbound/vless.go b/adapter/outbound/vless.go index aa5ec092..84e14460 100644 --- a/adapter/outbound/vless.go +++ b/adapter/outbound/vless.go @@ -17,6 +17,7 @@ import ( "github.com/Dreamacro/clash/transport/gun" "github.com/Dreamacro/clash/transport/vless" "github.com/Dreamacro/clash/transport/vmess" + "golang.org/x/net/http2" ) diff --git a/adapter/outbound/vmess.go b/adapter/outbound/vmess.go index 313aa5d6..1dfd2d95 100644 --- a/adapter/outbound/vmess.go +++ b/adapter/outbound/vmess.go @@ -47,6 +47,10 @@ type VmessOption struct { HTTP2Opts HTTP2Options `proxy:"h2-opts,omitempty"` GrpcOpts GrpcOptions `proxy:"grpc-opts,omitempty"` WSOpts WSOptions `proxy:"ws-opts,omitempty"` + + // TODO: compatible with VMESS WS older version configurations + WSHeaders map[string]string `proxy:"ws-headers,omitempty"` + WSPath string `proxy:"ws-path,omitempty"` } type HTTPOptions struct { @@ -76,6 +80,13 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) { var err error switch v.option.Network { case "ws": + if v.option.WSOpts.Path == "" { + v.option.WSOpts.Path = v.option.WSPath + } + if len(v.option.WSOpts.Headers) == 0 { + v.option.WSOpts.Headers = v.option.WSHeaders + } + host, port, _ := net.SplitHostPort(v.addr) wsOpts := &vmess.WebsocketConfig{ Host: host, diff --git a/common/cmd/cmd.go b/common/cmd/cmd.go new file mode 100644 index 00000000..b002a2cc --- /dev/null +++ b/common/cmd/cmd.go @@ -0,0 +1,35 @@ +package cmd + +import ( + "fmt" + "os/exec" + "strings" +) + +func ExecCmd(cmdStr string) (string, error) { + args := splitArgs(cmdStr) + + var cmd *exec.Cmd + if len(args) == 1 { + cmd = exec.Command(args[0]) + } else { + cmd = exec.Command(args[0], args[1:]...) + } + + out, err := cmd.CombinedOutput() + if err != nil { + return "", fmt.Errorf("%v, %s", err, string(out)) + } + return string(out), nil +} + +func splitArgs(cmd string) []string { + args := strings.Split(cmd, " ") + + // use in pipeline + if len(args) > 2 && strings.ContainsAny(cmd, "|") { + suffix := strings.Join(args[2:], " ") + args = append(args[:2], suffix) + } + return args +} diff --git a/common/cmd/cmd_test.go b/common/cmd/cmd_test.go new file mode 100644 index 00000000..4bba6def --- /dev/null +++ b/common/cmd/cmd_test.go @@ -0,0 +1,40 @@ +package cmd + +import ( + "runtime" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestSplitArgs(t *testing.T) { + args := splitArgs("ls") + args1 := splitArgs("ls -la") + args2 := splitArgs("bash -c ls") + args3 := splitArgs("bash -c ls -lahF | grep 'cmd'") + + assert.Equal(t, 1, len(args)) + assert.Equal(t, 2, len(args1)) + assert.Equal(t, 3, len(args2)) + assert.Equal(t, 3, len(args3)) +} + +func TestExecCmd(t *testing.T) { + if runtime.GOOS == "windows" { + _, err := ExecCmd("dir") + assert.Nil(t, err) + return + } + + _, err := ExecCmd("ls") + _, err1 := ExecCmd("ls -la") + _, err2 := ExecCmd("bash -c ls") + _, err3 := ExecCmd("bash -c ls -la") + _, err4 := ExecCmd("bash -c ls -la | grep 'cmd'") + + assert.Nil(t, err) + assert.Nil(t, err1) + assert.Nil(t, err2) + assert.Nil(t, err3) + assert.Nil(t, err4) +} diff --git a/component/dialer/resolver.go b/component/dialer/resolver.go new file mode 100644 index 00000000..08be81b6 --- /dev/null +++ b/component/dialer/resolver.go @@ -0,0 +1,28 @@ +package dialer + +import ( + "context" + "net" +) + +func init() { + // We must use this DialContext to query DNS + // when using net default resolver. + net.DefaultResolver.PreferGo = true + net.DefaultResolver.Dial = resolverDialContext +} + +func resolverDialContext(ctx context.Context, network, address string) (net.Conn, error) { + d := &net.Dialer{} + + interfaceName := DefaultInterface.Load() + + if interfaceName != "" { + dstIP := net.ParseIP(address) + if dstIP != nil { + bindIfaceToDialer(interfaceName, d, network, dstIP) + } + } + + return d.DialContext(ctx, network, address) +} diff --git a/component/fakeip/pool.go b/component/fakeip/pool.go index 925882bb..43b9cee1 100644 --- a/component/fakeip/pool.go +++ b/component/fakeip/pool.go @@ -22,14 +22,15 @@ type store interface { // Pool is a implementation about fake ip generator without storage type Pool struct { - max uint32 - min uint32 - gateway uint32 - offset uint32 - mux sync.Mutex - host *trie.DomainTrie - ipnet *net.IPNet - store store + max uint32 + min uint32 + gateway uint32 + broadcast uint32 + offset uint32 + mux sync.Mutex + host *trie.DomainTrie + ipnet *net.IPNet + store store } // Lookup return a fake ip with host @@ -82,6 +83,11 @@ func (p *Pool) Gateway() net.IP { return uintToIP(p.gateway) } +// Broadcast return broadcast ip +func (p *Pool) Broadcast() net.IP { + return uintToIP(p.broadcast) +} + // IPNet return raw ipnet func (p *Pool) IPNet() *net.IPNet { return p.ipnet @@ -144,7 +150,7 @@ func New(options Options) (*Pool, error) { min := ipToUint(options.IPNet.IP) + 2 ones, bits := options.IPNet.Mask.Size() - total := 1< len(cj.Ip) { - return false - } - - for k := 0; k < len(ci.Ip); k++ { - if ci.Ip[k] < cj.Ip[k] { - return true - } - - if ci.Ip[k] > cj.Ip[k] { - return false - } - } - - return ci.Prefix < cj.Prefix -} - -// Swap implements sort.Interface. -func (l *CIDRList) Swap(i int, j int) { - (*l)[i], (*l)[j] = (*l)[j], (*l)[i] -} - -type ipv6 struct { - a uint64 - b uint64 -} - -type GeoIPMatcher struct { - countryCode string - reverseMatch bool - ip4 []uint32 - prefix4 []uint8 - ip6 []ipv6 - prefix6 []uint8 -} - -func normalize4(ip uint32, prefix uint8) uint32 { - return (ip >> (32 - prefix)) << (32 - prefix) -} - -func normalize6(ip ipv6, prefix uint8) ipv6 { - if prefix <= 64 { - ip.a = (ip.a >> (64 - prefix)) << (64 - prefix) - ip.b = 0 - } else { - ip.b = (ip.b >> (128 - prefix)) << (128 - prefix) - } - return ip -} - -func (m *GeoIPMatcher) Init(cidrs []*CIDR) error { - ip4Count := 0 - ip6Count := 0 - - for _, cidr := range cidrs { - ip := cidr.Ip - switch len(ip) { - case 4: - ip4Count++ - case 16: - ip6Count++ - default: - return fmt.Errorf("unexpect ip length: %d", len(ip)) - } - } - - cidrList := CIDRList(cidrs) - sort.Sort(&cidrList) - - m.ip4 = make([]uint32, 0, ip4Count) - m.prefix4 = make([]uint8, 0, ip4Count) - m.ip6 = make([]ipv6, 0, ip6Count) - m.prefix6 = make([]uint8, 0, ip6Count) - - for _, cidr := range cidrs { - ip := cidr.Ip - prefix := uint8(cidr.Prefix) - switch len(ip) { - case 4: - m.ip4 = append(m.ip4, normalize4(binary.BigEndian.Uint32(ip), prefix)) - m.prefix4 = append(m.prefix4, prefix) - case 16: - ip6 := ipv6{ - a: binary.BigEndian.Uint64(ip[0:8]), - b: binary.BigEndian.Uint64(ip[8:16]), - } - ip6 = normalize6(ip6, prefix) - - m.ip6 = append(m.ip6, ip6) - m.prefix6 = append(m.prefix6, prefix) - } - } - - return nil -} - -func (m *GeoIPMatcher) SetReverseMatch(isReverseMatch bool) { - m.reverseMatch = isReverseMatch -} - -func (m *GeoIPMatcher) match4(ip uint32) bool { - if len(m.ip4) == 0 { - return false - } - - if ip < m.ip4[0] { - return false - } - - size := uint32(len(m.ip4)) - l := uint32(0) - r := size - for l < r { - x := ((l + r) >> 1) - if ip < m.ip4[x] { - r = x - continue - } - - nip := normalize4(ip, m.prefix4[x]) - if nip == m.ip4[x] { - return true - } - - l = x + 1 - } - - return l > 0 && normalize4(ip, m.prefix4[l-1]) == m.ip4[l-1] -} - -func less6(a ipv6, b ipv6) bool { - return a.a < b.a || (a.a == b.a && a.b < b.b) -} - -func (m *GeoIPMatcher) match6(ip ipv6) bool { - if len(m.ip6) == 0 { - return false - } - - if less6(ip, m.ip6[0]) { - return false - } - - size := uint32(len(m.ip6)) - l := uint32(0) - r := size - for l < r { - x := (l + r) / 2 - if less6(ip, m.ip6[x]) { - r = x - continue - } - - if normalize6(ip, m.prefix6[x]) == m.ip6[x] { - return true - } - - l = x + 1 - } - - return l > 0 && normalize6(ip, m.prefix6[l-1]) == m.ip6[l-1] -} - -// Match returns true if the given ip is included by the GeoIP. -func (m *GeoIPMatcher) Match(ip net.IP) bool { - switch len(ip) { - case 4: - if m.reverseMatch { - return !m.match4(binary.BigEndian.Uint32(ip)) - } - return m.match4(binary.BigEndian.Uint32(ip)) - case 16: - if m.reverseMatch { - return !m.match6(ipv6{ - a: binary.BigEndian.Uint64(ip[0:8]), - b: binary.BigEndian.Uint64(ip[8:16]), - }) - } - return m.match6(ipv6{ - a: binary.BigEndian.Uint64(ip[0:8]), - b: binary.BigEndian.Uint64(ip[8:16]), - }) - default: - return false - } -} - -// GeoIPMatcherContainer is a container for GeoIPMatchers. It keeps unique copies of GeoIPMatcher by country code. -type GeoIPMatcherContainer struct { - matchers []*GeoIPMatcher -} - -// Add adds a new GeoIP set into the container. -// If the country code of GeoIP is not empty, GeoIPMatcherContainer will try to find an existing one, instead of adding a new one. -func (c *GeoIPMatcherContainer) Add(geoip *GeoIP) (*GeoIPMatcher, error) { - if len(geoip.CountryCode) > 0 { - for _, m := range c.matchers { - if m.countryCode == geoip.CountryCode && m.reverseMatch == geoip.ReverseMatch { - return m, nil - } - } - } - - m := &GeoIPMatcher{ - countryCode: geoip.CountryCode, - reverseMatch: geoip.ReverseMatch, - } - if err := m.Init(geoip.Cidr); err != nil { - return nil, err - } - if len(geoip.CountryCode) > 0 { - c.matchers = append(c.matchers, m) - } - return m, nil -} - -var globalGeoIPContainer GeoIPMatcherContainer diff --git a/component/geodata/standard/standard.go b/component/geodata/standard/standard.go index d65dd68c..0febbc08 100644 --- a/component/geodata/standard/standard.go +++ b/component/geodata/standard/standard.go @@ -9,6 +9,7 @@ import ( "github.com/Dreamacro/clash/component/geodata" "github.com/Dreamacro/clash/component/geodata/router" C "github.com/Dreamacro/clash/constant" + "google.golang.org/protobuf/proto" ) diff --git a/component/pool/pool_test.go b/component/pool/pool_test.go index 10f49965..5492f4c8 100644 --- a/component/pool/pool_test.go +++ b/component/pool/pool_test.go @@ -34,7 +34,7 @@ func TestPool_MaxSize(t *testing.T) { size := 5 pool := New(g, WithSize(size)) - items := []any{} + var items []any for i := 0; i < size; i++ { item, _ := pool.Get() diff --git a/component/process/process.go b/component/process/process.go index 67a5df66..deaf11b5 100644 --- a/component/process/process.go +++ b/component/process/process.go @@ -3,6 +3,8 @@ package process import ( "errors" "net" + + C "github.com/Dreamacro/clash/constant" ) var ( @@ -19,3 +21,49 @@ const ( func FindProcessName(network string, srcIP net.IP, srcPort int) (string, error) { return findProcessName(network, srcIP, srcPort) } + +func ShouldFindProcess(metadata *C.Metadata) bool { + if metadata.Process != "" { + return false + } + for _, ip := range localIPs { + if ip.Equal(metadata.SrcIP) { + return true + } + } + return false +} + +func AppendLocalIPs(ip ...net.IP) { + localIPs = append(ip, localIPs...) +} + +func getLocalIPs() []net.IP { + ips := []net.IP{net.IPv4zero, net.IPv6zero} + + netInterfaces, err := net.Interfaces() + if err != nil { + ips = append(ips, net.IPv4(127, 0, 0, 1), net.IPv6loopback) + return ips + } + + for i := 0; i < len(netInterfaces); i++ { + if (netInterfaces[i].Flags & net.FlagUp) != 0 { + adds, _ := netInterfaces[i].Addrs() + + for _, address := range adds { + if ipNet, ok := address.(*net.IPNet); ok { + ips = append(ips, ipNet.IP) + } + } + } + } + + return ips +} + +var localIPs []net.IP + +func init() { + localIPs = getLocalIPs() +} diff --git a/component/process/process_darwin.go b/component/process/process_darwin.go index 7870b227..6ae04552 100644 --- a/component/process/process_darwin.go +++ b/component/process/process_darwin.go @@ -69,7 +69,7 @@ func findProcessName(network string, ip net.IP, port int) (string, error) { continue } - if !ip.Equal(srcIP) { + if !ip.Equal(srcIP) && (network == TCP || !srcIP.IsUnspecified()) { continue } diff --git a/component/resolver/enhancer.go b/component/resolver/enhancer.go index c096f87a..68f1d5d1 100644 --- a/component/resolver/enhancer.go +++ b/component/resolver/enhancer.go @@ -10,6 +10,7 @@ type Enhancer interface { FakeIPEnabled() bool MappingEnabled() bool IsFakeIP(net.IP) bool + IsFakeBroadcastIP(net.IP) bool IsExistFakeIP(net.IP) bool FindHostByIP(net.IP) (string, bool) } @@ -38,6 +39,14 @@ func IsFakeIP(ip net.IP) bool { return false } +func IsFakeBroadcastIP(ip net.IP) bool { + if mapper := DefaultHostMapper; mapper != nil { + return mapper.IsFakeBroadcastIP(ip) + } + + return false +} + func IsExistFakeIP(ip net.IP) bool { if mapper := DefaultHostMapper; mapper != nil { return mapper.IsExistFakeIP(ip) diff --git a/config/config.go b/config/config.go index 25504803..894a91b1 100644 --- a/config/config.go +++ b/config/config.go @@ -7,6 +7,7 @@ import ( R "github.com/Dreamacro/clash/rule" RP "github.com/Dreamacro/clash/rule/provider" "net" + "net/netip" "net/url" "os" "regexp" @@ -19,6 +20,7 @@ import ( "github.com/Dreamacro/clash/adapter/outboundgroup" "github.com/Dreamacro/clash/adapter/provider" "github.com/Dreamacro/clash/component/auth" + "github.com/Dreamacro/clash/component/dialer" "github.com/Dreamacro/clash/component/fakeip" "github.com/Dreamacro/clash/component/geodata" "github.com/Dreamacro/clash/component/geodata/router" @@ -26,6 +28,7 @@ import ( C "github.com/Dreamacro/clash/constant" providerTypes "github.com/Dreamacro/clash/constant/provider" "github.com/Dreamacro/clash/dns" + "github.com/Dreamacro/clash/listener/tun/ipstack/commons" "github.com/Dreamacro/clash/log" T "github.com/Dreamacro/clash/tunnel" @@ -47,7 +50,7 @@ type General struct { AutoIptables bool `json:"auto-iptables"` } -// Inbound +// Inbound config type Inbound struct { Port int `json:"port"` SocksPort int `json:"socks-port"` @@ -59,7 +62,7 @@ type Inbound struct { BindAddress string `json:"bind-address"` } -// Controller +// Controller config type Controller struct { ExternalController string `json:"-"` ExternalUI string `json:"-"` @@ -104,10 +107,11 @@ type Profile struct { // Tun config type Tun struct { - Enable bool `yaml:"enable" json:"enable"` - Stack string `yaml:"stack" json:"stack"` - DnsHijack []string `yaml:"dns-hijack" json:"dns-hijack"` - AutoRoute bool `yaml:"auto-route" json:"auto-route"` + Enable bool `yaml:"enable" json:"enable"` + Device string `yaml:"device" json:"device"` + Stack C.TUNStack `yaml:"stack" json:"stack"` + DNSHijack []netip.AddrPort `yaml:"dns-hijack" json:"dns-hijack"` + AutoRoute bool `yaml:"auto-route" json:"auto-route"` } // Script config @@ -157,6 +161,14 @@ type RawFallbackFilter struct { GeoSite []string `yaml:"geosite"` } +type RawTun struct { + Enable bool `yaml:"enable" json:"enable"` + Device string `yaml:"device" json:"device"` + Stack C.TUNStack `yaml:"stack" json:"stack"` + DNSHijack []string `yaml:"dns-hijack" json:"dns-hijack"` + AutoRoute bool `yaml:"auto-route" json:"auto-route"` +} + type RawConfig struct { Port int `yaml:"port"` SocksPort int `yaml:"socks-port"` @@ -179,17 +191,17 @@ type RawConfig struct { GeodataLoader string `yaml:"geodata-loader"` AutoIptables bool `yaml:"auto-iptables"` - ProxyProvider map[string]map[string]interface{} `yaml:"proxy-providers"` - RuleProvider map[string]map[string]interface{} `yaml:"rule-providers"` - Hosts map[string]string `yaml:"hosts"` - DNS RawDNS `yaml:"dns"` - Tun Tun `yaml:"tun"` - Experimental Experimental `yaml:"experimental"` - Profile Profile `yaml:"profile"` - Proxy []map[string]any `yaml:"proxies"` - ProxyGroup []map[string]any `yaml:"proxy-groups"` - Rule []string `yaml:"rules"` - Script Script `yaml:"script"` + ProxyProvider map[string]map[string]any `yaml:"proxy-providers"` + RuleProvider map[string]map[string]any `yaml:"rule-providers"` + Hosts map[string]string `yaml:"hosts"` + DNS RawDNS `yaml:"dns"` + Tun RawTun `yaml:"tun"` + Experimental Experimental `yaml:"experimental"` + Profile Profile `yaml:"profile"` + Proxy []map[string]any `yaml:"proxies"` + ProxyGroup []map[string]any `yaml:"proxy-groups"` + Rule []string `yaml:"rules"` + Script Script `yaml:"script"` } // Parse config @@ -218,16 +230,27 @@ func UnmarshalRawConfig(buf []byte) (*RawConfig, error) { Rule: []string{}, Proxy: []map[string]any{}, ProxyGroup: []map[string]any{}, - Tun: Tun{ + Tun: RawTun{ Enable: false, - Stack: "gvisor", - DnsHijack: []string{"198.18.0.2:53"}, + Device: "", + Stack: C.TunGvisor, + DNSHijack: []string{"198.18.0.2:53"}, // default hijack all dns query + AutoRoute: true, + }, + Proxy: []map[string]any{}, + ProxyGroup: []map[string]any{}, + Tun: RawTun{ + Enable: false, + Device: "", + Stack: C.TunGvisor, + DNSHijack: []string{"0.0.0.0:53"}, // default hijack all dns query AutoRoute: true, }, DNS: RawDNS{ - Enable: false, - UseHosts: true, - FakeIPRange: "198.18.0.1/16", + Enable: false, + UseHosts: true, + EnhancedMode: C.DNSMapping, + FakeIPRange: "198.18.0.1/16", FallbackFilter: RawFallbackFilter{ GeoIP: true, GeoIPCode: "CN", @@ -243,6 +266,8 @@ func UnmarshalRawConfig(buf []byte) (*RawConfig, error) { NameServer: []string{ "223.5.5.5", "119.29.29.29", + "https://doh.pub/dns-query", + "tls://223.5.5.5:853", }, FakeIPFilter: []string{ "dns.msftnsci.com", @@ -279,7 +304,13 @@ func ParseRawConfig(rawCfg *RawConfig) (*Config, error) { } config.General = general - config.Tun = &rawCfg.Tun + tunCfg, err := parseTun(rawCfg.Tun, config.General) + if err != nil { + return nil, err + } + config.Tun = tunCfg + + dialer.DefaultInterface.Store(config.General.Interface) proxies, providers, err := parseProxies(rawCfg) if err != nil { @@ -361,13 +392,14 @@ func parseGeneral(cfg *RawConfig) (*General, error) { func parseProxies(cfg *RawConfig) (proxies map[string]C.Proxy, providersMap map[string]providerTypes.ProxyProvider, err error) { proxies = make(map[string]C.Proxy) providersMap = make(map[string]providerTypes.ProxyProvider) - var proxyList []string - _proxiesList := list.New() - _groupsList := list.New() proxiesConfig := cfg.Proxy groupsConfig := cfg.ProxyGroup providersConfig := cfg.ProxyProvider + var proxyList []string + _proxiesList := list.New() + _groupsList := list.New() + proxies["DIRECT"] = adapter.NewProxy(outbound.NewDirect()) proxies["REJECT"] = adapter.NewProxy(outbound.NewReject()) proxies["COMPATIBLE"] = adapter.NewProxy(outbound.NewCompatible()) @@ -417,6 +449,13 @@ func parseProxies(cfg *RawConfig) (proxies map[string]C.Proxy, providersMap map[ providersMap[name] = pd } + for _, proxyProvider := range providersMap { + log.Infoln("Start initial provider %s", proxyProvider.Name()) + if err := proxyProvider.Initial(); err != nil { + return nil, nil, fmt.Errorf("initial proxy provider %s error: %w", proxyProvider.Name(), err) + } + } + // parse proxy group for idx, mapping := range groupsConfig { group, err := outboundgroup.ParseProxyGroup(mapping, proxies, providersMap) @@ -444,7 +483,7 @@ func parseProxies(cfg *RawConfig) (proxies map[string]C.Proxy, providersMap map[ } } - ps := []C.Proxy{} + var ps []C.Proxy for _, v := range proxyList { ps = append(ps, proxies[v]) } @@ -543,28 +582,27 @@ func parseRules(cfg *RawConfig, proxies map[string]C.Proxy) ([]C.Rule, map[strin continue } + l := len(rule) + if ruleName == "NOT" || ruleName == "OR" || ruleName == "AND" { - payload = strings.Join(rule[1:len(rule)-1], ",") - target = rule[len(rule)-1] + target = rule[l-1] + payload = strings.Join(rule[1:l-1], ",") } else { - switch l := len(rule); { - case l == 2: - target = rule[1] - case l == 3: - if ruleName == "MATCH" { - payload = "" - target = rule[1] - params = rule[2:] - break - } + if l < 2 { + return nil, fmt.Errorf("rules[%d] [%s] error: format invalid", idx, line) + } + if l < 4 { + rule = append(rule, make([]string, 4-l)...) + } + if ruleName == "MATCH" { + l = 2 + } + if l >= 3 { + l = 3 payload = rule[1] - target = rule[2] - case l >= 4: - payload = rule[1] - target = rule[2] - params = rule[3:] - default: - return nil, nil, fmt.Errorf("rules[%d] [%s] error: format invalid", idx, line) + } + target = rule[l-1] + params = rule[l:] } } @@ -681,6 +719,7 @@ func parseNameServer(servers []string) ([]dns.NameServer, error) { Net: dnsNetType, Addr: addr, ProxyAdapter: u.Fragment, + Interface: dialer.DefaultInterface.Load(), }, ) } @@ -879,3 +918,37 @@ func cleanPyKeywords(code string) string { } return code } + +func parseTun(rawTun RawTun, general *General) (*Tun, error) { + if (rawTun.Enable || general.TProxyPort != 0) && general.Interface == "" { + autoDetectInterfaceName, err := commons.GetAutoDetectInterface() + if err != nil || autoDetectInterfaceName == "" { + return nil, fmt.Errorf("can not find auto detect interface: %w. you must be detect `interface-name` if tun set to enable or `tproxy-port` isn't zore", err) + } + + general.Interface = autoDetectInterfaceName + } + + var dnsHijack []netip.AddrPort + + for _, d := range rawTun.DNSHijack { + if _, after, ok := strings.Cut(d, "://"); ok { + d = after + } + + addrPort, err := netip.ParseAddrPort(d) + if err != nil { + return nil, fmt.Errorf("parse dns-hijack url error: %w", err) + } + + dnsHijack = append(dnsHijack, addrPort) + } + + return &Tun{ + Enable: rawTun.Enable, + Device: rawTun.Device, + Stack: rawTun.Stack, + DNSHijack: dnsHijack, + AutoRoute: rawTun.AutoRoute, + }, nil +} diff --git a/config/initial.go b/config/initial.go index 69b6ce16..e547ef5d 100644 --- a/config/initial.go +++ b/config/initial.go @@ -67,7 +67,7 @@ func downloadGeoSite(path string) (err error) { func initGeoSite() error { if _, err := os.Stat(C.Path.GeoSite()); os.IsNotExist(err) { - log.Infoln("Need GeoSite but can't find GeoSite.dat, start download") + log.Infoln("Can't find GeoSite.dat, start download") if err := downloadGeoSite(C.Path.GeoSite()); err != nil { return fmt.Errorf("can't download GeoSite.dat: %s", err.Error()) } @@ -90,7 +90,7 @@ func initGeoSite() error { func initGeoIP() error { if C.GeodataMode { if _, err := os.Stat(C.Path.GeoIP()); os.IsNotExist(err) { - log.Infoln("Need GeoIP but can't find GeoIP.dat, start download") + log.Infoln("Can't find GeoIP.dat, start download") if err := downloadGeoIP(C.Path.GeoIP()); err != nil { return fmt.Errorf("can't download GeoIP.dat: %s", err.Error()) } diff --git a/constant/metadata.go b/constant/metadata.go index eba63c0a..a91878a1 100644 --- a/constant/metadata.go +++ b/constant/metadata.go @@ -73,16 +73,16 @@ func (t Type) MarshalJSON() ([]byte, error) { // Metadata is used to store connection address type Metadata struct { - NetWork NetWork `json:"network"` - Type Type `json:"type"` - SrcIP net.IP `json:"sourceIP"` - DstIP net.IP `json:"destinationIP"` - SrcPort string `json:"sourcePort"` - DstPort string `json:"destinationPort"` - AddrType int `json:"-"` - Host string `json:"host"` - Process string `json:"process"` - DNSMode DNSMode `json:"dnsMode"` + NetWork NetWork `json:"network"` + Type Type `json:"type"` + SrcIP net.IP `json:"sourceIP"` + DstIP net.IP `json:"destinationIP"` + SrcPort string `json:"sourcePort"` + DstPort string `json:"destinationPort"` + AddrType int `json:"-"` + Host string `json:"host"` + DNSMode DNSMode `json:"dnsMode"` + Process string `json:"process"` ProcessPath string `json:"processPath"` } diff --git a/constant/rule.go b/constant/rule.go index 9c79013a..68d1b4b1 100644 --- a/constant/rule.go +++ b/constant/rule.go @@ -75,4 +75,5 @@ type Rule interface { ShouldResolveIP() bool ShouldFindProcess() bool RuleExtra() *RuleExtra + SetRuleExtra(re *RuleExtra) } diff --git a/constant/rule_extra.go b/constant/rule_extra.go index 9df17418..c7669ecd 100644 --- a/constant/rule_extra.go +++ b/constant/rule_extra.go @@ -7,8 +7,6 @@ import ( "github.com/Dreamacro/clash/component/geodata/router" ) -var TunBroadcastAddr = net.IPv4(198, 18, 255, 255) - type RuleExtra struct { Network NetWork SourceIPs []*net.IPNet diff --git a/constant/tun.go b/constant/tun.go new file mode 100644 index 00000000..10e24861 --- /dev/null +++ b/constant/tun.go @@ -0,0 +1,66 @@ +package constant + +import ( + "encoding/json" + "errors" + "strings" +) + +var StackTypeMapping = map[string]TUNStack{ + strings.ToUpper(TunGvisor.String()): TunGvisor, + strings.ToUpper(TunSystem.String()): TunSystem, +} + +const ( + TunGvisor TUNStack = iota + TunSystem +) + +type TUNStack int + +// UnmarshalYAML unserialize TUNStack with yaml +func (e *TUNStack) UnmarshalYAML(unmarshal func(any) error) error { + var tp string + if err := unmarshal(&tp); err != nil { + return err + } + mode, exist := StackTypeMapping[strings.ToUpper(tp)] + if !exist { + return errors.New("invalid tun stack") + } + *e = mode + return nil +} + +// MarshalYAML serialize TUNStack with yaml +func (e TUNStack) MarshalYAML() (any, error) { + return e.String(), nil +} + +// UnmarshalJSON unserialize TUNStack with json +func (e *TUNStack) UnmarshalJSON(data []byte) error { + var tp string + json.Unmarshal(data, &tp) + mode, exist := StackTypeMapping[strings.ToUpper(tp)] + if !exist { + return errors.New("invalid tun stack") + } + *e = mode + return nil +} + +// MarshalJSON serialize TUNStack with json +func (e TUNStack) MarshalJSON() ([]byte, error) { + return json.Marshal(e.String()) +} + +func (e TUNStack) String() string { + switch e { + case TunGvisor: + return "gVisor" + case TunSystem: + return "System" + default: + return "unknown" + } +} diff --git a/dns/client.go b/dns/client.go index 56ff1998..fec3e39c 100644 --- a/dns/client.go +++ b/dns/client.go @@ -31,7 +31,6 @@ func (c *client) ExchangeContext(ctx context.Context, m *D.Msg) (*D.Msg, error) ip net.IP err error ) - if ip = net.ParseIP(c.host); ip == nil { if c.r == nil { return nil, fmt.Errorf("dns %s not a valid ip", c.host) diff --git a/dns/enhancer.go b/dns/enhancer.go index 76f0f262..f42fa268 100644 --- a/dns/enhancer.go +++ b/dns/enhancer.go @@ -40,7 +40,19 @@ func (h *ResolverEnhancer) IsFakeIP(ip net.IP) bool { } if pool := h.fakePool; pool != nil { - return pool.IPNet().Contains(ip) && !pool.Gateway().Equal(ip) + return pool.IPNet().Contains(ip) && !pool.Gateway().Equal(ip) && !pool.Broadcast().Equal(ip) + } + + return false +} + +func (h *ResolverEnhancer) IsFakeBroadcastIP(ip net.IP) bool { + if !h.FakeIPEnabled() { + return false + } + + if pool := h.fakePool; pool != nil { + return pool.Broadcast().Equal(ip) } return false diff --git a/dns/resolver.go b/dns/resolver.go index ce48a040..aa854153 100644 --- a/dns/resolver.go +++ b/dns/resolver.go @@ -150,7 +150,7 @@ func (r *Resolver) exchangeWithoutCache(ctx context.Context, m *D.Msg) (msg *D.M return } -func (r *Resolver) batchExchange(ctx context.Context, clients []dnsClient, m *D.Msg) (*D.Msg, error) { +func (r *Resolver) batchExchange(ctx context.Context, clients []dnsClient, m *D.Msg) (msg *D.Msg, err error) { fast, ctx := picker.WithTimeout(ctx, resolver.DefaultDNSTimeout) for _, client := range clients { r := client @@ -174,8 +174,8 @@ func (r *Resolver) batchExchange(ctx context.Context, clients []dnsClient, m *D. return nil, err } - msg := elm.(*D.Msg) - return msg, nil + msg = elm.(*D.Msg) + return } func (r *Resolver) matchPolicy(m *D.Msg) []dnsClient { @@ -216,7 +216,7 @@ func (r *Resolver) shouldOnlyQueryFallback(m *D.Msg) bool { return false } -func (r *Resolver) ipExchange(ctx context.Context, m *D.Msg) (*D.Msg, error) { +func (r *Resolver) ipExchange(ctx context.Context, m *D.Msg) (msg *D.Msg, err error) { if matched := r.matchPolicy(m); len(matched) != 0 { res := <-r.asyncExchange(ctx, matched, m) return res.Msg, res.Error @@ -233,20 +233,23 @@ func (r *Resolver) ipExchange(ctx context.Context, m *D.Msg) (*D.Msg, error) { if r.fallback == nil || len(r.fallback) == 0 { // directly return if no fallback servers are available res := <-msgCh - return res.Msg, res.Error + msg, err = res.Msg, res.Error + return } res := <-msgCh if res.Error == nil { if ips := msgToIP(res.Msg); len(ips) != 0 { if !r.shouldIPFallback(ips[0]) { - return res.Msg, res.Error // no need to wait for fallback result + msg, err = res.Msg, res.Error // no need to wait for fallback result + return } } } res = <-r.asyncExchange(ctx, r.fallback, m) - return res.Msg, res.Error + msg, err = res.Msg, res.Error + return } func (r *Resolver) resolveIP(host string, dnsType uint16) (ip net.IP, err error) { diff --git a/go.mod b/go.mod index c2bef42b..3816dfcf 100644 --- a/go.mod +++ b/go.mod @@ -11,14 +11,13 @@ require ( github.com/gofrs/uuid v4.2.0+incompatible github.com/gorilla/websocket v1.5.0 github.com/insomniacslk/dhcp v0.0.0-20220119180841-3c283ff8b7dd - github.com/kr328/tun2socket v0.0.0-20210412191540-3d56c47e2d99 - github.com/lucas-clemente/quic-go v0.25.0 github.com/miekg/dns v1.1.47 github.com/oschwald/geoip2-golang v1.6.1 github.com/sirupsen/logrus v1.8.1 - github.com/stretchr/testify v1.7.0 + github.com/stretchr/testify v1.7.1 github.com/xtls/go v0.0.0-20210920065950-d4af136d3672 go.etcd.io/bbolt v1.3.6 + github.com/lucas-clemente/quic-go v0.25.0 go.uber.org/atomic v1.9.0 go.uber.org/automaxprocs v1.4.0 golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd @@ -26,9 +25,13 @@ require ( golang.org/x/sync v0.0.0-20210220032951-036812b2e83c golang.org/x/sys v0.0.0-20220315194320-039c03cc5b86 golang.zx2c4.com/wireguard/windows v0.5.1 + golang.org/x/sys v0.0.0-20220315194320-039c03cc5b86 + golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 + golang.zx2c4.com/wireguard v0.0.0-20220310012736-ae6bc4dd64e1 + golang.zx2c4.com/wireguard/windows v0.5.3 google.golang.org/protobuf v1.27.1 gopkg.in/yaml.v2 v2.4.0 - gvisor.dev/gvisor v0.0.0-20220129032118-ed00636ef990 + gvisor.dev/gvisor v0.0.0-20220315202956-f1399ecf1672 ) require ( @@ -38,6 +41,8 @@ require ( github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect github.com/google/btree v1.0.1 // indirect github.com/kr/pretty v0.2.1 // indirect + github.com/oschwald/maxminddb-golang v1.8.0 // indirect + github.com/kr/pretty v0.2.1 // indirect github.com/marten-seemann/qtls-go1-16 v0.1.4 // indirect github.com/marten-seemann/qtls-go1-17 v0.1.0 // indirect github.com/marten-seemann/qtls-go1-18 v0.1.0 // indirect @@ -45,12 +50,17 @@ require ( github.com/onsi/ginkgo v1.16.5 // indirect github.com/oschwald/maxminddb-golang v1.8.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/u-root/uio v0.0.0-20210528114334-82958018845c // indirect + golang.org/x/mod v0.5.1 // indirect + golang.org/x/text v0.3.8-0.20220124021120-d1c84af989ab // indirect + golang.org/x/tools v0.1.9 // indirect github.com/u-root/uio v0.0.0-20220204230159-dac05f7d2cb4 // indirect golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect golang.org/x/text v0.3.8-0.20211105212822-18b340fc7af2 // indirect golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect golang.org/x/tools v0.1.10 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect + golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 // indirect golang.zx2c4.com/go118/netip v0.0.0-20211106132939-9d41d90554dd // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect diff --git a/hub/executor/executor.go b/hub/executor/executor.go index 9f7b9fdb..7297b270 100644 --- a/hub/executor/executor.go +++ b/hub/executor/executor.go @@ -28,7 +28,7 @@ import ( "github.com/Dreamacro/clash/dns" P "github.com/Dreamacro/clash/listener" authStore "github.com/Dreamacro/clash/listener/auth" - "github.com/Dreamacro/clash/listener/tun/dev" + "github.com/Dreamacro/clash/listener/tproxy" "github.com/Dreamacro/clash/log" "github.com/Dreamacro/clash/tunnel" ) @@ -76,6 +76,8 @@ func ApplyConfig(cfg *config.Config, force bool) { mux.Lock() defer mux.Unlock() + log.SetLevel(log.DEBUG) + updateUsers(cfg.Users) updateHosts(cfg.Hosts) updateGeneral(cfg.General, cfg.Tun, force) @@ -88,6 +90,7 @@ func ApplyConfig(cfg *config.Config, force bool) { loadProvider(cfg.RuleProviders, cfg.Providers) updateProfile(cfg) + log.SetLevel(cfg.General.LogLevel) } func GetGeneral() *config.General { @@ -119,15 +122,7 @@ func GetGeneral() *config.General { func updateExperimental(c *config.Config) {} -func updateDNS(c *config.DNS, Tun *config.Tun) { - if !c.Enable && !Tun.Enable { - resolver.DefaultResolver = nil - resolver.MainResolver = nil - resolver.DefaultHostMapper = nil - dns.ReCreateServer("", nil, nil) - return - } - +func updateDNS(c *config.DNS, t *config.Tun) { cfg := dns.Config{ Main: c.NameServer, Fallback: c.Fallback, @@ -158,14 +153,21 @@ func updateDNS(c *config.DNS, Tun *config.Tun) { resolver.DefaultResolver = r resolver.MainResolver = mr resolver.DefaultHostMapper = m - if Tun.Enable && !strings.EqualFold(Tun.Stack, "gVisor") { + + if t.Enable { resolver.DefaultLocalServer = dns.NewLocalServer(r, m) - } else { - resolver.DefaultLocalServer = nil } if c.Enable { dns.ReCreateServer(c.Listen, r, m) + } else { + if !t.Enable { + resolver.DefaultResolver = nil + resolver.MainResolver = nil + resolver.DefaultHostMapper = nil + resolver.DefaultLocalServer = nil + } + dns.ReCreateServer("", nil, nil) } } @@ -213,33 +215,30 @@ func loadProvider(ruleProviders map[string]*provider.RuleProvider, proxyProvider } } +func updateTun(tun *config.Tun, tunAddressPrefix string) { + P.ReCreateTun(tun, tunAddressPrefix, tunnel.TCPIn(), tunnel.UDPIn()) +} + func updateGeneral(general *config.General, Tun *config.Tun, force bool) { tunnel.SetMode(general.Mode) resolver.DisableIPv6 = !general.IPv6 adapter.UnifiedDelay.Store(general.UnifiedDelay) - if (Tun.Enable || general.TProxyPort != 0) && general.Interface == "" { - autoDetectInterfaceName, err := dev.GetAutoDetectInterface() - if err == nil { - if autoDetectInterfaceName != "" && autoDetectInterfaceName != "" { - general.Interface = autoDetectInterfaceName - } else { - log.Debugln("Auto detect interface name is empty.") - } - } else { - log.Debugln("Can not find auto detect interface. %s", err.Error()) - } + dialer.DefaultInterface.Store(general.Interface) + if dialer.DefaultInterface.Load() != "" { + log.Infoln("Use interface name: %s", general.Interface) } - dialer.DefaultInterface.Store(general.Interface) - dialer.DefaultRoutingMark.Store(int32(general.RoutingMark)) - - log.Infoln("Use interface name: %s", general.Interface) + if general.RoutingMark > 0 || (general.RoutingMark == 0 && general.TProxyPort == 0) { + dialer.DefaultRoutingMark.Store(int32(general.RoutingMark)) + if general.RoutingMark > 0 { + log.Infoln("Use routing mark: %#x", general.RoutingMark) + } + } iface.FlushCache() if !force { - log.SetLevel(general.LogLevel) return } @@ -260,18 +259,6 @@ func updateGeneral(general *config.General, Tun *config.Tun, force bool) { P.ReCreateRedir(general.RedirPort, tcpIn, udpIn) P.ReCreateTProxy(general.TProxyPort, tcpIn, udpIn) P.ReCreateMixed(general.MixedPort, tcpIn, udpIn) - - log.SetLevel(general.LogLevel) -} - -func updateTun(Tun *config.Tun) { - if Tun == nil { - return - } - tcpIn := tunnel.TCPIn() - udpIn := tunnel.UDPIn() - - P.ReCreateTun(*Tun, tcpIn, udpIn) } func updateUsers(users []auth.AuthUser) { @@ -317,8 +304,28 @@ func patchSelectGroup(proxies map[string]C.Proxy) { } } -func updateIPTables(dns *config.DNS, general *config.General, tun *config.Tun) { - if runtime.GOOS != "linux" || dns.Listen == "" || general.TProxyPort == 0 || tun.Enable || !general.AutoIptables { +func updateIPTables(dns *config.DNS, tProxyPort int, interfaceName string, tunEnable bool) { + tproxy.CleanUpTProxyLinuxIPTables() + + if runtime.GOOS != "linux" || tProxyPort == 0 { + return + } + + var err error + defer func() { + if err != nil { + log.Errorln("Setting iptables failed: %s", err.Error()) + os.Exit(2) + } + }() + + if !dns.Enable || dns.Listen == "" { + err = fmt.Errorf("DNS server must be enable") + return + } + + if tunEnable { + err = fmt.Errorf("TUN device must be disabe") return } @@ -332,19 +339,15 @@ func updateIPTables(dns *config.DNS, general *config.General, tun *config.Tun) { return } - tproxy.CleanUpTProxyLinuxIPTables() - dialer.DefaultRoutingMark.Store(2158) - - err = tproxy.SetTProxyLinuxIPTables(general.Interface, general.TProxyPort, dnsPort) - - if err != nil { - log.Errorln("Can not setting iptables for TProxy on linux, %s", err.Error()) - os.Exit(2) + if dialer.DefaultRoutingMark.Load() == 0 { + dialer.DefaultRoutingMark.Store(2158) } + + err = tproxy.SetTProxyLinuxIPTables(interfaceName, tProxyPort, dnsPort) } -func CleanUp() { - P.CleanUp() +func Cleanup() { + P.Cleanup() if runtime.GOOS == "linux" { tproxy.CleanUpTProxyLinuxIPTables() } diff --git a/hub/hub.go b/hub/hub.go index 5b80ab66..cde0bb57 100644 --- a/hub/hub.go +++ b/hub/hub.go @@ -49,6 +49,6 @@ func Parse(options ...Option) error { return nil } -func CleanUp() { - executor.CleanUp() +func Cleanup() { + executor.Cleanup() } diff --git a/listener/listener.go b/listener/listener.go index 34f79e2b..286d04d5 100644 --- a/listener/listener.go +++ b/listener/listener.go @@ -35,7 +35,7 @@ var ( tproxyUDPListener *tproxy.UDPListener mixedListener *mixed.Listener mixedUDPLister *socks.UDPListener - tunAdapter ipstack.TunAdapter + tunStackListener ipstack.Stack // lock for recreate function socksMux sync.Mutex @@ -66,18 +66,6 @@ func SetAllowLan(al bool) { allowLan = al } -func Tun() config.Tun { - if tunAdapter == nil { - return config.Tun{} - } - return config.Tun{ - Enable: true, - Stack: tunAdapter.Stack(), - DnsHijack: tunAdapter.DnsHijack(), - AutoRoute: tunAdapter.AutoRoute(), - } -} - func SetBindAddress(host string) { bindAddress = host } @@ -323,47 +311,28 @@ func ReCreateMixed(port int, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.P log.Infoln("Mixed(http+socks) proxy listening at: %s", mixedListener.Address()) } -//func ReCreateTun(conf config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) error { -// tunMux.Lock() -// defer tunMux.Unlock() -// -// if tunAdapter != nil { -// tunAdapter.Close() -// tunAdapter = nil -// } -// -// if !conf.Enable { -// return nil -// } -// -// var err error -// tunAdapter, err = tun.New(conf, tcpIn, udpIn) -// -// return err -//} - -func ReCreateTun(conf config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) { +func ReCreateTun(tunConf *config.Tun, tunAddressPrefix string, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) { tunMux.Lock() defer tunMux.Unlock() var err error defer func() { if err != nil { - log.Errorln("Start TUN interface error: %s", err.Error()) + log.Errorln("Start TUN listening error: %s", err.Error()) os.Exit(2) } }() - if tunAdapter != nil { - tunAdapter.Close() - tunAdapter = nil + if tunStackListener != nil { + tunStackListener.Close() + tunStackListener = nil } - if !conf.Enable { + if !tunConf.Enable { return } - tunAdapter, err = tun.New(conf, tcpIn, udpIn) + tunStackListener, err = tun.New(tunConf, tunAddressPrefix, tcpIn, udpIn) if err != nil { log.Warnln("Failed to start TUN interface: %s", err.Error()) } @@ -425,11 +394,8 @@ func genAddr(host string, port int, allowLan bool) string { return fmt.Sprintf("127.0.0.1:%d", port) } -// CleanUp clean up something -func CleanUp() { - if runtime.GOOS == "windows" { - if tunAdapter != nil { - tunAdapter.Close() - } +func Cleanup() { + if tunStackListener != nil { + _ = tunStackListener.Close() } } diff --git a/listener/tproxy/tproxy_linux_iptables.go b/listener/tproxy/tproxy_linux_iptables.go index 017238c6..ae6ad6a8 100644 --- a/listener/tproxy/tproxy_linux_iptables.go +++ b/listener/tproxy/tproxy_linux_iptables.go @@ -3,18 +3,17 @@ package tproxy import ( "errors" "fmt" - "github.com/Dreamacro/clash/component/dialer" - "os/exec" "runtime" - "strings" + "github.com/Dreamacro/clash/common/cmd" + "github.com/Dreamacro/clash/component/dialer" "github.com/Dreamacro/clash/log" ) var ( - interfaceName = "" - tproxyPort = 0 dnsPort = 0 + tProxyPort = 0 + interfaceName = "" ) const ( @@ -24,7 +23,7 @@ const ( func SetTProxyLinuxIPTables(ifname string, tport int, dport int) error { var err error - if _, err = execCmd("iptables -V"); err != nil { + if err = execCmd("iptables -V"); err != nil { return fmt.Errorf("current operations system [%s] are not support iptables or command iptables does not exist", runtime.GOOS) } @@ -33,7 +32,7 @@ func SetTProxyLinuxIPTables(ifname string, tport int, dport int) error { } interfaceName = ifname - tproxyPort = tport + tProxyPort = tport dnsPort = dport // add route @@ -63,8 +62,8 @@ func SetTProxyLinuxIPTables(ifname string, tport int, dport int) error { addLocalnetworkToChain("clash_prerouting") execCmd("iptables -t mangle -A clash_prerouting -p tcp -m socket -j clash_divert") execCmd("iptables -t mangle -A clash_prerouting -p udp -m socket -j clash_divert") - execCmd(fmt.Sprintf("iptables -t mangle -A clash_prerouting -p tcp -j TPROXY --on-port %d --tproxy-mark %s/%s", tproxyPort, PROXY_FWMARK, PROXY_FWMARK)) - execCmd(fmt.Sprintf("iptables -t mangle -A clash_prerouting -p udp -j TPROXY --on-port %d --tproxy-mark %s/%s", tproxyPort, PROXY_FWMARK, PROXY_FWMARK)) + execCmd(fmt.Sprintf("iptables -t mangle -A clash_prerouting -p tcp -j TPROXY --on-port %d --tproxy-mark %s/%s", tProxyPort, PROXY_FWMARK, PROXY_FWMARK)) + execCmd(fmt.Sprintf("iptables -t mangle -A clash_prerouting -p udp -j TPROXY --on-port %d --tproxy-mark %s/%s", tProxyPort, PROXY_FWMARK, PROXY_FWMARK)) execCmd("iptables -t mangle -A PREROUTING -j clash_prerouting") execCmd(fmt.Sprintf("iptables -t nat -I PREROUTING ! -s 172.17.0.0/16 ! -d 127.0.0.0/8 -p tcp --dport 53 -j REDIRECT --to %d", dnsPort)) @@ -96,20 +95,22 @@ func SetTProxyLinuxIPTables(ifname string, tport int, dport int) error { execCmd("iptables -t nat -I OUTPUT -p tcp --dport 53 -j clash_dns_output") execCmd("iptables -t nat -I OUTPUT -p udp --dport 53 -j clash_dns_output") - log.Infoln("[TProxy] Setting iptables completed") + log.Infoln("[TPROXY] Setting iptables completed") return nil } func CleanUpTProxyLinuxIPTables() { - if interfaceName == "" || tproxyPort == 0 || dnsPort == 0 { + if interfaceName == "" || tProxyPort == 0 || dnsPort == 0 { return } log.Warnln("Clean up tproxy linux iptables") - dialer.DefaultRoutingMark.Store(0) + if int(dialer.DefaultRoutingMark.Load()) == 2158 { + dialer.DefaultRoutingMark.Store(0) + } - if _, err := execCmd("iptables -t mangle -L clash_divert"); err != nil { + if err := execCmd("iptables -t mangle -L clash_divert"); err != nil { return } @@ -165,16 +166,13 @@ func addLocalnetworkToChain(chain string) { execCmd(fmt.Sprintf("iptables -t mangle -A %s -d 255.255.255.255/32 -j RETURN", chain)) } -func execCmd(cmdstr string) (string, error) { - log.Debugln("[TProxy] %s", cmdstr) +func execCmd(cmdStr string) error { + log.Debugln("[TPROXY] %s", cmdStr) - args := strings.Split(cmdstr, " ") - cmd := exec.Command(args[0], args[1:]...) - out, err := cmd.CombinedOutput() + _, err := cmd.ExecCmd(cmdStr) if err != nil { - log.Errorln("[TProxy] error: %s, %s", err.Error(), string(out)) - return "", err + log.Warnln("[TPROXY] exec cmd: %v", err) } - return string(out), nil + return err } diff --git a/listener/tun/dev/dev.go b/listener/tun/dev/dev.go deleted file mode 100644 index 54ff591e..00000000 --- a/listener/tun/dev/dev.go +++ /dev/null @@ -1,12 +0,0 @@ -package dev - -// TunDevice is cross-platform tun interface -type TunDevice interface { - Name() string - URL() string - MTU() (int, error) - IsClose() bool - Close() error - Read(buff []byte) (int, error) - Write(buff []byte) (int, error) -} diff --git a/listener/tun/dev/dev_darwin.go b/listener/tun/dev/dev_darwin.go deleted file mode 100644 index 61f08731..00000000 --- a/listener/tun/dev/dev_darwin.go +++ /dev/null @@ -1,541 +0,0 @@ -//go:build darwin -// +build darwin - -package dev - -import ( - "bytes" - "fmt" - "github.com/Dreamacro/clash/log" - "net" - "os" - "os/exec" - "regexp" - "strings" - "sync" - "syscall" - "unsafe" - - "golang.org/x/net/ipv6" - "golang.org/x/sys/unix" - - "github.com/Dreamacro/clash/common/pool" -) - -const ( - utunControlName = "com.apple.net.utun_control" - iocOut = 0x40000000 - iocIn = 0x80000000 - iocInout = iocIn | iocOut -) - -// _CTLIOCGINFO value derived from /usr/include/sys/{kern_control,ioccom}.h -// https://github.com/apple/darwin-xnu/blob/master/bsd/sys/ioccom.h - -// #define CTLIOCGINFO _IOWR('N', 3, struct ctl_info) /* get id from name */ = 0xc0644e03 -const _CTLIOCGINFO = iocInout | ((100 & 0x1fff) << 16) | uint32(byte('N'))<<8 | 3 - -// #define SIOCPROTOATTACH_IN6 _IOWR('i', 110, struct in6_aliasreq_64) -const siocprotoattachIn6 = iocInout | ((128 & 0x1fff) << 16) | uint32(byte('i'))<<8 | 110 - -// #define SIOCLL_START _IOWR('i', 130, struct in6Aliasreq) -const siocllStart = iocInout | ((128 & 0x1fff) << 16) | uint32(byte('i'))<<8 | 130 - -// Following the wireguard-go solution: -// These unix.SYS_* constants were removed from golang.org/x/sys/unix -// so copy them here for now. -// See https://github.com/golang/go/issues/41868 -const ( - sysIoctl = 54 - sysConnect = 98 - sysGetsockopt = 118 -) - -type tunDarwin struct { - name string - tunAddress string - autoRoute bool - tunFile *os.File - errors chan error - - closed bool - stopOnce sync.Once -} - -// sockaddr_ctl specifeid in /usr/include/sys/kern_control.h -type sockaddrCtl struct { - scLen uint8 - scFamily uint8 - ssSysaddr uint16 - scID uint32 - scUnit uint32 - scReserved [5]uint32 -} - -type ctlInfo struct { - ctlID uint32 - ctlName [96]byte -} - -// https://github.com/apple/darwin-xnu/blob/a449c6a3b8014d9406c2ddbdc81795da24aa7443/bsd/sys/sockio.h#L107 -// https://github.com/apple/darwin-xnu/blob/a449c6a3b8014d9406c2ddbdc81795da24aa7443/bsd/net/if.h#L570-L575 -// https://man.openbsd.org/netintro.4#SIOCAIFADDR -type aliasreq struct { - ifraName [unix.IFNAMSIZ]byte - ifraAddr unix.RawSockaddrInet4 - ifraDstaddr unix.RawSockaddrInet4 - ifraMask unix.RawSockaddrInet4 -} - -// SIOCAIFADDR_IN6 -// https://github.com/apple/darwin-xnu/blob/a449c6a3b8014d9406c2ddbdc81795da24aa7443/bsd/netinet6/in6_var.h#L114-L119 -// https://opensource.apple.com/source/network_cmds/network_cmds-543.260.3/ -type in6Addrlifetime struct{} - -// https://github.com/apple/darwin-xnu/blob/a449c6a3b8014d9406c2ddbdc81795da24aa7443/bsd/netinet6/in6_var.h#L336-L343 -// https://github.com/apple/darwin-xnu/blob/a449c6a3b8014d9406c2ddbdc81795da24aa7443/bsd/netinet6/in6.h#L174-L181 -type in6Aliasreq struct { - ifraName [unix.IFNAMSIZ]byte - ifraAddr unix.RawSockaddrInet6 - ifraDstaddr unix.RawSockaddrInet6 - ifraPrefixmask unix.RawSockaddrInet6 - ifraFlags int32 - ifraLifetime in6Addrlifetime -} - -// https://github.com/apple/darwin-xnu/blob/a449c6a3b8014d9406c2ddbdc81795da24aa7443/bsd/net/if.h#L402-L563 - -//type ifreqAddr struct { -// Name [unix.IFNAMSIZ]byte -// Addr unix.RawSockaddrInet4 -// Pad [8]byte -//} - -var sockaddrCtlSize uintptr = 32 - -// OpenTunDevice return a TunDevice according a URL -func OpenTunDevice(tunAddress string, autoRoute bool) (TunDevice, error) { - name := "utun" - mtu := 9000 - - ifIndex := -1 - if name != "utun" { - _, err := fmt.Sscanf(name, "utun%d", &ifIndex) - if err != nil || ifIndex < 0 { - return nil, fmt.Errorf("interface name must be utun[0-9]*") - } - } - - fd, err := unix.Socket(unix.AF_SYSTEM, unix.SOCK_DGRAM, 2) - if err != nil { - return nil, err - } - - ctlInfo1 := &ctlInfo{} - - copy(ctlInfo1.ctlName[:], []byte(utunControlName)) - - _, _, errno := unix.Syscall( - sysIoctl, - uintptr(fd), - uintptr(_CTLIOCGINFO), - uintptr(unsafe.Pointer(ctlInfo1)), - ) - - if errno != 0 { - return nil, fmt.Errorf("_CTLIOCGINFO: %v", errno) - } - - sc := sockaddrCtl{ - scLen: uint8(sockaddrCtlSize), - scFamily: unix.AF_SYSTEM, - ssSysaddr: 2, - scID: ctlInfo1.ctlID, - scUnit: uint32(ifIndex) + 1, - } - - scPointer := unsafe.Pointer(&sc) - - _, _, errno = unix.RawSyscall( - sysConnect, - uintptr(fd), - uintptr(scPointer), - uintptr(sockaddrCtlSize), - ) - - if errno != 0 { - return nil, fmt.Errorf("SYS_CONNECT: %v", errno) - } - - err = syscall.SetNonblock(fd, true) - if err != nil { - return nil, err - } - - tun, err := CreateTUNFromFile(os.NewFile(uintptr(fd), ""), mtu, tunAddress, autoRoute) - if err != nil { - return nil, err - } - - if autoRoute { - setAutoRoute(tunAddress) - } - - return tun, nil -} - -func CreateTUNFromFile(file *os.File, mtu int, tunAddress string, autoRoute bool) (TunDevice, error) { - tun := &tunDarwin{ - tunFile: file, - tunAddress: tunAddress, - autoRoute: autoRoute, - errors: make(chan error, 5), - } - - name, err := tun.getName() - if err != nil { - tun.tunFile.Close() - return nil, err - } - tun.name = name - - if err != nil { - tun.tunFile.Close() - return nil, err - } - - if mtu > 0 { - err = tun.setMTU(mtu) - if err != nil { - tun.Close() - return nil, err - } - } - - // This address doesn't mean anything here. NIC just net an IP address to set route upon. - p2pAddress := net.ParseIP(tunAddress) - err = tun.setTunAddress(p2pAddress) - if err != nil { - tun.Close() - return nil, err - } - err = tun.attachLinkLocal() - if err != nil { - tun.Close() - return nil, err - } - - return tun, nil -} - -func (t *tunDarwin) Name() string { - return t.name -} - -func (t *tunDarwin) URL() string { - return fmt.Sprintf("dev://%s", t.Name()) -} - -func (t *tunDarwin) MTU() (int, error) { - return t.getInterfaceMtu() -} - -func (t *tunDarwin) Read(buff []byte) (int, error) { - select { - case err := <-t.errors: - return 0, err - default: - n, err := t.tunFile.Read(buff) - if n < 4 { - return 0, err - } - - copy(buff[:], buff[4:]) - return n - 4, err - } -} - -func (t *tunDarwin) Write(buff []byte) (int, error) { - // reserve space for header - buf := pool.Get(pool.RelayBufferSize) - defer pool.Put(buf[:cap(buf)]) - - buf[0] = 0x00 - buf[1] = 0x00 - buf[2] = 0x00 - - copy(buf[4:], buff) - if buf[4]>>4 == ipv6.Version { - buf[3] = unix.AF_INET6 - } else { - buf[3] = unix.AF_INET - } - - // write - return t.tunFile.Write(buf[:4+len(buff)]) -} - -func (t *tunDarwin) IsClose() bool { - return t.closed -} - -func (t *tunDarwin) Close() error { - t.stopOnce.Do(func() { - if t.autoRoute { - resetAutoRoute(t.tunAddress) - } - t.closed = true - t.tunFile.Close() - }) - return nil -} - -func (t *tunDarwin) getInterfaceMtu() (int, error) { - // open datagram socket - - fd, err := unix.Socket( - unix.AF_INET, - unix.SOCK_DGRAM, - 0, - ) - if err != nil { - return 0, err - } - - defer unix.Close(fd) - - // do ioctl call - - var ifr [64]byte - copy(ifr[:], t.name) - _, _, errno := unix.Syscall( - sysIoctl, - uintptr(fd), - uintptr(unix.SIOCGIFMTU), - uintptr(unsafe.Pointer(&ifr[0])), - ) - if errno != 0 { - return 0, fmt.Errorf("failed to get MTU on %s", t.name) - } - - return int(*(*int32)(unsafe.Pointer(&ifr[16]))), nil -} - -func (t *tunDarwin) getName() (string, error) { - var ifName struct { - name [16]byte - } - ifNameSize := uintptr(16) - - var errno syscall.Errno - t.operateOnFd(func(fd uintptr) { - _, _, errno = unix.Syscall6( - sysGetsockopt, - fd, - 2, /* #define SYSPROTO_CONTROL 2 */ - 2, /* #define UTUN_OPT_IFNAME 2 */ - uintptr(unsafe.Pointer(&ifName)), - uintptr(unsafe.Pointer(&ifNameSize)), 0) - }) - - if errno != 0 { - return "", fmt.Errorf("SYS_GETSOCKOPT: %v", errno) - } - - t.name = string(ifName.name[:ifNameSize-1]) - return t.name, nil -} - -func (t *tunDarwin) setMTU(n int) error { - // open datagram socket - fd, err := unix.Socket( - unix.AF_INET, - unix.SOCK_DGRAM, - 0, - ) - if err != nil { - return err - } - - defer unix.Close(fd) - - // do ioctl call - - var ifr [32]byte - copy(ifr[:], t.name) - *(*uint32)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])) = uint32(n) - _, _, errno := unix.Syscall( - sysIoctl, - uintptr(fd), - uintptr(unix.SIOCSIFMTU), - uintptr(unsafe.Pointer(&ifr[0])), - ) - - if errno != 0 { - return fmt.Errorf("failed to set MTU on %s", t.name) - } - - return nil -} - -func (t *tunDarwin) operateOnFd(fn func(fd uintptr)) { - sysconn, err := t.tunFile.SyscallConn() - // TODO: consume the errors - if err != nil { - t.errors <- fmt.Errorf("unable to find sysconn for tunfile: %s", err.Error()) - return - } - err = sysconn.Control(fn) - if err != nil { - t.errors <- fmt.Errorf("unable to control sysconn for tunfile: %s", err.Error()) - } -} - -func (t *tunDarwin) setTunAddress(addr net.IP) error { - var ifr [unix.IFNAMSIZ]byte - copy(ifr[:], t.name) - - // set IPv4 address - fd4, err := unix.Socket( - unix.AF_INET, - unix.SOCK_DGRAM, - 0, - ) - if err != nil { - return err - } - defer syscall.Close(fd4) - - var ip4 [4]byte - copy(ip4[:], addr.To4()) - ip4mask := [4]byte{255, 255, 0, 0} - ifra4 := aliasreq{ - ifraName: ifr, - ifraAddr: unix.RawSockaddrInet4{ - Len: unix.SizeofSockaddrInet4, - Family: unix.AF_INET, - Addr: ip4, - }, - ifraDstaddr: unix.RawSockaddrInet4{ - Len: unix.SizeofSockaddrInet4, - Family: unix.AF_INET, - Addr: ip4, - }, - ifraMask: unix.RawSockaddrInet4{ - Len: unix.SizeofSockaddrInet4, - Family: unix.AF_INET, - Addr: ip4mask, - }, - } - - if _, _, errno := unix.Syscall( - sysIoctl, - uintptr(fd4), - uintptr(unix.SIOCAIFADDR), - uintptr(unsafe.Pointer(&ifra4)), - ); errno != 0 { - return fmt.Errorf("failed to set ip address on %s: %v", t.name, errno) - } - - return nil -} - -func (t *tunDarwin) attachLinkLocal() error { - var ifr [unix.IFNAMSIZ]byte - copy(ifr[:], t.name) - - // attach link-local address - fd6, err := unix.Socket( - unix.AF_INET6, - unix.SOCK_DGRAM, - 0, - ) - if err != nil { - return err - } - defer syscall.Close(fd6) - - // Attach link-local address - ifra6 := in6Aliasreq{ - ifraName: ifr, - } - if _, _, errno := unix.Syscall( - sysIoctl, - uintptr(fd6), - uintptr(siocprotoattachIn6), - uintptr(unsafe.Pointer(&ifra6)), - ); errno != 0 { - return fmt.Errorf("failed to attach link-local address on %s: SIOCPROTOATTACH_IN6 %v", t.name, errno) - } - - if _, _, errno := unix.Syscall( - sysIoctl, - uintptr(fd6), - uintptr(siocllStart), - uintptr(unsafe.Pointer(&ifra6)), - ); errno != 0 { - return fmt.Errorf("failed to set ipv6 address on %s: SIOCLL_START %v", t.name, errno) - } - - return nil -} - -// GetAutoDetectInterface get ethernet interface -func GetAutoDetectInterface() (string, error) { - cmd := exec.Command("route", "-n", "get", "default") - if result, err := cmd.Output(); err != nil { - return "", err - } else { - resultString := string(result) - reg, err := regexp.Compile("(interface:)(.*)") - if err != nil { - return "", err - } - matchResult := reg.FindStringSubmatch(resultString) - interfaceName := strings.TrimSpace(matchResult[len(matchResult)-1]) - return interfaceName, nil - } - -} - -func setAutoRoute(tunGateway string) { - addRoute("1", tunGateway) - addRoute("2/7", tunGateway) - addRoute("4/6", tunGateway) - addRoute("8/5", tunGateway) - addRoute("16/4", tunGateway) - addRoute("32/3", tunGateway) - addRoute("64/2", tunGateway) - addRoute("128.0/1", tunGateway) - addRoute("198.18.0/16", tunGateway) -} - -func resetAutoRoute(tunGateway string) { - delRoute("1", tunGateway) - delRoute("2/7", tunGateway) - delRoute("4/6", tunGateway) - delRoute("8/5", tunGateway) - delRoute("16/4", tunGateway) - delRoute("32/3", tunGateway) - delRoute("64/2", tunGateway) - delRoute("128.0/1", tunGateway) - delRoute("198.18.0/16", tunGateway) -} - -func addRoute(net, name string) { - cmd := exec.Command("route", "add", "-net", net, name) - var stderr bytes.Buffer - cmd.Stderr = &stderr - if err := cmd.Run(); err != nil { - log.Errorln("[auto route] Failed to add system route: %s: %s , cmd: %s", err.Error(), stderr.String(), cmd.String()) - } -} - -func delRoute(net, name string) { - cmd := exec.Command("route", "delete", "-net", net, name) - var stderr bytes.Buffer - cmd.Stderr = &stderr - if err := cmd.Run(); err != nil { - log.Errorln("[auto route] Failed to delete system route: %s: %s , cmd: %s", err.Error(), stderr.String(), cmd.String()) - } -} diff --git a/listener/tun/dev/dev_linux.go b/listener/tun/dev/dev_linux.go deleted file mode 100644 index d43433ad..00000000 --- a/listener/tun/dev/dev_linux.go +++ /dev/null @@ -1,349 +0,0 @@ -//go:build linux || android -// +build linux android - -package dev - -import ( - "bytes" - "errors" - "fmt" - "github.com/Dreamacro/clash/log" - "net/url" - "os" - "os/exec" - "strconv" - "strings" - "sync" - "syscall" - "unsafe" - - "golang.org/x/sys/unix" -) - -const ( - cloneDevicePath = "/dev/net/tun" - ifReqSize = unix.IFNAMSIZ + 64 -) - -type tunLinux struct { - url string - name string - tunAddress string - autoRoute bool - tunFile *os.File - mtu int - - closed bool - stopOnce sync.Once -} - -// OpenTunDevice return a TunDevice according a URL -func OpenTunDevice(tunAddress string, autoRoute bool) (TunDevice, error) { - deviceURL, _ := url.Parse("dev://utun") - mtu, _ := strconv.ParseInt(deviceURL.Query().Get("mtu"), 0, 32) - - t := &tunLinux{ - url: deviceURL.String(), - mtu: int(mtu), - tunAddress: tunAddress, - autoRoute: autoRoute, - } - switch deviceURL.Scheme { - case "dev": - var err error - var dev TunDevice - dev, err = t.openDeviceByName(deviceURL.Host) - if err != nil { - return nil, err - } - - err = t.configInterface() - if err != nil { - return nil, err - } - - if autoRoute { - addRoute(tunAddress) - } - - return dev, nil - case "fd": - fd, err := strconv.ParseInt(deviceURL.Host, 10, 32) - if err != nil { - return nil, err - } - var dev TunDevice - dev, err = t.openDeviceByFd(int(fd)) - if err != nil { - return nil, err - } - if autoRoute { - log.Warnln("linux unsupported automatic route") - } - return dev, nil - } - return nil, fmt.Errorf("unsupported device type `%s`", deviceURL.Scheme) -} - -func (t *tunLinux) Name() string { - return t.name -} - -func (t *tunLinux) URL() string { - return t.url -} - -func (t *tunLinux) Write(buff []byte) (int, error) { - return t.tunFile.Write(buff) -} - -func (t *tunLinux) Read(buff []byte) (int, error) { - return t.tunFile.Read(buff) -} - -func (t *tunLinux) IsClose() bool { - return t.closed -} - -func (t *tunLinux) Close() error { - t.stopOnce.Do(func() { - t.closed = true - t.tunFile.Close() - }) - return nil -} - -func (t *tunLinux) MTU() (int, error) { - // Sometime, we can't read MTU by SIOCGIFMTU. Then we should return the preset MTU - if t.mtu > 0 { - return t.mtu, nil - } - mtu, err := t.getInterfaceMtu() - return int(mtu), err -} - -func (t *tunLinux) openDeviceByName(name string) (TunDevice, error) { - nfd, err := unix.Open(cloneDevicePath, os.O_RDWR, 0) - if err != nil { - return nil, err - } - - var ifr [ifReqSize]byte - var flags uint16 = unix.IFF_TUN | unix.IFF_NO_PI - nameBytes := []byte(name) - if len(nameBytes) >= unix.IFNAMSIZ { - return nil, errors.New("interface name too long") - } - - copy(ifr[:], nameBytes) - - *(*uint16)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])) = flags - - _, _, errno := unix.Syscall( - unix.SYS_IOCTL, - uintptr(nfd), - uintptr(unix.TUNSETIFF), - uintptr(unsafe.Pointer(&ifr[0])), - ) - if errno != 0 { - return nil, errno - } - - err = unix.SetNonblock(nfd, true) - if err != nil { - return nil, err - } - // Note that the above -- open,ioctl,nonblock -- must happen prior to handing it to netpoll as below this line. - - t.tunFile = os.NewFile(uintptr(nfd), cloneDevicePath) - t.name, err = t.getName() - if err != nil { - t.tunFile.Close() - return nil, err - } - - return t, nil -} - -func (t *tunLinux) configInterface() error { - var ifr [ifReqSize]byte - nameBytes := []byte(t.name) - if len(nameBytes) >= unix.IFNAMSIZ { - return errors.New("interface name too long") - } - - copy(ifr[:], nameBytes) - - fd, _, errno := syscall.Syscall(unix.SYS_SOCKET, unix.AF_INET, unix.SOCK_STREAM, 0) - if errno != 0 { - return errno - } - - // set addr for tun - var ip []byte - for _, num := range strings.Split(t.tunAddress, ".") { - value, err := strconv.Atoi(num) - if err != nil { - return err - } - ip = append(ip, byte(value)) - } - - *(*uint16)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])) = uint16(unix.AF_INET) - - copy(ifr[unix.IFNAMSIZ+4:], ip) - - _, _, errno = unix.Syscall( - unix.SYS_IOCTL, - fd, - uintptr(unix.SIOCSIFADDR), - uintptr(unsafe.Pointer(&ifr[0]))) - if errno != 0 { - return errno - } - - // set netmask for tun - netmask := []byte{255, 255, 0, 0} - copy(ifr[unix.IFNAMSIZ+4:], netmask) - - _, _, errno = unix.Syscall( - unix.SYS_IOCTL, - fd, - uintptr(unix.SIOCSIFNETMASK), - uintptr(unsafe.Pointer(&ifr[0]))) - if errno != 0 { - return errno - } - - // interface up - _, _, errno = syscall.Syscall(unix.SYS_IOCTL, fd, uintptr(unix.SIOCSIFFLAGS), uintptr(unsafe.Pointer(&ifr[0]))) - - var flags = uint16(unix.IFF_UP | unix.IFF_TUN | unix.IFF_MULTICAST | unix.IFF_RUNNING | unix.IFF_NOARP) - *(*uint16)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])) = flags - - _, _, errno = syscall.Syscall( - unix.SYS_IOCTL, - fd, - uintptr(unix.SIOCSIFFLAGS), - uintptr(unsafe.Pointer(&ifr[0]))) - if errno != 0 { - return errno - } - - return nil -} - -func (t *tunLinux) openDeviceByFd(fd int) (TunDevice, error) { - var ifr struct { - name [16]byte - flags uint16 - _ [22]byte - } - - fd, err := syscall.Dup(fd) - if err != nil { - return nil, err - } - - _, _, errno := syscall.Syscall(syscall.SYS_IOCTL, uintptr(fd), syscall.TUNGETIFF, uintptr(unsafe.Pointer(&ifr))) - if errno != 0 { - return nil, errno - } - - if ifr.flags&syscall.IFF_TUN == 0 || ifr.flags&syscall.IFF_NO_PI == 0 { - return nil, errors.New("only tun device and no pi mode supported") - } - - nullStr := ifr.name[:] - i := bytes.IndexByte(nullStr, 0) - if i != -1 { - nullStr = nullStr[:i] - } - t.name = string(nullStr) - t.tunFile = os.NewFile(uintptr(fd), "/dev/tun") - - return t, nil -} - -func (t *tunLinux) getInterfaceMtu() (uint32, error) { - fd, err := syscall.Socket(syscall.AF_UNIX, syscall.SOCK_DGRAM, 0) - if err != nil { - return 0, err - } - - defer syscall.Close(fd) - - var ifreq struct { - name [16]byte - mtu int32 - _ [20]byte - } - - copy(ifreq.name[:], t.name) - _, _, errno := syscall.Syscall(syscall.SYS_IOCTL, uintptr(fd), syscall.SIOCGIFMTU, uintptr(unsafe.Pointer(&ifreq))) - if errno != 0 { - return 0, errno - } - - return uint32(ifreq.mtu), nil -} - -func (t *tunLinux) getName() (string, error) { - sysconn, err := t.tunFile.SyscallConn() - if err != nil { - return "", err - } - var ifr [ifReqSize]byte - var errno syscall.Errno - err = sysconn.Control(func(fd uintptr) { - _, _, errno = unix.Syscall( - unix.SYS_IOCTL, - fd, - uintptr(unix.TUNGETIFF), - uintptr(unsafe.Pointer(&ifr[0])), - ) - }) - if err != nil { - return "", errors.New("failed to get name of TUN device: " + err.Error()) - } - if errno != 0 { - return "", errors.New("failed to get name of TUN device: " + errno.Error()) - } - nullStr := ifr[:] - i := bytes.IndexByte(nullStr, 0) - if i != -1 { - nullStr = nullStr[:i] - } - t.name = string(nullStr) - return t.name, nil -} - -// GetAutoDetectInterface get ethernet interface -func GetAutoDetectInterface() (string, error) { - cmd := exec.Command("bash", "-c", "ip route show | grep 'default via' | awk -F ' ' 'NR==1{print $5}' | xargs echo -n") - var out bytes.Buffer - cmd.Stdout = &out - err := cmd.Run() - if err != nil { - return "", err - } - return out.String(), nil -} - -func addRoute(gateway string) { - cmd := exec.Command("route", "add", "default", "gw", gateway) - var stderr bytes.Buffer - cmd.Stderr = &stderr - if err := cmd.Run(); err != nil { - log.Errorln("[auto route] Failed to add system route: %s: %s , cmd: %s", err.Error(), stderr.String(), cmd.String()) - } -} - -func delRoute(gateway string) { - cmd := exec.Command("ip", "route", "delete", "gw") - var stderr bytes.Buffer - cmd.Stderr = &stderr - if err := cmd.Run(); err != nil { - log.Errorln("[auto route] Failed to delete system route: %s: %s , cmd: %s", err.Error(), stderr.String(), cmd.String()) - } -} diff --git a/listener/tun/dev/dev_unsupport.go b/listener/tun/dev/dev_unsupport.go deleted file mode 100644 index 00fd242b..00000000 --- a/listener/tun/dev/dev_unsupport.go +++ /dev/null @@ -1,18 +0,0 @@ -//go:build !linux && !android && !darwin && !windows -// +build !linux,!android,!darwin,!windows - -package dev - -import ( - "errors" - "runtime" -) - -func OpenTunDevice(tunAddress string, autoRute bool) (TunDevice, error) { - return nil, errors.New("Unsupported platform " + runtime.GOOS + "/" + runtime.GOARCH) -} - -// GetAutoDetectInterface get ethernet interface -func GetAutoDetectInterface() (string, error) { - return "", nil -} diff --git a/listener/tun/dev/dev_windows.go b/listener/tun/dev/dev_windows.go deleted file mode 100644 index f387c60c..00000000 --- a/listener/tun/dev/dev_windows.go +++ /dev/null @@ -1,163 +0,0 @@ -//go:build windows -// +build windows - -// Modified from: https://git.zx2c4.com/wireguard-go/tree/tun/tun_windows.go and https://git.zx2c4.com/wireguard-windows/tree/tunnel/addressconfig.go -// SPDX-License-Identifier: MIT - -package dev - -import ( - "errors" - "fmt" - "os" - "sync/atomic" - "time" - _ "unsafe" - - "github.com/Dreamacro/clash/listener/tun/dev/wintun" - "golang.org/x/sys/windows" -) - -const ( - rateMeasurementGranularity = uint64((time.Second / 2) / time.Nanosecond) - spinloopRateThreshold = 800000000 / 8 // 800mbps - spinloopDuration = uint64(time.Millisecond / 80 / time.Nanosecond) // ~1gbit/s -) - -type rateJuggler struct { - current uint64 - nextByteCount uint64 - nextStartTime int64 - changing int32 -} - -var WintunTunnelType = "Meta" -var WintunStaticRequestedGUID *windows.GUID - -//go:linkname procyield runtime.procyield -func procyield(cycles uint32) - -//go:linkname nanotime runtime.nanotime -func nanotime() int64 - -func (tun *tunWindows) Close() error { - var err error - tun.closeOnce.Do(func() { - atomic.StoreInt32(&tun.close, 1) - windows.SetEvent(tun.readWait) - //tun.running.Wait() - tun.session.End() - if tun.wt != nil { - err = tun.wt.Close() - } - }) - return err -} - -func (tun *tunWindows) MTU() (int, error) { - return tun.forcedMTU, nil -} - -// TODO: This is a temporary hack. We really need to be monitoring the interface in real time and adapting to MTU changes. -func (tun *tunWindows) ForceMTU(mtu int) { - tun.forcedMTU = mtu -} - -// Note: Read() and Write() assume the caller comes only from a single thread; there's no locking. - -func (tun *tunWindows) Read0(buff []byte, offset int) (int, error) { - tun.running.Add(1) - - defer tun.running.Done() -retry: - if atomic.LoadInt32(&tun.close) == 1 { - return 0, os.ErrClosed - } - start := nanotime() - shouldSpin := atomic.LoadUint64(&tun.rate.current) >= spinloopRateThreshold && uint64(start-atomic.LoadInt64(&tun.rate.nextStartTime)) <= rateMeasurementGranularity*2 - for { - if atomic.LoadInt32(&tun.close) == 1 { - return 0, os.ErrClosed - } - packet, err := tun.session.ReceivePacket() - switch err { - case nil: - packetSize := len(packet) - copy(buff[offset:], packet) - tun.session.ReleaseReceivePacket(packet) - tun.rate.update(uint64(packetSize)) - return packetSize, nil - case windows.ERROR_NO_MORE_ITEMS: - if !shouldSpin || uint64(nanotime()-start) >= spinloopDuration { - windows.WaitForSingleObject(tun.readWait, windows.INFINITE) - goto retry - } - procyield(1) - continue - case windows.ERROR_HANDLE_EOF: - return 0, os.ErrClosed - case windows.ERROR_INVALID_DATA: - return 0, errors.New("Send ring corrupt") - } - return 0, fmt.Errorf("Read failed: %w", err) - } -} - -func (tun *tunWindows) Flush() error { - return nil -} - -func (tun *tunWindows) Write0(buff []byte, offset int) (int, error) { - tun.running.Add(1) - defer tun.running.Done() - if atomic.LoadInt32(&tun.close) == 1 { - return 0, os.ErrClosed - } - - packetSize := len(buff) - offset - tun.rate.update(uint64(packetSize)) - - packet, err := tun.session.AllocateSendPacket(packetSize) - if err == nil { - copy(packet, buff[offset:]) - tun.session.SendPacket(packet) - return packetSize, nil - } - switch err { - case windows.ERROR_HANDLE_EOF: - return 0, os.ErrClosed - case windows.ERROR_BUFFER_OVERFLOW: - return 0, nil // Dropping when ring is full. - } - return 0, fmt.Errorf("Write failed: %w", err) -} - -// LUID returns Windows interface instance ID. -func (tun *tunWindows) LUID() uint64 { - tun.running.Add(1) - defer tun.running.Done() - if atomic.LoadInt32(&tun.close) == 1 { - return 0 - } - return tun.wt.LUID() -} - -// RunningVersion returns the running version of the Wintun driver. -func (tun *tunWindows) RunningVersion() (version uint32, err error) { - return wintun.RunningVersion() -} - -func (rate *rateJuggler) update(packetLen uint64) { - now := nanotime() - total := atomic.AddUint64(&rate.nextByteCount, packetLen) - period := uint64(now - atomic.LoadInt64(&rate.nextStartTime)) - if period >= rateMeasurementGranularity { - if !atomic.CompareAndSwapInt32(&rate.changing, 0, 1) { - return - } - atomic.StoreInt64(&rate.nextStartTime, now) - atomic.StoreUint64(&rate.current, total*uint64(time.Second/time.Nanosecond)/period) - atomic.StoreUint64(&rate.nextByteCount, 0) - atomic.StoreInt32(&rate.changing, 0) - } -} diff --git a/listener/tun/dev/wintun/config.go b/listener/tun/dev/wintun/config.go deleted file mode 100644 index a0eceeb1..00000000 --- a/listener/tun/dev/wintun/config.go +++ /dev/null @@ -1,57 +0,0 @@ -//go:build windows -// +build windows - -package wintun - -import ( - "fmt" - "net" - "strconv" - "strings" -) - -type IPCidr struct { - IP net.IP - Cidr uint8 -} - -func (r *IPCidr) String() string { - return fmt.Sprintf("%s/%d", r.IP.String(), r.Cidr) -} - -func (r *IPCidr) Bits() uint8 { - if r.IP.To4() != nil { - return 32 - } - return 128 -} - -func (r *IPCidr) IPNet() net.IPNet { - return net.IPNet{ - IP: r.IP, - Mask: net.CIDRMask(int(r.Cidr), int(r.Bits())), - } -} - -func (r *IPCidr) MaskSelf() { - bits := int(r.Bits()) - mask := net.CIDRMask(int(r.Cidr), bits) - for i := 0; i < bits/8; i++ { - r.IP[i] &= mask[i] - } -} - -func ParseIPCidr(ipcidr string) *IPCidr { - s := strings.Split(ipcidr, "/") - if len(s) != 2 { - return nil - } - cidr, err := strconv.Atoi(s[1]) - if err != nil { - return nil - } - return &IPCidr{ - IP: net.ParseIP(s[0]), - Cidr: uint8(cidr), - } -} diff --git a/listener/tun/dev/wintun/dll_windows.go b/listener/tun/dev/wintun/dll_windows.go deleted file mode 100644 index 70d979ac..00000000 --- a/listener/tun/dev/wintun/dll_windows.go +++ /dev/null @@ -1,94 +0,0 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved. - */ - -package wintun - -import ( - "fmt" - "github.com/Dreamacro/clash/listener/tun/dev/wintun/embed_dll" - "golang.zx2c4.com/wireguard/windows/driver/memmod" - "sync" - "sync/atomic" - "unsafe" -) - -func newLazyDLL(name string, onLoad func(d *lazyDLL)) *lazyDLL { - return &lazyDLL{Name: name, onLoad: onLoad} -} - -func (d *lazyDLL) NewProc(name string) *lazyProc { - return &lazyProc{dll: d, Name: name} -} - -type lazyProc struct { - Name string - mu sync.Mutex - dll *lazyDLL - addr uintptr -} - -func (p *lazyProc) Find() error { - if atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(&p.addr))) != nil { - return nil - } - p.mu.Lock() - defer p.mu.Unlock() - if p.addr != 0 { - return nil - } - - err := p.dll.Load() - if err != nil { - return fmt.Errorf("Error loading %v DLL: %w", p.dll.Name, err) - } - addr, err := p.nameToAddr() - if err != nil { - return fmt.Errorf("Error getting %v address: %w", p.Name, err) - } - - atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(&p.addr)), unsafe.Pointer(addr)) - return nil -} - -func (p *lazyProc) Addr() uintptr { - err := p.Find() - if err != nil { - panic(err) - } - return p.addr -} - -type lazyDLL struct { - Name string - mu sync.Mutex - module *memmod.Module - onLoad func(d *lazyDLL) -} - -func (d *lazyDLL) Load() error { - if atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(&d.module))) != nil { - return nil - } - d.mu.Lock() - defer d.mu.Unlock() - if d.module != nil { - return nil - } - - module, err := memmod.LoadLibrary(embed_dll.DDlContent) - if err != nil { - return fmt.Errorf("Unable to load library: %w", err) - } - - atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(&d.module)), unsafe.Pointer(module)) - if d.onLoad != nil { - d.onLoad(d) - } - return nil -} - -func (p *lazyProc) nameToAddr() (uintptr, error) { - return p.dll.module.ProcAddressByName(p.Name) -} diff --git a/listener/tun/dev/wintun/package_info.go b/listener/tun/dev/wintun/package_info.go deleted file mode 100644 index 22e9bd05..00000000 --- a/listener/tun/dev/wintun/package_info.go +++ /dev/null @@ -1,11 +0,0 @@ -//go:build windows -// +build windows - -// Modified from: https://git.zx2c4.com/wireguard-go/tree/tun/wintun - -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2019-2021 WireGuard LLC. All Rights Reserved. - */ - -package wintun diff --git a/listener/tun/dev/wintun/session_windows.go b/listener/tun/dev/wintun/session_windows.go deleted file mode 100644 index f023baf7..00000000 --- a/listener/tun/dev/wintun/session_windows.go +++ /dev/null @@ -1,90 +0,0 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved. - */ - -package wintun - -import ( - "syscall" - "unsafe" - - "golang.org/x/sys/windows" -) - -type Session struct { - handle uintptr -} - -const ( - PacketSizeMax = 0xffff // Maximum packet size - RingCapacityMin = 0x20000 // Minimum ring capacity (128 kiB) - RingCapacityMax = 0x4000000 // Maximum ring capacity (64 MiB) -) - -// Packet with data -type Packet struct { - Next *Packet // Pointer to next packet in queue - Size uint32 // Size of packet (max WINTUN_MAX_IP_PACKET_SIZE) - Data *[PacketSizeMax]byte // Pointer to layer 3 IPv4 or IPv6 packet -} - -var ( - procWintunAllocateSendPacket = modwintun.NewProc("WintunAllocateSendPacket") - procWintunEndSession = modwintun.NewProc("WintunEndSession") - procWintunGetReadWaitEvent = modwintun.NewProc("WintunGetReadWaitEvent") - procWintunReceivePacket = modwintun.NewProc("WintunReceivePacket") - procWintunReleaseReceivePacket = modwintun.NewProc("WintunReleaseReceivePacket") - procWintunSendPacket = modwintun.NewProc("WintunSendPacket") - procWintunStartSession = modwintun.NewProc("WintunStartSession") -) - -func (wintun *Adapter) StartSession(capacity uint32) (session Session, err error) { - r0, _, e1 := syscall.Syscall(procWintunStartSession.Addr(), 2, uintptr(wintun.handle), uintptr(capacity), 0) - if r0 == 0 { - err = e1 - } else { - session = Session{r0} - } - return -} - -func (session Session) End() { - syscall.Syscall(procWintunEndSession.Addr(), 1, session.handle, 0, 0) - session.handle = 0 -} - -func (session Session) ReadWaitEvent() (handle windows.Handle) { - r0, _, _ := syscall.Syscall(procWintunGetReadWaitEvent.Addr(), 1, session.handle, 0, 0) - handle = windows.Handle(r0) - return -} - -func (session Session) ReceivePacket() (packet []byte, err error) { - var packetSize uint32 - r0, _, e1 := syscall.Syscall(procWintunReceivePacket.Addr(), 2, session.handle, uintptr(unsafe.Pointer(&packetSize)), 0) - if r0 == 0 { - err = e1 - return - } - packet = unsafe.Slice((*byte)(unsafe.Pointer(r0)), packetSize) - return -} - -func (session Session) ReleaseReceivePacket(packet []byte) { - syscall.Syscall(procWintunReleaseReceivePacket.Addr(), 2, session.handle, uintptr(unsafe.Pointer(&packet[0])), 0) -} - -func (session Session) AllocateSendPacket(packetSize int) (packet []byte, err error) { - r0, _, e1 := syscall.Syscall(procWintunAllocateSendPacket.Addr(), 2, session.handle, uintptr(packetSize), 0) - if r0 == 0 { - err = e1 - return - } - packet = unsafe.Slice((*byte)(unsafe.Pointer(r0)), packetSize) - return -} - -func (session Session) SendPacket(packet []byte) { - syscall.Syscall(procWintunSendPacket.Addr(), 2, session.handle, uintptr(unsafe.Pointer(&packet[0])), 0) -} diff --git a/listener/tun/dev/wintun/wintun_windows.go b/listener/tun/dev/wintun/wintun_windows.go deleted file mode 100644 index 54bd2f09..00000000 --- a/listener/tun/dev/wintun/wintun_windows.go +++ /dev/null @@ -1,153 +0,0 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved. - */ - -package wintun - -import ( - "runtime" - "syscall" - "unsafe" - - "github.com/Dreamacro/clash/log" - "golang.org/x/sys/windows" -) - -type loggerLevel int - -const ( - logInfo loggerLevel = iota - logWarn - logErr -) - -const AdapterNameMax = 128 - -type Adapter struct { - handle uintptr -} - -var ( - modwintun = newLazyDLL("wintun.dll", setupLogger) - procWintunCreateAdapter = modwintun.NewProc("WintunCreateAdapter") - procWintunOpenAdapter = modwintun.NewProc("WintunOpenAdapter") - procWintunCloseAdapter = modwintun.NewProc("WintunCloseAdapter") - procWintunDeleteDriver = modwintun.NewProc("WintunDeleteDriver") - procWintunGetAdapterLUID = modwintun.NewProc("WintunGetAdapterLUID") - procWintunGetRunningDriverVersion = modwintun.NewProc("WintunGetRunningDriverVersion") -) - -func logMessage(level loggerLevel, _ uint64, msg *uint16) int { - var lv log.LogLevel - switch level { - case logInfo: - lv = log.INFO - case logWarn: - lv = log.WARNING - case logErr: - lv = log.ERROR - default: - lv = log.INFO - } - log.PrintLog(lv, "[Wintun] %s", windows.UTF16PtrToString(msg)) - return 0 -} - -func setupLogger(dll *lazyDLL) { - var callback uintptr - if runtime.GOARCH == "386" { - callback = windows.NewCallback(func(level loggerLevel, timestampLow, timestampHigh uint32, msg *uint16) int { - return logMessage(level, uint64(timestampHigh)<<32|uint64(timestampLow), msg) - }) - } else if runtime.GOARCH == "arm" { - callback = windows.NewCallback(func(level loggerLevel, _, timestampLow, timestampHigh uint32, msg *uint16) int { - return logMessage(level, uint64(timestampHigh)<<32|uint64(timestampLow), msg) - }) - } else if runtime.GOARCH == "amd64" || runtime.GOARCH == "arm64" { - callback = windows.NewCallback(logMessage) - } - syscall.Syscall(dll.NewProc("WintunSetLogger").Addr(), 1, callback, 0, 0) -} - -func closeAdapter(wintun *Adapter) { - syscall.Syscall(procWintunCloseAdapter.Addr(), 1, wintun.handle, 0, 0) -} - -// CreateAdapter creates a Wintun adapter. name is the cosmetic name of the adapter. -// tunnelType represents the type of adapter and should be "Wintun". requestedGUID is -// the GUID of the created network adapter, which then influences NLA generation -// deterministically. If it is set to nil, the GUID is chosen by the system at random, -// and hence a new NLA entry is created for each new adapter. -func CreateAdapter(name string, tunnelType string, requestedGUID *windows.GUID) (wintun *Adapter, err error) { - var name16 *uint16 - name16, err = windows.UTF16PtrFromString(name) - if err != nil { - return - } - var tunnelType16 *uint16 - tunnelType16, err = windows.UTF16PtrFromString(tunnelType) - if err != nil { - return - } - r0, _, e1 := syscall.Syscall(procWintunCreateAdapter.Addr(), 3, uintptr(unsafe.Pointer(name16)), uintptr(unsafe.Pointer(tunnelType16)), uintptr(unsafe.Pointer(requestedGUID))) - if r0 == 0 { - err = e1 - return - } - wintun = &Adapter{handle: r0} - runtime.SetFinalizer(wintun, closeAdapter) - return -} - -// OpenAdapter opens an existing Wintun adapter by name. -func OpenAdapter(name string) (wintun *Adapter, err error) { - var name16 *uint16 - name16, err = windows.UTF16PtrFromString(name) - if err != nil { - return - } - r0, _, e1 := syscall.Syscall(procWintunOpenAdapter.Addr(), 1, uintptr(unsafe.Pointer(name16)), 0, 0) - if r0 == 0 { - err = e1 - return - } - wintun = &Adapter{handle: r0} - runtime.SetFinalizer(wintun, closeAdapter) - return -} - -// Close closes a Wintun adapter. -func (wintun *Adapter) Close() (err error) { - runtime.SetFinalizer(wintun, nil) - r1, _, e1 := syscall.Syscall(procWintunCloseAdapter.Addr(), 1, wintun.handle, 0, 0) - if r1 == 0 { - err = e1 - } - return -} - -// Uninstall removes the driver from the system if no drivers are currently in use. -func Uninstall() (err error) { - r1, _, e1 := syscall.Syscall(procWintunDeleteDriver.Addr(), 0, 0, 0, 0) - if r1 == 0 { - err = e1 - } - return -} - -// RunningVersion returns the version of the loaded driver. -func RunningVersion() (version uint32, err error) { - r0, _, e1 := syscall.Syscall(procWintunGetRunningDriverVersion.Addr(), 0, 0, 0, 0) - version = uint32(r0) - if version == 0 { - err = e1 - } - return -} - -// LUID returns the LUID of the adapter. -func (wintun *Adapter) LUID() (luid uint64) { - syscall.Syscall(procWintunGetAdapterLUID.Addr(), 2, uintptr(wintun.handle), uintptr(unsafe.Pointer(&luid)), 0) - return -} diff --git a/listener/tun/device/device.go b/listener/tun/device/device.go new file mode 100644 index 00000000..70115cbd --- /dev/null +++ b/listener/tun/device/device.go @@ -0,0 +1,32 @@ +package device + +import ( + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +// Device is the interface that implemented by network layer devices (e.g. tun), +// and easy to use as stack.LinkEndpoint. +type Device interface { + stack.LinkEndpoint + + // Name returns the current name of the device. + Name() string + + // Type returns the driver type of the device. + Type() string + + // Read packets from tun device + Read(packet []byte) (int, error) + + // Write packets to tun device + Write(packet []byte) (int, error) + + // Close stops and closes the device. + Close() error + + // UseEndpoint work for gVisor stack + UseEndpoint() error + + // UseIOBased work for other ip stack + UseIOBased() error +} diff --git a/listener/tun/device/fdbased/fd.go b/listener/tun/device/fdbased/fd.go new file mode 100644 index 00000000..20ae3489 --- /dev/null +++ b/listener/tun/device/fdbased/fd.go @@ -0,0 +1,5 @@ +package fdbased + +const Driver = "fd" + +const defaultMTU = 1500 diff --git a/listener/tun/device/fdbased/fd_unix.go b/listener/tun/device/fdbased/fd_unix.go new file mode 100644 index 00000000..23474a5a --- /dev/null +++ b/listener/tun/device/fdbased/fd_unix.go @@ -0,0 +1,60 @@ +//go:build !windows + +package fdbased + +import ( + "fmt" + "os" + "strconv" + + "github.com/Dreamacro/clash/listener/tun/device" + + "golang.org/x/sys/unix" + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +type FD struct { + stack.LinkEndpoint + + fd int + mtu uint32 + + file *os.File +} + +func Open(name string, mtu uint32) (device.Device, error) { + fd, err := strconv.Atoi(name) + if err != nil { + return nil, fmt.Errorf("cannot open fd: %s", name) + } + if mtu == 0 { + mtu = defaultMTU + } + return open(fd, mtu) +} + +func (f *FD) Type() string { + return Driver +} + +func (f *FD) Name() string { + return strconv.Itoa(f.fd) +} + +func (f *FD) Close() error { + err := unix.Close(f.fd) + if f.file != nil { + _ = f.file.Close() + } + return err +} + +func (f *FD) UseEndpoint() error { + return f.useEndpoint() +} + +func (f *FD) UseIOBased() error { + return f.useIOBased() +} + +var _ device.Device = (*FD)(nil) diff --git a/listener/tun/device/fdbased/fd_windows.go b/listener/tun/device/fdbased/fd_windows.go new file mode 100644 index 00000000..a04f3356 --- /dev/null +++ b/listener/tun/device/fdbased/fd_windows.go @@ -0,0 +1,11 @@ +package fdbased + +import ( + "errors" + + "github.com/Dreamacro/clash/listener/tun/device" +) + +func Open(name string, mtu uint32) (device.Device, error) { + return nil, errors.New("not supported") +} diff --git a/listener/tun/device/fdbased/open_linux.go b/listener/tun/device/fdbased/open_linux.go new file mode 100644 index 00000000..c19b1491 --- /dev/null +++ b/listener/tun/device/fdbased/open_linux.go @@ -0,0 +1,56 @@ +package fdbased + +import ( + "fmt" + + "github.com/Dreamacro/clash/listener/tun/device" + + "gvisor.dev/gvisor/pkg/tcpip/link/fdbased" + "gvisor.dev/gvisor/pkg/tcpip/link/rawfile" +) + +func open(fd int, mtu uint32) (device.Device, error) { + f := &FD{fd: fd, mtu: mtu} + + return f, nil +} + +func (f *FD) useEndpoint() error { + ep, err := fdbased.New(&fdbased.Options{ + FDs: []int{f.fd}, + MTU: f.mtu, + // TUN only, ignore ethernet header. + EthernetHeader: false, + }) + if err != nil { + return fmt.Errorf("create endpoint: %w", err) + } + f.LinkEndpoint = ep + return nil +} + +func (f *FD) useIOBased() error { + return nil +} + +func (f *FD) Read(packet []byte) (int, error) { + n, gvErr := rawfile.BlockingRead(f.fd, packet) + if gvErr != nil { + return 0, fmt.Errorf("read error: %s", gvErr.String()) + } + + return n, nil +} + +func (f *FD) Write(packet []byte) (int, error) { + n := len(packet) + if n == 0 { + return 0, nil + } + + gvErr := rawfile.NonBlockingWrite(f.fd, packet) + if gvErr != nil { + return 0, fmt.Errorf("write error: %s", gvErr.String()) + } + return n, nil +} diff --git a/listener/tun/device/fdbased/open_others.go b/listener/tun/device/fdbased/open_others.go new file mode 100644 index 00000000..57ad2c1a --- /dev/null +++ b/listener/tun/device/fdbased/open_others.go @@ -0,0 +1,42 @@ +//go:build !linux && !windows + +package fdbased + +import ( + "fmt" + "os" + + "github.com/Dreamacro/clash/listener/tun/device" + "github.com/Dreamacro/clash/listener/tun/device/iobased" +) + +func open(fd int, mtu uint32) (device.Device, error) { + f := &FD{fd: fd, mtu: mtu} + + return f, nil +} + +func (f *FD) useEndpoint() error { + ep, err := iobased.New(os.NewFile(uintptr(f.fd), f.Name()), f.mtu, 0) + if err != nil { + return fmt.Errorf("create endpoint: %w", err) + } + f.LinkEndpoint = ep + return nil +} + +func (f *FD) useIOBased() error { + f.file = os.NewFile(uintptr(f.fd), f.Name()) + if f.file == nil { + return fmt.Errorf("create IOBased failed, can not open file: %s", f.Name()) + } + return nil +} + +func (f *FD) Read(packet []byte) (int, error) { + return f.file.Read(packet) +} + +func (f *FD) Write(packet []byte) (int, error) { + return f.file.Write(packet) +} diff --git a/listener/tun/device/iobased/endpoint.go b/listener/tun/device/iobased/endpoint.go new file mode 100644 index 00000000..a187491e --- /dev/null +++ b/listener/tun/device/iobased/endpoint.go @@ -0,0 +1,134 @@ +// Package iobased provides the implementation of io.ReadWriter +// based data-link layer endpoints. +package iobased + +import ( + "context" + "errors" + "io" + "sync" + + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/buffer" + "gvisor.dev/gvisor/pkg/tcpip/header" + "gvisor.dev/gvisor/pkg/tcpip/link/channel" + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +const ( + // Queue length for outbound packet, arriving for read. Overflow + // causes packet drops. + defaultOutQueueLen = 1 << 10 +) + +// Endpoint implements the interface of stack.LinkEndpoint from io.ReadWriter. +type Endpoint struct { + *channel.Endpoint + + // rw is the io.ReadWriter for reading and writing packets. + rw io.ReadWriter + + // mtu (maximum transmission unit) is the maximum size of a packet. + mtu uint32 + + // offset can be useful when perform TUN device I/O with TUN_PI enabled. + offset int + + // once is used to perform the init action once when attaching. + once sync.Once +} + +// New returns stack.LinkEndpoint(.*Endpoint) and error. +func New(rw io.ReadWriter, mtu uint32, offset int) (*Endpoint, error) { + if mtu == 0 { + return nil, errors.New("MTU size is zero") + } + + if rw == nil { + return nil, errors.New("RW interface is nil") + } + + if offset < 0 { + return nil, errors.New("offset must be non-negative") + } + + return &Endpoint{ + Endpoint: channel.New(defaultOutQueueLen, mtu, ""), + rw: rw, + mtu: mtu, + offset: offset, + }, nil +} + +func (e *Endpoint) Close() { + e.Endpoint.Close() +} + +// Attach launches the goroutine that reads packets from io.Reader and +// dispatches them via the provided dispatcher. +func (e *Endpoint) Attach(dispatcher stack.NetworkDispatcher) { + e.once.Do(func() { + ctx, cancel := context.WithCancel(context.Background()) + go e.dispatchLoop(cancel) + go e.outboundLoop(ctx) + }) + e.Endpoint.Attach(dispatcher) +} + +// dispatchLoop dispatches packets to upper layer. +func (e *Endpoint) dispatchLoop(cancel context.CancelFunc) { + // Call cancel() to ensure (*Endpoint).outboundLoop(context.Context) exits + // gracefully after (*Endpoint).dispatchLoop(context.CancelFunc) returns. + defer cancel() + + for { + data := make([]byte, int(e.mtu)) + + n, err := e.rw.Read(data) + if err != nil { + break + } + + if !e.IsAttached() { + continue /* unattached, drop packet */ + } + + pkt := stack.NewPacketBuffer(stack.PacketBufferOptions{ + Data: buffer.View(data[:n]).ToVectorisedView(), + }) + + switch header.IPVersion(data) { + case header.IPv4Version: + e.InjectInbound(header.IPv4ProtocolNumber, pkt) + case header.IPv6Version: + e.InjectInbound(header.IPv6ProtocolNumber, pkt) + } + pkt.DecRef() /* release */ + } +} + +// outboundLoop reads outbound packets from channel, and then it calls +// writePacket to send those packets back to lower layer. +func (e *Endpoint) outboundLoop(ctx context.Context) { + for { + pkt := e.ReadContext(ctx) + if pkt == nil { + break + } + e.writePacket(pkt) + } +} + +// writePacket writes outbound packets to the io.Writer. +func (e *Endpoint) writePacket(pkt *stack.PacketBuffer) tcpip.Error { + defer pkt.DecRef() + + size := pkt.Size() + views := pkt.Views() + + vView := buffer.NewVectorisedView(size, views) + if _, err := e.rw.Write(vView.ToView()); err != nil { + return &tcpip.ErrInvalidEndpointState{} + } + return nil +} diff --git a/listener/tun/device/tun/tun.go b/listener/tun/device/tun/tun.go new file mode 100644 index 00000000..bf04f289 --- /dev/null +++ b/listener/tun/device/tun/tun.go @@ -0,0 +1,14 @@ +// Package tun provides TUN which implemented device.Device interface. +package tun + +import ( + "github.com/Dreamacro/clash/listener/tun/device" +) + +const Driver = "tun" + +func (t *TUN) Type() string { + return Driver +} + +var _ device.Device = (*TUN)(nil) diff --git a/listener/tun/device/tun/tun_netstack.go b/listener/tun/device/tun/tun_netstack.go new file mode 100644 index 00000000..89dab248 --- /dev/null +++ b/listener/tun/device/tun/tun_netstack.go @@ -0,0 +1,145 @@ +//go:build linux + +package tun + +import ( + "fmt" + "unsafe" + + "github.com/Dreamacro/clash/listener/tun/device" + + "golang.org/x/sys/unix" + "gvisor.dev/gvisor/pkg/tcpip/link/fdbased" + "gvisor.dev/gvisor/pkg/tcpip/link/rawfile" + "gvisor.dev/gvisor/pkg/tcpip/link/tun" + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +type TUN struct { + stack.LinkEndpoint + + fd int + mtu uint32 + name string +} + +func Open(name string, mtu uint32) (device.Device, error) { + t := &TUN{name: name, mtu: mtu} + + if len(t.name) >= unix.IFNAMSIZ { + return nil, fmt.Errorf("interface name too long: %s", t.name) + } + + fd, err := tun.Open(t.name) + if err != nil { + return nil, fmt.Errorf("create tun: %w", err) + } + t.fd = fd + + if t.mtu > 0 { + if err := setMTU(t.name, t.mtu); err != nil { + return nil, fmt.Errorf("set mtu: %w", err) + } + } + + _mtu, err := rawfile.GetMTU(t.name) + if err != nil { + return nil, fmt.Errorf("get mtu: %w", err) + } + t.mtu = _mtu + + return t, nil +} + +func (t *TUN) Name() string { + return t.name +} + +func (t *TUN) Read(packet []byte) (int, error) { + n, gvErr := rawfile.BlockingRead(t.fd, packet) + if gvErr != nil { + return 0, fmt.Errorf("read error: %s", gvErr.String()) + } + + return n, nil +} + +func (t *TUN) Write(packet []byte) (int, error) { + n := len(packet) + if n == 0 { + return 0, nil + } + + gvErr := rawfile.NonBlockingWrite(t.fd, packet) + if gvErr != nil { + return 0, fmt.Errorf("write error: %s", gvErr.String()) + } + return n, nil +} + +func (t *TUN) Close() error { + return unix.Close(t.fd) +} + +func (t *TUN) UseEndpoint() error { + ep, err := fdbased.New(&fdbased.Options{ + FDs: []int{t.fd}, + MTU: t.mtu, + // TUN only, ignore ethernet header. + EthernetHeader: false, + // SYS_READV support only for TUN fd. + PacketDispatchMode: fdbased.Readv, + // TAP/TUN fd's are not sockets and using the WritePackets calls results + // in errors as it always defaults to using SendMMsg which is not supported + // for tap/tun device fds. + // + // This CL changes WritePackets to gracefully degrade to using writev instead + // of sendmmsg if the underlying fd is not a socket. + // + // Fixed: https://github.com/google/gvisor/commit/f33d034fecd7723a1e560ccc62aeeba328454fd0 + MaxSyscallHeaderBytes: 0x00, + }) + if err != nil { + return fmt.Errorf("create endpoint: %w", err) + } + t.LinkEndpoint = ep + return nil +} + +func (t *TUN) UseIOBased() error { + return nil +} + +// Ref: wireguard tun/tun_linux.go setMTU. +func setMTU(name string, n uint32) error { + // open datagram socket + fd, err := unix.Socket( + unix.AF_INET, + unix.SOCK_DGRAM, + 0, + ) + if err != nil { + return err + } + + defer unix.Close(fd) + + const ifReqSize = unix.IFNAMSIZ + 64 + + // do ioctl call + var ifr [ifReqSize]byte + copy(ifr[:], name) + *(*uint32)(unsafe.Pointer(&ifr[unix.IFNAMSIZ])) = n + _, _, errno := unix.Syscall( + unix.SYS_IOCTL, + uintptr(fd), + uintptr(unix.SIOCSIFMTU), + uintptr(unsafe.Pointer(&ifr[0])), + ) + + if errno != 0 { + return fmt.Errorf("failed to set MTU: %w", errno) + } + + return nil +} diff --git a/listener/tun/device/tun/tun_windows.go b/listener/tun/device/tun/tun_windows.go new file mode 100644 index 00000000..3f6eb444 --- /dev/null +++ b/listener/tun/device/tun/tun_windows.go @@ -0,0 +1,17 @@ +package tun + +import ( + "golang.org/x/sys/windows" + "golang.zx2c4.com/wireguard/tun" +) + +func init() { + guid, _ := windows.GUIDFromString("{330EAEF8-7578-5DF2-D97B-8DADC0EA85CB}") + + tun.WintunTunnelType = "Clash" + tun.WintunStaticRequestedGUID = &guid +} + +func (t *TUN) LUID() uint64 { + return t.nt.LUID() +} diff --git a/listener/tun/device/tun/tun_wireguard.go b/listener/tun/device/tun/tun_wireguard.go new file mode 100644 index 00000000..1e1d5527 --- /dev/null +++ b/listener/tun/device/tun/tun_wireguard.go @@ -0,0 +1,117 @@ +//go:build !linux + +package tun + +import ( + "fmt" + "runtime" + + "github.com/Dreamacro/clash/common/pool" + "github.com/Dreamacro/clash/listener/tun/device" + "github.com/Dreamacro/clash/listener/tun/device/iobased" + + "golang.zx2c4.com/wireguard/tun" +) + +type TUN struct { + *iobased.Endpoint + + nt *tun.NativeTun + mtu uint32 + name string + offset int +} + +func Open(name string, mtu uint32) (_ device.Device, err error) { + defer func() { + if r := recover(); r != nil { + err = fmt.Errorf("open tun: %v", r) + } + }() + + var ( + offset = 4 /* 4 bytes TUN_PI */ + defaultMTU = 1500 + ) + if runtime.GOOS == "windows" { + offset = 0 + defaultMTU = 0 /* auto */ + } + + t := &TUN{ + name: name, + mtu: mtu, + offset: offset, + } + + forcedMTU := defaultMTU + if t.mtu > 0 { + forcedMTU = int(t.mtu) + } + + nt, err := tun.CreateTUN(t.name, forcedMTU) // forcedMTU do not work on wintun, need to be setting by other way + if err != nil { + return nil, fmt.Errorf("create tun: %w", err) + } + t.nt = nt.(*tun.NativeTun) + + tunMTU, err := nt.MTU() + if err != nil { + return nil, fmt.Errorf("get mtu: %w", err) + } + t.mtu = uint32(tunMTU) + + return t, nil +} + +func (t *TUN) Read(packet []byte) (int, error) { + if t.offset == 0 { + return t.nt.Read(packet, t.offset) + } + + buff := pool.Get(t.offset + cap(packet)) + defer pool.Put(buff) + + n, err := t.nt.Read(buff, t.offset) + if err != nil { + return 0, err + } + + _ = buff[:t.offset] + + copy(packet, buff[t.offset:t.offset+n]) + + return n, err +} + +func (t *TUN) Write(packet []byte) (int, error) { + if t.offset == 0 { + return t.nt.Write(packet, t.offset) + } + + packet = append(make([]byte, t.offset), packet...) + + return t.nt.Write(packet, t.offset) +} + +func (t *TUN) Close() error { + return t.nt.Close() +} + +func (t *TUN) Name() string { + name, _ := t.nt.Name() + return name +} + +func (t *TUN) UseEndpoint() error { + ep, err := iobased.New(t, t.mtu, t.offset) + if err != nil { + return fmt.Errorf("create endpoint: %w", err) + } + t.Endpoint = ep + return nil +} + +func (t *TUN) UseIOBased() error { + return nil +} diff --git a/listener/tun/ipstack/commons/dns.go b/listener/tun/ipstack/commons/dns.go index 4c4ca29b..46f47071 100644 --- a/listener/tun/ipstack/commons/dns.go +++ b/listener/tun/ipstack/commons/dns.go @@ -1,10 +1,24 @@ package commons import ( + "net/netip" + "time" + "github.com/Dreamacro/clash/component/resolver" D "github.com/miekg/dns" ) +const DefaultDnsReadTimeout = time.Second * 10 + +func ShouldHijackDns(dnsAdds []netip.AddrPort, targetAddr netip.AddrPort) bool { + for _, addrPort := range dnsAdds { + if addrPort == targetAddr || (addrPort.Addr().IsUnspecified() && targetAddr.Port() == 53) { + return true + } + } + return false +} + func RelayDnsPacket(payload []byte) ([]byte, error) { msg := &D.Msg{} if err := msg.Unpack(payload); err != nil { diff --git a/listener/tun/ipstack/commons/router.go b/listener/tun/ipstack/commons/router.go new file mode 100644 index 00000000..efcd540c --- /dev/null +++ b/listener/tun/ipstack/commons/router.go @@ -0,0 +1,17 @@ +package commons + +import ( + "fmt" + "net" +) + +var Routes = []string{"1.0.0.0/8", "2.0.0.0/7", "4.0.0.0/6", "8.0.0.0/5", "16.0.0.0/4", "32.0.0.0/3", "64.0.0.0/2", "128.0.0.0/1"} + +func IPv4MaskString(bits int) string { + m := net.CIDRMask(bits, 32) + if len(m) != 4 { + panic("ipv4Mask: len must be 4 bytes") + } + + return fmt.Sprintf("%d.%d.%d.%d", m[0], m[1], m[2], m[3]) +} diff --git a/listener/tun/ipstack/commons/router_darwin.go b/listener/tun/ipstack/commons/router_darwin.go new file mode 100644 index 00000000..97233144 --- /dev/null +++ b/listener/tun/ipstack/commons/router_darwin.go @@ -0,0 +1,61 @@ +package commons + +import ( + "fmt" + "net/netip" + + "github.com/Dreamacro/clash/common/cmd" + "github.com/Dreamacro/clash/listener/tun/device" +) + +func GetAutoDetectInterface() (string, error) { + return cmd.ExecCmd("bash -c netstat -rnf inet | grep 'default' | awk -F ' ' 'NR==1{print $6}' | xargs echo -n") +} + +func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error { + if !addr.Addr().Is4() { + return fmt.Errorf("supported ipv4 only") + } + + var ( + interfaceName = dev.Name() + ip = addr.Masked().Addr().Next() + gw = ip + netmask = IPv4MaskString(addr.Bits()) + ) + + cmdStr := fmt.Sprintf("ifconfig %s inet %s netmask %s %s", interfaceName, ip, netmask, gw) + + _, err := cmd.ExecCmd(cmdStr) + if err != nil { + return err + } + + // _, err = cmd.ExecCmd(fmt.Sprintf("ipconfig set %s automatic-v6", interfaceName)) + // if err != nil { + // return err + // } + + if autoRoute { + err = configInterfaceRouting(interfaceName, addr) + } + return err +} + +func configInterfaceRouting(interfaceName string, addr netip.Prefix) error { + routes := append(Routes, addr.String()) + + for _, route := range routes { + if err := execRouterCmd("add", "-inet", route, interfaceName); err != nil { + return err + } + } + + // return execRouterCmd("add", "-inet6", "2000::/3", interfaceName) + return nil +} + +func execRouterCmd(action, inet, route string, interfaceName string) error { + _, err := cmd.ExecCmd(fmt.Sprintf("route %s %s %s -interface %s", action, inet, route, interfaceName)) + return err +} diff --git a/listener/tun/ipstack/commons/router_linux.go b/listener/tun/ipstack/commons/router_linux.go new file mode 100644 index 00000000..e27cdcf6 --- /dev/null +++ b/listener/tun/ipstack/commons/router_linux.go @@ -0,0 +1,52 @@ +package commons + +import ( + "fmt" + "net/netip" + + "github.com/Dreamacro/clash/common/cmd" + "github.com/Dreamacro/clash/listener/tun/device" +) + +func GetAutoDetectInterface() (string, error) { + return cmd.ExecCmd("bash -c ip route show | grep 'default via' | awk -F ' ' 'NR==1{print $5}' | xargs echo -n") +} + +func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error { + var ( + interfaceName = dev.Name() + ip = addr.Masked().Addr().Next() + ) + + _, err := cmd.ExecCmd(fmt.Sprintf("ip addr add %s dev %s", ip.String(), interfaceName)) + if err != nil { + return err + } + + _, err = cmd.ExecCmd(fmt.Sprintf("ip link set %s up", interfaceName)) + if err != nil { + return err + } + + if autoRoute { + err = configInterfaceRouting(interfaceName, addr) + } + return err +} + +func configInterfaceRouting(interfaceName string, addr netip.Prefix) error { + linkIP := addr.Masked().Addr().Next() + for _, route := range Routes { + if err := execRouterCmd("add", route, interfaceName, linkIP.String()); err != nil { + return err + } + } + return nil +} + +func execRouterCmd(action, route string, interfaceName string, linkIP string) error { + cmdStr := fmt.Sprintf("ip route %s %s dev %s proto kernel scope link src %s", action, route, interfaceName, linkIP) + + _, err := cmd.ExecCmd(cmdStr) + return err +} diff --git a/listener/tun/ipstack/commons/router_others.go b/listener/tun/ipstack/commons/router_others.go new file mode 100644 index 00000000..6c8ea341 --- /dev/null +++ b/listener/tun/ipstack/commons/router_others.go @@ -0,0 +1,19 @@ +//go:build !darwin && !linux && !windows + +package commons + +import ( + "fmt" + "net/netip" + "runtime" + + "github.com/Dreamacro/clash/listener/tun/device" +) + +func GetAutoDetectInterface() (string, error) { + return "", fmt.Errorf("can not auto detect interface-name on this OS: %s, you must be detecting interface-name by manual", runtime.GOOS) +} + +func ConfigInterfaceAddress(device.Device, netip.Prefix, int, bool) error { + return fmt.Errorf("unsupported on this OS: %s", runtime.GOOS) +} diff --git a/listener/tun/ipstack/commons/router_windows.go b/listener/tun/ipstack/commons/router_windows.go new file mode 100644 index 00000000..05ac7fb1 --- /dev/null +++ b/listener/tun/ipstack/commons/router_windows.go @@ -0,0 +1,261 @@ +package commons + +import ( + "errors" + "fmt" + "net/netip" + "time" + + "github.com/Dreamacro/clash/listener/tun/device" + "github.com/Dreamacro/clash/listener/tun/device/tun" + "github.com/Dreamacro/clash/log" + + "golang.org/x/sys/windows" + "golang.zx2c4.com/wireguard/windows/services" + "golang.zx2c4.com/wireguard/windows/tunnel/winipcfg" +) + +func GetAutoDetectInterface() (string, error) { + ifname, err := getAutoDetectInterfaceByFamily(winipcfg.AddressFamily(windows.AF_INET)) + if err == nil { + return ifname, err + } + + return getAutoDetectInterfaceByFamily(winipcfg.AddressFamily(windows.AF_INET6)) +} + +func ConfigInterfaceAddress(dev device.Device, addr netip.Prefix, forceMTU int, autoRoute bool) error { + retryOnFailure := services.StartedAtBoot() + tryTimes := 0 + var err error +startOver: + if tryTimes > 0 { + log.Infoln("Retrying interface configuration after failure because system just booted (T+%v): %v", windows.DurationSinceBoot(), err) + time.Sleep(time.Second) + retryOnFailure = retryOnFailure && tryTimes < 15 + } + tryTimes++ + + var ( + luid = winipcfg.LUID(dev.(*tun.TUN).LUID()) + ip = addr.Masked().Addr().Next() + addresses = []netip.Prefix{netip.PrefixFrom(ip, addr.Bits())} + + family4 = winipcfg.AddressFamily(windows.AF_INET) + familyV6 = winipcfg.AddressFamily(windows.AF_INET6) + currentFamily = winipcfg.AddressFamily(windows.AF_INET6) + ) + + if addr.Addr().Is4() { + currentFamily = winipcfg.AddressFamily(windows.AF_INET) + } + + err = luid.FlushRoutes(windows.AF_INET6) + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return err + } + err = luid.FlushIPAddresses(windows.AF_INET6) + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return err + } + err = luid.FlushDNS(windows.AF_INET6) + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return err + } + err = luid.FlushDNS(windows.AF_INET) + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return err + } + + foundDefault4 := false + foundDefault6 := false + + if autoRoute { + var ( + allowedIPs []netip.Prefix + + // add default + routeArr = []string{"0.0.0.0/0"} + ) + + for _, route := range routeArr { + allowedIPs = append(allowedIPs, netip.MustParsePrefix(route)) + } + + estimatedRouteCount := len(allowedIPs) + routes := make(map[winipcfg.RouteData]bool, estimatedRouteCount) + + for _, allowedip := range allowedIPs { + route := winipcfg.RouteData{ + Destination: allowedip.Masked(), + Metric: 0, + } + if allowedip.Addr().Is4() { + if allowedip.Bits() == 0 { + foundDefault4 = true + } + route.NextHop = netip.IPv4Unspecified() + } else if allowedip.Addr().Is6() { + if allowedip.Bits() == 0 { + foundDefault6 = true + } + route.NextHop = netip.IPv6Unspecified() + } + routes[route] = true + } + + deduplicatedRoutes := make([]*winipcfg.RouteData, 0, len(routes)) + for route := range routes { + r := route + deduplicatedRoutes = append(deduplicatedRoutes, &r) + } + + // add gateway + deduplicatedRoutes = append(deduplicatedRoutes, &winipcfg.RouteData{ + Destination: addr.Masked(), + NextHop: addr.Masked().Addr().Next().Next(), + Metric: 0, + }) + + err = luid.SetRoutesForFamily(currentFamily, deduplicatedRoutes) + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return fmt.Errorf("unable to set routes: %w", err) + } + } + + err = luid.SetIPAddressesForFamily(currentFamily, addresses) + if err == windows.ERROR_OBJECT_ALREADY_EXISTS { + cleanupAddressesOnDisconnectedInterfaces(currentFamily, addresses) + err = luid.SetIPAddressesForFamily(currentFamily, addresses) + } + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return fmt.Errorf("unable to set ips: %w", err) + } + + var ipif *winipcfg.MibIPInterfaceRow + ipif, err = luid.IPInterface(family4) + if err != nil { + return err + } + ipif.ForwardingEnabled = true + ipif.RouterDiscoveryBehavior = winipcfg.RouterDiscoveryDisabled + ipif.DadTransmits = 0 + ipif.ManagedAddressConfigurationSupported = false + ipif.OtherStatefulConfigurationSupported = false + if forceMTU > 0 { + ipif.NLMTU = uint32(forceMTU) + } + if foundDefault4 { + ipif.UseAutomaticMetric = false + ipif.Metric = 0 + } + err = ipif.Set() + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return fmt.Errorf("unable to set metric and MTU: %w", err) + } + + var ipif6 *winipcfg.MibIPInterfaceRow + ipif6, err = luid.IPInterface(familyV6) + if err != nil { + return err + } + ipif6.RouterDiscoveryBehavior = winipcfg.RouterDiscoveryDisabled + ipif6.DadTransmits = 0 + ipif6.ManagedAddressConfigurationSupported = false + ipif6.OtherStatefulConfigurationSupported = false + if forceMTU > 0 { + ipif6.NLMTU = uint32(forceMTU) + } + if foundDefault6 { + ipif6.UseAutomaticMetric = false + ipif6.Metric = 0 + } + err = ipif6.Set() + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return fmt.Errorf("unable to set v6 metric and MTU: %w", err) + } + + dnsAdds := []netip.Addr{netip.MustParseAddr("198.18.0.2")} + err = luid.SetDNS(family4, dnsAdds, nil) + if err == windows.ERROR_NOT_FOUND && retryOnFailure { + goto startOver + } else if err != nil { + return fmt.Errorf("unable to set DNS %s %s: %w", "198.18.0.2", "nil", err) + } + + return nil +} + +func cleanupAddressesOnDisconnectedInterfaces(family winipcfg.AddressFamily, addresses []netip.Prefix) { + if len(addresses) == 0 { + return + } + addrHash := make(map[netip.Addr]bool, len(addresses)) + for i := range addresses { + addrHash[addresses[i].Addr()] = true + } + interfaces, err := winipcfg.GetAdaptersAddresses(family, winipcfg.GAAFlagDefault) + if err != nil { + return + } + for _, iface := range interfaces { + if iface.OperStatus == winipcfg.IfOperStatusUp { + continue + } + for address := iface.FirstUnicastAddress; address != nil; address = address.Next { + if ip, _ := netip.AddrFromSlice(address.Address.IP()); addrHash[ip] { + prefix := netip.PrefixFrom(ip, int(address.OnLinkPrefixLength)) + log.Infoln("Cleaning up stale address %s from interface ‘%s’", prefix.String(), iface.FriendlyName()) + _ = iface.LUID.DeleteIPAddress(prefix) + } + } + } +} + +func getAutoDetectInterfaceByFamily(family winipcfg.AddressFamily) (string, error) { + interfaces, err := winipcfg.GetAdaptersAddresses(family, winipcfg.GAAFlagIncludeGateways) + if err != nil { + return "", fmt.Errorf("get ethernet interface failure. %w", err) + } + + var destination netip.Prefix + if family == windows.AF_INET { + destination = netip.PrefixFrom(netip.IPv4Unspecified(), 0) + } else { + destination = netip.PrefixFrom(netip.IPv6Unspecified(), 0) + } + + for _, iface := range interfaces { + if iface.OperStatus != winipcfg.IfOperStatusUp { + continue + } + + ifname := iface.FriendlyName() + + for gatewayAddress := iface.FirstGatewayAddress; gatewayAddress != nil; gatewayAddress = gatewayAddress.Next { + nextHop, _ := netip.AddrFromSlice(gatewayAddress.Address.IP()) + + if _, err = iface.LUID.Route(destination, nextHop); err == nil { + return ifname, nil + } + } + } + + return "", errors.New("ethernet interface not found") +} diff --git a/listener/tun/ipstack/gvisor/adapter/adapter.go b/listener/tun/ipstack/gvisor/adapter/adapter.go new file mode 100644 index 00000000..9a5649ef --- /dev/null +++ b/listener/tun/ipstack/gvisor/adapter/adapter.go @@ -0,0 +1,24 @@ +package adapter + +import ( + "net" + + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +// TCPConn implements the net.Conn interface. +type TCPConn interface { + net.Conn + + // ID returns the transport endpoint id of TCPConn. + ID() *stack.TransportEndpointID +} + +// UDPConn implements net.Conn and net.PacketConn. +type UDPConn interface { + net.Conn + net.PacketConn + + // ID returns the transport endpoint id of UDPConn. + ID() *stack.TransportEndpointID +} diff --git a/listener/tun/ipstack/gvisor/adapter/handler.go b/listener/tun/ipstack/gvisor/adapter/handler.go new file mode 100644 index 00000000..2878b713 --- /dev/null +++ b/listener/tun/ipstack/gvisor/adapter/handler.go @@ -0,0 +1,8 @@ +package adapter + +// Handler is a TCP/UDP connection handler that implements +// HandleTCPConn and HandleUDPConn methods. +type Handler interface { + HandleTCPConn(TCPConn) + HandleUDPConn(UDPConn) +} diff --git a/listener/tun/ipstack/gvisor/handler.go b/listener/tun/ipstack/gvisor/handler.go new file mode 100644 index 00000000..76aab2f5 --- /dev/null +++ b/listener/tun/ipstack/gvisor/handler.go @@ -0,0 +1,134 @@ +package gvisor + +import ( + "encoding/binary" + "net" + "net/netip" + "time" + + "github.com/Dreamacro/clash/adapter/inbound" + "github.com/Dreamacro/clash/common/pool" + C "github.com/Dreamacro/clash/constant" + D "github.com/Dreamacro/clash/listener/tun/ipstack/commons" + "github.com/Dreamacro/clash/listener/tun/ipstack/gvisor/adapter" + "github.com/Dreamacro/clash/log" + "github.com/Dreamacro/clash/transport/socks5" +) + +var _ adapter.Handler = (*GVHandler)(nil) + +type GVHandler struct { + DNSAdds []netip.AddrPort + + TCPIn chan<- C.ConnContext + UDPIn chan<- *inbound.PacketAdapter +} + +func (gh *GVHandler) HandleTCPConn(tunConn adapter.TCPConn) { + id := tunConn.ID() + + rAddr := &net.UDPAddr{ + IP: net.IP(id.LocalAddress), + Port: int(id.LocalPort), + Zone: "", + } + + addrIp, _ := netip.AddrFromSlice(rAddr.IP) + addrPort := netip.AddrPortFrom(addrIp, id.LocalPort) + + if D.ShouldHijackDns(gh.DNSAdds, addrPort) { + go func() { + log.Debugln("[TUN] hijack dns tcp: %s", addrPort.String()) + + defer tunConn.Close() + + buf := pool.Get(pool.UDPBufferSize) + defer pool.Put(buf) + + for { + tunConn.SetReadDeadline(time.Now().Add(D.DefaultDnsReadTimeout)) + + length := uint16(0) + if err := binary.Read(tunConn, binary.BigEndian, &length); err != nil { + break + } + + if int(length) > len(buf) { + break + } + + n, err := tunConn.Read(buf[:length]) + if err != nil { + break + } + + msg, err := D.RelayDnsPacket(buf[:n]) + if err != nil { + break + } + + _, _ = tunConn.Write(msg) + } + }() + + return + } + + gh.TCPIn <- inbound.NewSocket(socks5.ParseAddrToSocksAddr(rAddr), tunConn, C.TUN) +} + +func (gh *GVHandler) HandleUDPConn(tunConn adapter.UDPConn) { + id := tunConn.ID() + + rAddr := &net.UDPAddr{ + IP: net.IP(id.LocalAddress), + Port: int(id.LocalPort), + Zone: "", + } + + addrIp, _ := netip.AddrFromSlice(rAddr.IP) + addrPort := netip.AddrPortFrom(addrIp, id.LocalPort) + target := socks5.ParseAddrToSocksAddr(rAddr) + + go func() { + for { + buf := pool.Get(pool.UDPBufferSize) + + n, addr, err := tunConn.ReadFrom(buf) + if err != nil { + pool.Put(buf) + break + } + + payload := buf[:n] + + if D.ShouldHijackDns(gh.DNSAdds, addrPort) { + go func() { + defer pool.Put(buf) + + msg, err1 := D.RelayDnsPacket(payload) + if err1 != nil { + return + } + + _, _ = tunConn.WriteTo(msg, addr) + + log.Debugln("[TUN] hijack dns udp: %s", rAddr.String()) + }() + + continue + } + + gvPacket := &packet{ + pc: tunConn, + rAddr: addr, + payload: payload, + } + + select { + case gh.UDPIn <- inbound.NewPacket(target, gvPacket, C.TUN): + default: + } + } + }() +} diff --git a/listener/tun/ipstack/gvisor/icmp.go b/listener/tun/ipstack/gvisor/icmp.go new file mode 100644 index 00000000..8b56d397 --- /dev/null +++ b/listener/tun/ipstack/gvisor/icmp.go @@ -0,0 +1,24 @@ +package gvisor + +import ( + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/header" +) + +func withICMPHandler() Option { + return func(s *gvStack) error { + // Add default route table for IPv4 and IPv6. + // This will handle all incoming ICMP packets. + s.SetRouteTable([]tcpip.Route{ + { + Destination: header.IPv4EmptySubnet, + NIC: s.nicID, + }, + { + Destination: header.IPv6EmptySubnet, + NIC: s.nicID, + }, + }) + return nil + } +} diff --git a/listener/tun/ipstack/gvisor/nic.go b/listener/tun/ipstack/gvisor/nic.go new file mode 100644 index 00000000..fb8ac1a2 --- /dev/null +++ b/listener/tun/ipstack/gvisor/nic.go @@ -0,0 +1,59 @@ +package gvisor + +import ( + "fmt" + + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/stack" +) + +const ( + // defaultNICID is the ID of default NIC used by DefaultStack. + defaultNICID tcpip.NICID = 0x01 + + // nicPromiscuousModeEnabled is the value used by stack to enable + // or disable NIC's promiscuous mode. + nicPromiscuousModeEnabled = true + + // nicSpoofingEnabled is the value used by stack to enable or disable + // NIC's spoofing. + nicSpoofingEnabled = true +) + +// withCreatingNIC creates NIC for stack. +func withCreatingNIC(ep stack.LinkEndpoint) Option { + return func(s *gvStack) error { + if err := s.CreateNICWithOptions(s.nicID, ep, + stack.NICOptions{ + Disabled: false, + // If no queueing discipline was specified + // provide a stub implementation that just + // delegates to the lower link endpoint. + QDisc: nil, + }); err != nil { + return fmt.Errorf("create NIC: %s", err) + } + return nil + } +} + +// withPromiscuousMode sets promiscuous mode in the given NIC. +func withPromiscuousMode(v bool) Option { + return func(s *gvStack) error { + if err := s.SetPromiscuousMode(s.nicID, v); err != nil { + return fmt.Errorf("set promiscuous mode: %s", err) + } + return nil + } +} + +// withSpoofing sets address spoofing in the given NIC, allowing +// endpoints to bind to any address in the NIC. +func withSpoofing(v bool) Option { + return func(s *gvStack) error { + if err := s.SetSpoofing(s.nicID, v); err != nil { + return fmt.Errorf("set spoofing: %s", err) + } + return nil + } +} diff --git a/listener/tun/ipstack/gvisor/opts.go b/listener/tun/ipstack/gvisor/opts.go new file mode 100644 index 00000000..7fd5a65b --- /dev/null +++ b/listener/tun/ipstack/gvisor/opts.go @@ -0,0 +1,223 @@ +package gvisor + +import ( + "fmt" + + "golang.org/x/time/rate" + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" +) + +const ( + // defaultTimeToLive specifies the default TTL used by stack. + defaultTimeToLive uint8 = 64 + + // ipForwardingEnabled is the value used by stack to enable packet + // forwarding between NICs. + ipForwardingEnabled = true + + // icmpBurst is the default number of ICMP messages that can be sent in + // a single burst. + icmpBurst = 50 + + // icmpLimit is the default maximum number of ICMP messages permitted + // by this rate limiter. + icmpLimit rate.Limit = 1000 + + // tcpCongestionControl is the congestion control algorithm used by + // stack. ccReno is the default option in gVisor stack. + tcpCongestionControlAlgorithm = "reno" // "reno" or "cubic" + + // tcpDelayEnabled is the value used by stack to enable or disable + // tcp delay option. Disable Nagle's algorithm here by default. + tcpDelayEnabled = false + + // tcpModerateReceiveBufferEnabled is the value used by stack to + // enable or disable tcp receive buffer auto-tuning option. + tcpModerateReceiveBufferEnabled = true + + // tcpSACKEnabled is the value used by stack to enable or disable + // tcp selective ACK. + tcpSACKEnabled = true + + // tcpRecovery is the loss detection algorithm used by TCP. + tcpRecovery = tcpip.TCPRACKLossDetection + + // tcpMinBufferSize is the smallest size of a send/recv buffer. + tcpMinBufferSize = tcp.MinBufferSize // 4 KiB + + // tcpMaxBufferSize is the maximum permitted size of a send/recv buffer. + tcpMaxBufferSize = tcp.MaxBufferSize // 4 MiB + + // tcpDefaultBufferSize is the default size of the send/recv buffer for + // a transport endpoint. + tcpDefaultBufferSize = 212 << 10 // 212 KiB +) + +type Option func(*gvStack) error + +// WithDefault sets all default values for stack. +func WithDefault() Option { + return func(s *gvStack) error { + opts := []Option{ + WithDefaultTTL(defaultTimeToLive), + WithForwarding(ipForwardingEnabled), + + // Config default stack ICMP settings. + WithICMPBurst(icmpBurst), WithICMPLimit(icmpLimit), + + // We expect no packet loss, therefore we can bump buffers. + // Too large buffers thrash cache, so there is little point + // in too large buffers. + // + // Ref: https://github.com/cloudflare/slirpnetstack/blob/master/stack.go + WithTCPBufferSizeRange(tcpMinBufferSize, tcpDefaultBufferSize, tcpMaxBufferSize), + + WithTCPCongestionControl(tcpCongestionControlAlgorithm), + WithTCPDelay(tcpDelayEnabled), + + // Receive Buffer Auto-Tuning Option, see: + // https://github.com/google/gvisor/issues/1666 + WithTCPModerateReceiveBuffer(tcpModerateReceiveBufferEnabled), + + // TCP selective ACK Option, see: + // https://tools.ietf.org/html/rfc2018 + WithTCPSACKEnabled(tcpSACKEnabled), + + // TCPRACKLossDetection: indicates RACK is used for loss detection and + // recovery. + // + // TCPRACKStaticReoWnd: indicates the reordering window should not be + // adjusted when DSACK is received. + // + // TCPRACKNoDupTh: indicates RACK should not consider the classic three + // duplicate acknowledgements rule to mark the segments as lost. This + // is used when reordering is not detected. + WithTCPRecovery(tcpRecovery), + } + + for _, opt := range opts { + if err := opt(s); err != nil { + return err + } + } + + return nil + } +} + +// WithDefaultTTL sets the default TTL used by stack. +func WithDefaultTTL(ttl uint8) Option { + return func(s *gvStack) error { + opt := tcpip.DefaultTTLOption(ttl) + if err := s.SetNetworkProtocolOption(ipv4.ProtocolNumber, &opt); err != nil { + return fmt.Errorf("set ipv4 default TTL: %s", err) + } + if err := s.SetNetworkProtocolOption(ipv6.ProtocolNumber, &opt); err != nil { + return fmt.Errorf("set ipv6 default TTL: %s", err) + } + return nil + } +} + +// WithForwarding sets packet forwarding between NICs for IPv4 & IPv6. +func WithForwarding(v bool) Option { + return func(s *gvStack) error { + if err := s.SetForwardingDefaultAndAllNICs(ipv4.ProtocolNumber, v); err != nil { + return fmt.Errorf("set ipv4 forwarding: %s", err) + } + if err := s.SetForwardingDefaultAndAllNICs(ipv6.ProtocolNumber, v); err != nil { + return fmt.Errorf("set ipv6 forwarding: %s", err) + } + return nil + } +} + +// WithICMPBurst sets the number of ICMP messages that can be sent +// in a single burst. +func WithICMPBurst(burst int) Option { + return func(s *gvStack) error { + s.SetICMPBurst(burst) + return nil + } +} + +// WithICMPLimit sets the maximum number of ICMP messages permitted +// by rate limiter. +func WithICMPLimit(limit rate.Limit) Option { + return func(s *gvStack) error { + s.SetICMPLimit(limit) + return nil + } +} + +// WithTCPBufferSizeRange sets the receive and send buffer size range for TCP. +func WithTCPBufferSizeRange(a, b, c int) Option { + return func(s *gvStack) error { + rcvOpt := tcpip.TCPReceiveBufferSizeRangeOption{Min: a, Default: b, Max: c} + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &rcvOpt); err != nil { + return fmt.Errorf("set TCP receive buffer size range: %s", err) + } + sndOpt := tcpip.TCPSendBufferSizeRangeOption{Min: a, Default: b, Max: c} + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &sndOpt); err != nil { + return fmt.Errorf("set TCP send buffer size range: %s", err) + } + return nil + } +} + +// WithTCPCongestionControl sets the current congestion control algorithm. +func WithTCPCongestionControl(cc string) Option { + return func(s *gvStack) error { + opt := tcpip.CongestionControlOption(cc) + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &opt); err != nil { + return fmt.Errorf("set TCP congestion control algorithm: %s", err) + } + return nil + } +} + +// WithTCPDelay enables or disables Nagle's algorithm in TCP. +func WithTCPDelay(v bool) Option { + return func(s *gvStack) error { + opt := tcpip.TCPDelayEnabled(v) + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &opt); err != nil { + return fmt.Errorf("set TCP delay: %s", err) + } + return nil + } +} + +// WithTCPModerateReceiveBuffer sets receive buffer moderation for TCP. +func WithTCPModerateReceiveBuffer(v bool) Option { + return func(s *gvStack) error { + opt := tcpip.TCPModerateReceiveBufferOption(v) + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &opt); err != nil { + return fmt.Errorf("set TCP moderate receive buffer: %s", err) + } + return nil + } +} + +// WithTCPSACKEnabled sets the SACK option for TCP. +func WithTCPSACKEnabled(v bool) Option { + return func(s *gvStack) error { + opt := tcpip.TCPSACKEnabled(v) + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &opt); err != nil { + return fmt.Errorf("set TCP SACK: %s", err) + } + return nil + } +} + +// WithTCPRecovery sets the recovery option for TCP. +func WithTCPRecovery(v tcpip.TCPRecovery) Option { + return func(s *gvStack) error { + if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &v); err != nil { + return fmt.Errorf("set TCP Recovery: %s", err) + } + return nil + } +} diff --git a/listener/tun/ipstack/gvisor/stack.go b/listener/tun/ipstack/gvisor/stack.go new file mode 100644 index 00000000..104c0300 --- /dev/null +++ b/listener/tun/ipstack/gvisor/stack.go @@ -0,0 +1,96 @@ +// Package gvisor provides a thin wrapper around a gVisor's stack. +package gvisor + +import ( + "github.com/Dreamacro/clash/listener/tun/device" + "github.com/Dreamacro/clash/listener/tun/ipstack" + "github.com/Dreamacro/clash/listener/tun/ipstack/gvisor/adapter" + + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" + "gvisor.dev/gvisor/pkg/tcpip/stack" + "gvisor.dev/gvisor/pkg/tcpip/transport/icmp" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" + "gvisor.dev/gvisor/pkg/tcpip/transport/udp" +) + +type gvStack struct { + *stack.Stack + device device.Device + + handler adapter.Handler + nicID tcpip.NICID +} + +func (s *gvStack) Close() error { + if s.Stack != nil { + s.Stack.Close() + } + if s.device != nil { + _ = s.device.Close() + } + return nil +} + +// New allocates a new *gvStack with given options. +func New(device device.Device, handler adapter.Handler, opts ...Option) (ipstack.Stack, error) { + s := &gvStack{ + Stack: stack.New(stack.Options{ + NetworkProtocols: []stack.NetworkProtocolFactory{ + ipv4.NewProtocol, + ipv6.NewProtocol, + }, + TransportProtocols: []stack.TransportProtocolFactory{ + tcp.NewProtocol, + udp.NewProtocol, + icmp.NewProtocol4, + icmp.NewProtocol6, + }, + }), + + device: device, + handler: handler, + nicID: defaultNICID, + } + + opts = append(opts, + // Important: We must initiate transport protocol handlers + // before creating NIC, otherwise NIC would dispatch packets + // to stack and cause race condition. + withICMPHandler(), withTCPHandler(), withUDPHandler(), + + // Create stack NIC and then bind link endpoint. + withCreatingNIC(device.(stack.LinkEndpoint)), + + // In the past we did s.AddAddressRange to assign 0.0.0.0/0 + // onto the interface. We need that to be able to terminate + // all the incoming connections - to any ip. AddressRange API + // has been removed and the suggested workaround is to use + // Promiscuous mode. https://github.com/google/gvisor/issues/3876 + // + // Ref: https://github.com/cloudflare/slirpnetstack/blob/master/stack.go + withPromiscuousMode(nicPromiscuousModeEnabled), + + // Enable spoofing if a stack may send packets from unowned addresses. + // This change required changes to some netgophers since previously, + // promiscuous mode was enough to let the netstack respond to all + // incoming packets regardless of the packet's destination address. Now + // that a stack.Route is not held for each incoming packet, finding a route + // may fail with local addresses we don't own but accepted packets for + // while in promiscuous mode. Since we also want to be able to send from + // any address (in response the received promiscuous mode packets), we need + // to enable spoofing. + // + // Ref: https://github.com/google/gvisor/commit/8c0701462a84ff77e602f1626aec49479c308127 + withSpoofing(nicSpoofingEnabled), + ) + + for _, opt := range opts { + if err := opt(s); err != nil { + return nil, err + } + } + + return s, nil +} diff --git a/listener/tun/ipstack/gvisor/tcp.go b/listener/tun/ipstack/gvisor/tcp.go new file mode 100644 index 00000000..8b8277e0 --- /dev/null +++ b/listener/tun/ipstack/gvisor/tcp.go @@ -0,0 +1,91 @@ +package gvisor + +import ( + "fmt" + "time" + + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" + "gvisor.dev/gvisor/pkg/tcpip/stack" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" + "gvisor.dev/gvisor/pkg/waiter" +) + +const ( + // defaultWndSize if set to zero, the default + // receive window buffer size is used instead. + defaultWndSize = 0 + + // maxConnAttempts specifies the maximum number + // of in-flight tcp connection attempts. + maxConnAttempts = 2 << 10 + + // tcpKeepaliveCount is the maximum number of + // TCP keep-alive probes to send before giving up + // and killing the connection if no response is + // obtained from the other end. + tcpKeepaliveCount = 9 + + // tcpKeepaliveIdle specifies the time a connection + // must remain idle before the first TCP keepalive + // packet is sent. Once this time is reached, + // tcpKeepaliveInterval option is used instead. + tcpKeepaliveIdle = 60 * time.Second + + // tcpKeepaliveInterval specifies the interval + // time between sending TCP keepalive packets. + tcpKeepaliveInterval = 30 * time.Second +) + +func withTCPHandler() Option { + return func(s *gvStack) error { + tcpForwarder := tcp.NewForwarder(s.Stack, defaultWndSize, maxConnAttempts, func(r *tcp.ForwarderRequest) { + var wq waiter.Queue + ep, err := r.CreateEndpoint(&wq) + if err != nil { + // RST: prevent potential half-open TCP connection leak. + r.Complete(true) + return + } + defer r.Complete(false) + + setKeepalive(ep) + + conn := &tcpConn{ + TCPConn: gonet.NewTCPConn(&wq, ep), + id: r.ID(), + } + s.handler.HandleTCPConn(conn) + }) + s.SetTransportProtocolHandler(tcp.ProtocolNumber, tcpForwarder.HandlePacket) + return nil + } +} + +func setKeepalive(ep tcpip.Endpoint) error { + ep.SocketOptions().SetKeepAlive(true) + + idle := tcpip.KeepaliveIdleOption(tcpKeepaliveIdle) + if err := ep.SetSockOpt(&idle); err != nil { + return fmt.Errorf("set keepalive idle: %s", err) + } + + interval := tcpip.KeepaliveIntervalOption(tcpKeepaliveInterval) + if err := ep.SetSockOpt(&interval); err != nil { + return fmt.Errorf("set keepalive interval: %s", err) + } + + if err := ep.SetSockOptInt(tcpip.KeepaliveCountOption, tcpKeepaliveCount); err != nil { + return fmt.Errorf("set keepalive count: %s", err) + } + return nil +} + +type tcpConn struct { + *gonet.TCPConn + id stack.TransportEndpointID +} + +func (c *tcpConn) ID() *stack.TransportEndpointID { + return &c.id +} diff --git a/listener/tun/ipstack/gvisor/tun.go b/listener/tun/ipstack/gvisor/tun.go deleted file mode 100644 index 1445da47..00000000 --- a/listener/tun/ipstack/gvisor/tun.go +++ /dev/null @@ -1,280 +0,0 @@ -package gvisor - -import ( - "encoding/binary" - "errors" - "fmt" - "net" - "strconv" - "strings" - "sync" - - "github.com/Dreamacro/clash/adapter/inbound" - "github.com/Dreamacro/clash/common/pool" - "github.com/Dreamacro/clash/component/resolver" - "github.com/Dreamacro/clash/config" - C "github.com/Dreamacro/clash/constant" - "github.com/Dreamacro/clash/dns" - "github.com/Dreamacro/clash/listener/tun/dev" - "github.com/Dreamacro/clash/listener/tun/ipstack" - "github.com/Dreamacro/clash/log" - "github.com/Dreamacro/clash/transport/socks5" - "gvisor.dev/gvisor/pkg/tcpip" - "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" - "gvisor.dev/gvisor/pkg/tcpip/buffer" - "gvisor.dev/gvisor/pkg/tcpip/header" - "gvisor.dev/gvisor/pkg/tcpip/link/channel" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" - "gvisor.dev/gvisor/pkg/tcpip/stack" - "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" - "gvisor.dev/gvisor/pkg/tcpip/transport/udp" - "gvisor.dev/gvisor/pkg/waiter" -) - -const nicID tcpip.NICID = 1 - -type gvisorAdapter struct { - device dev.TunDevice - ipstack *stack.Stack - dnsServer *DNSServer - udpIn chan<- *inbound.PacketAdapter - - stackName string - autoRoute bool - linkCache *channel.Endpoint - wg sync.WaitGroup // wait for goroutines to stop - - writeHandle *channel.NotificationHandle -} - -// GvisorAdapter create GvisorAdapter -func NewAdapter(device dev.TunDevice, conf config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.TunAdapter, error) { - ipstack := stack.New(stack.Options{ - NetworkProtocols: []stack.NetworkProtocolFactory{ipv4.NewProtocol, ipv6.NewProtocol}, - TransportProtocols: []stack.TransportProtocolFactory{tcp.NewProtocol, udp.NewProtocol}, - }) - - adapter := &gvisorAdapter{ - device: device, - ipstack: ipstack, - udpIn: udpIn, - stackName: conf.Stack, - autoRoute: conf.AutoRoute, - } - - linkEP, err := adapter.AsLinkEndpoint() - if err != nil { - return nil, fmt.Errorf("unable to create virtual endpoint: %v", err) - } - - if err := ipstack.CreateNIC(nicID, linkEP); err != nil { - return nil, fmt.Errorf("fail to create NIC in ipstack: %v", err) - } - - ipstack.SetPromiscuousMode(nicID, true) // Accept all the traffice from this NIC - ipstack.SetSpoofing(nicID, true) // Otherwise our TCP connection can not find the route backward - - // Add route for ipv4 & ipv6 - // So FindRoute will return correct route to tun NIC - subnet, _ := tcpip.NewSubnet(tcpip.Address(strings.Repeat("\x00", 4)), tcpip.AddressMask(strings.Repeat("\x00", 4))) - ipstack.AddRoute(tcpip.Route{Destination: subnet, Gateway: "", NIC: nicID}) - subnet, _ = tcpip.NewSubnet(tcpip.Address(strings.Repeat("\x00", 16)), tcpip.AddressMask(strings.Repeat("\x00", 16))) - ipstack.AddRoute(tcpip.Route{Destination: subnet, Gateway: "", NIC: nicID}) - - // TCP handler - // maximum number of half-open tcp connection set to 1024 - // receive buffer size set to 20k - tcpFwd := tcp.NewForwarder(ipstack, pool.RelayBufferSize, 1024, func(r *tcp.ForwarderRequest) { - src := net.JoinHostPort(r.ID().RemoteAddress.String(), strconv.Itoa((int)(r.ID().RemotePort))) - dst := net.JoinHostPort(r.ID().LocalAddress.String(), strconv.Itoa((int)(r.ID().LocalPort))) - log.Debugln("Get TCP Syn %v -> %s in ipstack", src, dst) - var wq waiter.Queue - ep, err := r.CreateEndpoint(&wq) - if err != nil { - log.Warnln("Can't create TCP Endpoint(%s -> %s) in ipstack: %v", src, dst, err) - r.Complete(true) - return - } - - defer r.Complete(false) - - conn := gonet.NewTCPConn(&wq, ep) - - // if the endpoint is not in connected state, conn.RemoteAddr() will return nil - // this protection may be not enough, but will help us debug the panic - if conn.RemoteAddr() == nil { - log.Warnln("TCP endpoint is not connected, current state: %v", tcp.EndpointState(ep.State())) - conn.Close() - return - } - - target := getAddr(ep.Info().(*stack.TransportEndpointInfo).ID) - tcpIn <- inbound.NewSocket(target, conn, C.TUN) - }) - - ipstack.SetTransportProtocolHandler(tcp.ProtocolNumber, tcpFwd.HandlePacket) - - // UDP handler - ipstack.SetTransportProtocolHandler(udp.ProtocolNumber, adapter.udpHandlePacket) - - if resolver.DefaultResolver != nil { - err = adapter.ReCreateDNSServer(resolver.DefaultResolver.(*dns.Resolver), resolver.DefaultHostMapper.(*dns.ResolverEnhancer), conf.DnsHijack) - if err != nil { - return nil, err - } - } - - return adapter, nil -} - -func (t *gvisorAdapter) Stack() string { - return t.stackName -} - -func (t *gvisorAdapter) AutoRoute() bool { - return t.autoRoute -} - -// Close close the TunAdapter -func (t *gvisorAdapter) Close() { - t.StopDNSServer() - if t.ipstack != nil { - t.ipstack.Close() - } - if t.device != nil { - _ = t.device.Close() - } -} - -func (t *gvisorAdapter) udpHandlePacket(id stack.TransportEndpointID, pkt *stack.PacketBuffer) bool { - // ref: gvisor pkg/tcpip/transport/udp/endpoint.go HandlePacket - hdr := header.UDP(pkt.TransportHeader().View()) - if int(hdr.Length()) > pkt.Data().Size()+header.UDPMinimumSize { - // Malformed packet. - t.ipstack.Stats().UDP.MalformedPacketsReceived.Increment() - return true - } - - target := getAddr(id) - - packet := &fakeConn{ - id: id, - pkt: pkt, - s: t.ipstack, - payload: pkt.Data().AsRange().ToOwnedView(), - } - - select { - case t.udpIn <- inbound.NewPacket(target, packet, C.TUN): - default: - } - - return true -} - -// Wait wait goroutines to exit -func (t *gvisorAdapter) Wait() { - t.wg.Wait() -} - -func (t *gvisorAdapter) AsLinkEndpoint() (result stack.LinkEndpoint, err error) { - if t.linkCache != nil { - return t.linkCache, nil - } - - mtu, err := t.device.MTU() - if err != nil { - return nil, errors.New("unable to get device mtu") - } - - linkEP := channel.New(512, uint32(mtu), "") - - // start Read loop. read ip packet from tun and write it to ipstack - t.wg.Add(1) - go func() { - for !t.device.IsClose() { - packet := make([]byte, mtu) - n, err := t.device.Read(packet) - if n == 0 { - continue - } - if err != nil && !t.device.IsClose() { - log.Errorln("can not read from tun: %v", err) - continue - } - - var p tcpip.NetworkProtocolNumber - switch header.IPVersion(packet) { - case header.IPv4Version: - p = header.IPv4ProtocolNumber - case header.IPv6Version: - p = header.IPv6ProtocolNumber - default: - log.Warnln("invalid IP version:%d", header.IPVersion(packet)) - continue - } - - if linkEP.IsAttached() { - pkt := stack.NewPacketBuffer(stack.PacketBufferOptions{ - Data: buffer.View(packet[:n]).ToVectorisedView(), - }) - - linkEP.InjectInbound(p, pkt) - // release memory - pkt.DecRef() - } else { - log.Debugln("received packet from tun when %s is not attached to any dispatcher.", t.device.Name()) - } - } - - t.wg.Done() - t.Close() - log.Debugln("%v stop read loop", t.device.Name()) - }() - - // start write notification - t.writeHandle = linkEP.AddNotify(t) - t.linkCache = linkEP - return t.linkCache, nil -} - -// WriteNotify implements channel.Notification.WriteNotify. -func (t *gvisorAdapter) WriteNotify() { - packetBuffer := t.linkCache.Read() - if packetBuffer != nil { - var vv buffer.VectorisedView - // Append upper headers. - vv.AppendView(packetBuffer.NetworkHeader().View()) - vv.AppendView(packetBuffer.TransportHeader().View()) - // Append data payload. - vv.Append(packetBuffer.Data().ExtractVV()) - - _, err := t.device.Write(vv.ToView()) - if err != nil && !t.device.IsClose() { - log.Errorln("can not write to tun: %v", err) - } - } -} - -func getAddr(id stack.TransportEndpointID) socks5.Addr { - ipv4 := id.LocalAddress.To4() - - // get the big-endian binary represent of port - port := make([]byte, 2) - binary.BigEndian.PutUint16(port, id.LocalPort) - - if ipv4 != "" { - addr := make([]byte, 1+net.IPv4len+2) - addr[0] = socks5.AtypIPv4 - copy(addr[1:1+net.IPv4len], []byte(ipv4)) - addr[1+net.IPv4len], addr[1+net.IPv4len+1] = port[0], port[1] - return addr - } else { - addr := make([]byte, 1+net.IPv6len+2) - addr[0] = socks5.AtypIPv6 - copy(addr[1:1+net.IPv6len], []byte(id.LocalAddress)) - addr[1+net.IPv6len], addr[1+net.IPv6len+1] = port[0], port[1] - return addr - } -} diff --git a/listener/tun/ipstack/gvisor/tundns.go b/listener/tun/ipstack/gvisor/tundns.go deleted file mode 100644 index 51368675..00000000 --- a/listener/tun/ipstack/gvisor/tundns.go +++ /dev/null @@ -1,433 +0,0 @@ -package gvisor - -import ( - "fmt" - "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" - "net" - - Common "github.com/Dreamacro/clash/common/net" - "github.com/Dreamacro/clash/dns" - "github.com/Dreamacro/clash/log" - D "github.com/miekg/dns" - "gvisor.dev/gvisor/pkg/tcpip" - "gvisor.dev/gvisor/pkg/tcpip/buffer" - "gvisor.dev/gvisor/pkg/tcpip/header" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" - "gvisor.dev/gvisor/pkg/tcpip/ports" - "gvisor.dev/gvisor/pkg/tcpip/stack" - "gvisor.dev/gvisor/pkg/tcpip/transport/udp" -) - -var ( - ipv4Zero = tcpip.Address(net.IPv4zero.To4()) - ipv6Zero = tcpip.Address(net.IPv6zero.To16()) -) - -type ListenerWrap struct { - net.Listener - listener net.Listener -} - -func (l *ListenerWrap) Accept() (conn net.Conn, err error) { - conn, err = l.listener.Accept() - log.Debugln("[DNS] hijack tcp:%s", l.Addr()) - return -} - -func (l *ListenerWrap) Close() error { - return l.listener.Close() -} - -func (l *ListenerWrap) Addr() net.Addr { - return l.listener.Addr() -} - -// DNSServer is DNS Server listening on tun devcice -type DNSServer struct { - dnsServers []*dns.Server - tcpListeners []net.Listener - resolver *dns.Resolver - stack *stack.Stack - udpEndpoints []*dnsEndpoint - udpEndpointIDs []*stack.TransportEndpointID - tcpip.NICID -} - -// dnsEndpoint is a TransportEndpoint that will register to stack -type dnsEndpoint struct { - stack.TransportEndpoint - stack *stack.Stack - uniqueID uint64 - server *dns.Server -} - -// Keep track of the source of DNS request -type dnsResponseWriter struct { - s *stack.Stack - pkt *stack.PacketBuffer // The request packet - id stack.TransportEndpointID -} - -func (e *dnsEndpoint) UniqueID() uint64 { - return e.uniqueID -} - -func (e *dnsEndpoint) HandlePacket(id stack.TransportEndpointID, pkt *stack.PacketBuffer) { - hdr := header.UDP(pkt.TransportHeader().View()) - if int(hdr.Length()) > pkt.Data().Size()+header.UDPMinimumSize { - // Malformed packet. - e.stack.Stats().UDP.MalformedPacketsReceived.Increment() - return - } - - // server DNS - var msg D.Msg - msg.Unpack(pkt.Data().AsRange().ToOwnedView()) - writer := dnsResponseWriter{s: e.stack, pkt: pkt, id: id} - log.Debugln("[DNS] hijack udp:%s:%d from %s:%d", id.LocalAddress.String(), id.LocalPort, - id.RemoteAddress.String(), id.RemotePort) - go e.server.ServeDNS(&writer, &msg) -} - -func (e *dnsEndpoint) Close() { -} - -func (e *dnsEndpoint) Wait() { -} - -func (e *dnsEndpoint) HandleError(transErr stack.TransportError, pkt *stack.PacketBuffer) { - log.Warnln("DNS endpoint get a transport error: %v", transErr) - log.Debugln("DNS endpoint transport error packet : %v", pkt) -} - -// Abort implements stack.TransportEndpoint.Abort. -func (e *dnsEndpoint) Abort() { - e.Close() -} - -func (w *dnsResponseWriter) LocalAddr() net.Addr { - return &net.UDPAddr{IP: net.IP(w.id.LocalAddress), Port: int(w.id.LocalPort)} -} - -func (w *dnsResponseWriter) RemoteAddr() net.Addr { - return &net.UDPAddr{IP: net.IP(w.id.RemoteAddress), Port: int(w.id.RemotePort)} -} - -func (w *dnsResponseWriter) WriteMsg(msg *D.Msg) error { - b, err := msg.Pack() - if err != nil { - return err - } - _, err = w.Write(b) - return err -} - -func (w *dnsResponseWriter) TsigStatus() error { - // Unsupported - return nil -} - -func (w *dnsResponseWriter) TsigTimersOnly(bool) { - // Unsupported -} - -func (w *dnsResponseWriter) Hijack() { - // Unsupported -} - -func (w *dnsResponseWriter) Write(b []byte) (int, error) { - v := buffer.NewView(len(b)) - copy(v, b) - data := v.ToVectorisedView() - - // w.id.LocalAddress is the source ip of DNS response - if !w.pkt.NetworkHeader().View().IsEmpty() && - (w.pkt.NetworkProtocolNumber == ipv4.ProtocolNumber || - w.pkt.NetworkProtocolNumber == ipv6.ProtocolNumber) { - r, _ := w.s.FindRoute(w.pkt.NICID, w.id.LocalAddress, w.id.RemoteAddress, w.pkt.NetworkProtocolNumber, false /* multicastLoop */) - return writeUDP(r, data, w.id.LocalPort, w.id.RemotePort) - } else { - log.Debugln("the network protocl[%d] is not available", w.pkt.NetworkProtocolNumber) - return 0, fmt.Errorf("the network protocl[%d] is not available", w.pkt.NetworkProtocolNumber) - } -} - -func (w *dnsResponseWriter) Close() error { - return nil -} - -// CreateDNSServer create a dns server on given netstack -func CreateDNSServer(s *stack.Stack, resolver *dns.Resolver, mapper *dns.ResolverEnhancer, dnsHijack []net.Addr, nicID tcpip.NICID) (*DNSServer, error) { - var err error - handler := dns.NewHandler(resolver, mapper) - serverIn := &dns.Server{} - serverIn.SetHandler(handler) - tcpDnsArr := make([]net.TCPAddr, 0, len(dnsHijack)) - udpDnsArr := make([]net.UDPAddr, 0, len(dnsHijack)) - for _, d := range dnsHijack { - switch d.(type) { - case *net.TCPAddr: - { - tcpDnsArr = append(tcpDnsArr, *d.(*net.TCPAddr)) - break - } - case *net.UDPAddr: - { - udpDnsArr = append(udpDnsArr, *d.(*net.UDPAddr)) - break - } - } - } - - endpoints, ids := hijackUdpDns(udpDnsArr, s, serverIn) - tcpListeners, dnsServers := hijackTcpDns(tcpDnsArr, s, serverIn) - server := &DNSServer{ - resolver: resolver, - stack: s, - udpEndpoints: endpoints, - udpEndpointIDs: ids, - NICID: nicID, - tcpListeners: tcpListeners, - } - - server.dnsServers = dnsServers - - return server, err -} - -func hijackUdpDns(dnsArr []net.UDPAddr, s *stack.Stack, serverIn *dns.Server) ([]*dnsEndpoint, []*stack.TransportEndpointID) { - endpoints := make([]*dnsEndpoint, len(dnsArr)) - ids := make([]*stack.TransportEndpointID, len(dnsArr)) - for i, dns := range dnsArr { - port := dns.Port - ip := dns.IP - address := tcpip.FullAddress{NIC: nicID, Port: uint16(port)} - var protocol tcpip.NetworkProtocolNumber - if ip.To4() != nil { - address.Addr = tcpip.Address(ip.To4()) - protocol = ipv4.ProtocolNumber - - } else { - address.Addr = tcpip.Address(ip.To16()) - protocol = ipv6.ProtocolNumber - } - - protocolAddr := tcpip.ProtocolAddress{ - Protocol: protocol, - AddressWithPrefix: address.Addr.WithPrefix(), - } - - // netstack will only reassemble IP fragments when its' dest ip address is registered in NIC.endpoints - if err := s.AddProtocolAddress(nicID, protocolAddr, stack.AddressProperties{}); err != nil { - log.Errorln("AddProtocolAddress(%d, %+v, {}): %s", nicID, protocolAddr, err) - } - - if address.Addr == ipv4Zero || address.Addr == ipv6Zero { - address.Addr = "" - } - - // UDP DNS - id := &stack.TransportEndpointID{ - LocalAddress: address.Addr, - LocalPort: uint16(port), - RemotePort: 0, - RemoteAddress: "", - } - - // TransportEndpoint for DNS - endpoint := &dnsEndpoint{ - stack: s, - uniqueID: s.UniqueID(), - server: serverIn, - } - - if tcpiperr := s.RegisterTransportEndpoint( - []tcpip.NetworkProtocolNumber{ - ipv4.ProtocolNumber, - ipv6.ProtocolNumber, - }, - udp.ProtocolNumber, - *id, - endpoint, - ports.Flags{LoadBalanced: true}, // it's actually the SO_REUSEPORT. Not sure it take effect. - nicID); tcpiperr != nil { - log.Errorln("Unable to start UDP DNS on tun: %v", tcpiperr.String()) - } - - ids[i] = id - endpoints[i] = endpoint - } - - return endpoints, ids -} - -func hijackTcpDns(dnsArr []net.TCPAddr, s *stack.Stack, serverIn *dns.Server) ([]net.Listener, []*dns.Server) { - tcpListeners := make([]net.Listener, len(dnsArr)) - dnsServers := make([]*dns.Server, len(dnsArr)) - - for i, dnsAddr := range dnsArr { - var tcpListener net.Listener - var v4 bool - var err error - port := dnsAddr.Port - ip := dnsAddr.IP - address := tcpip.FullAddress{NIC: nicID, Port: uint16(port)} - if ip.To4() != nil { - address.Addr = tcpip.Address(ip.To4()) - v4 = true - } else { - address.Addr = tcpip.Address(ip.To16()) - v4 = false - } - - if v4 { - tcpListener, err = gonet.ListenTCP(s, address, ipv4.ProtocolNumber) - } else { - tcpListener, err = gonet.ListenTCP(s, address, ipv6.ProtocolNumber) - } - - if err != nil { - log.Errorln("can not listen on tun: %v, hijack tcp[%s] failed", err, dnsAddr) - } else { - tcpListeners[i] = tcpListener - server := &D.Server{Listener: &ListenerWrap{ - listener: tcpListener, - }, Handler: serverIn} - dnsServer := dns.Server{} - dnsServer.Server = server - go dnsServer.ActivateAndServe() - dnsServers[i] = &dnsServer - } - - } - // - //for _, listener := range tcpListeners { - // server := &D.Server{Listener: listener, Handler: serverIn} - // - // dnsServers = append(dnsServers, &dnsServer) - // go dnsServer.ActivateAndServe() - //} - - return tcpListeners, dnsServers -} - -// Stop stop the DNS Server on tun -func (s *DNSServer) Stop() { - if s == nil { - return - } - - for i := 0; i < len(s.udpEndpointIDs); i++ { - ep := s.udpEndpoints[i] - id := s.udpEndpointIDs[i] - // remove udp endpoint from stack - s.stack.UnregisterTransportEndpoint( - []tcpip.NetworkProtocolNumber{ - ipv4.ProtocolNumber, - ipv6.ProtocolNumber, - }, - udp.ProtocolNumber, - *id, - ep, - ports.Flags{LoadBalanced: true}, // should match the RegisterTransportEndpoint - s.NICID) - } - - for _, server := range s.dnsServers { - server.Shutdown() - } - - for _, listener := range s.tcpListeners { - listener.Close() - } -} - -// DnsHijack return the listening address of DNS Server -func (t *gvisorAdapter) DnsHijack() []string { - dnsHijackArr := make([]string, len(t.dnsServer.udpEndpoints)) - for _, id := range t.dnsServer.udpEndpointIDs { - dnsHijackArr = append(dnsHijackArr, fmt.Sprintf("%s:%d", id.LocalAddress.String(), id.LocalPort)) - } - - return dnsHijackArr -} - -func (t *gvisorAdapter) StopDNSServer() { - t.dnsServer.Stop() - log.Debugln("tun DNS server stoped") - t.dnsServer = nil -} - -// ReCreateDNSServer recreate the DNS Server on tun -func (t *gvisorAdapter) ReCreateDNSServer(resolver *dns.Resolver, mapper *dns.ResolverEnhancer, dnsHijackArr []string) error { - t.StopDNSServer() - - if resolver == nil { - return fmt.Errorf("failed to create DNS server on tun: resolver not provided") - } - - if len(dnsHijackArr) == 0 { - return fmt.Errorf("failed to create DNS server on tun: len(addrs) == 0") - } - var err error - var addrs []net.Addr - for _, addr := range dnsHijackArr { - var ( - addrType string - hostPort string - ) - - addrType, hostPort, err = Common.SplitNetworkType(addr) - if err != nil { - return err - } - - var ( - host, port string - hasPort bool - ) - - host, port, hasPort, err = Common.SplitHostPort(hostPort) - if !hasPort { - port = "53" - } - - switch addrType { - case "udp", "": - { - var udpDNS *net.UDPAddr - udpDNS, err = net.ResolveUDPAddr("udp", net.JoinHostPort(host, port)) - if err != nil { - return err - } - - addrs = append(addrs, udpDNS) - break - } - case "tcp": - { - var tcpDNS *net.TCPAddr - tcpDNS, err = net.ResolveTCPAddr("tcp", net.JoinHostPort(host, port)) - if err != nil { - return err - } - - addrs = append(addrs, tcpDNS) - break - } - default: - err = fmt.Errorf("unspported dns scheme:%s", addrType) - } - - } - - server, err := CreateDNSServer(t.ipstack, resolver, mapper, addrs, nicID) - if err != nil { - return err - } - - t.dnsServer = server - - return nil -} diff --git a/listener/tun/ipstack/gvisor/udp.go b/listener/tun/ipstack/gvisor/udp.go new file mode 100644 index 00000000..6efbd204 --- /dev/null +++ b/listener/tun/ipstack/gvisor/udp.go @@ -0,0 +1,67 @@ +package gvisor + +import ( + "net" + + "github.com/Dreamacro/clash/common/pool" + "github.com/Dreamacro/clash/listener/tun/ipstack/gvisor/adapter" + + "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" + "gvisor.dev/gvisor/pkg/tcpip/stack" + "gvisor.dev/gvisor/pkg/tcpip/transport/udp" + "gvisor.dev/gvisor/pkg/waiter" +) + +func withUDPHandler() Option { + return func(s *gvStack) error { + udpForwarder := udp.NewForwarder(s.Stack, func(r *udp.ForwarderRequest) { + var wq waiter.Queue + ep, err := r.CreateEndpoint(&wq) + if err != nil { + // TODO: handler errors in the future. + return + } + + conn := &udpConn{ + UDPConn: gonet.NewUDPConn(s.Stack, &wq, ep), + id: r.ID(), + } + s.handler.HandleUDPConn(conn) + }) + s.SetTransportProtocolHandler(udp.ProtocolNumber, udpForwarder.HandlePacket) + return nil + } +} + +type udpConn struct { + *gonet.UDPConn + id stack.TransportEndpointID +} + +func (c *udpConn) ID() *stack.TransportEndpointID { + return &c.id +} + +type packet struct { + pc adapter.UDPConn + rAddr net.Addr + payload []byte +} + +func (c *packet) Data() []byte { + return c.payload +} + +// WriteBack write UDP packet with source(ip, port) = `addr` +func (c *packet) WriteBack(b []byte, addr net.Addr) (n int, err error) { + return c.pc.WriteTo(b, c.rAddr) +} + +// LocalAddr returns the source IP/Port of UDP Packet +func (c *packet) LocalAddr() net.Addr { + return c.rAddr +} + +func (c *packet) Drop() { + pool.Put(c.payload) +} diff --git a/listener/tun/ipstack/gvisor/utils.go b/listener/tun/ipstack/gvisor/utils.go deleted file mode 100644 index 7b1b2588..00000000 --- a/listener/tun/ipstack/gvisor/utils.go +++ /dev/null @@ -1,118 +0,0 @@ -package gvisor - -import ( - "fmt" - "github.com/Dreamacro/clash/log" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" - "net" - - "github.com/Dreamacro/clash/component/resolver" - "gvisor.dev/gvisor/pkg/tcpip" - "gvisor.dev/gvisor/pkg/tcpip/buffer" - "gvisor.dev/gvisor/pkg/tcpip/header" - "gvisor.dev/gvisor/pkg/tcpip/stack" - "gvisor.dev/gvisor/pkg/tcpip/transport/udp" -) - -type fakeConn struct { - id stack.TransportEndpointID // The endpoint of incomming packet, it's remote address is the source address it sent from - pkt *stack.PacketBuffer // The original packet comming from tun - s *stack.Stack - payload []byte - fakeip *bool -} - -func (c *fakeConn) Data() []byte { - return c.payload -} - -func (c *fakeConn) WriteBack(b []byte, addr net.Addr) (n int, err error) { - v := buffer.View(b) - data := v.ToVectorisedView() - - var localAddress tcpip.Address - var localPort uint16 - // if addr is not provided, write back use original dst Addr as src Addr - if c.FakeIP() || addr == nil { - localAddress = c.id.LocalAddress - localPort = c.id.LocalPort - } else { - udpaddr, _ := addr.(*net.UDPAddr) - localAddress = tcpip.Address(udpaddr.IP) - localPort = uint16(udpaddr.Port) - } - - if !c.pkt.NetworkHeader().View().IsEmpty() && - (c.pkt.NetworkProtocolNumber == ipv4.ProtocolNumber || - c.pkt.NetworkProtocolNumber == ipv6.ProtocolNumber) { - r, _ := c.s.FindRoute(c.pkt.NICID, localAddress, c.id.RemoteAddress, c.pkt.NetworkProtocolNumber, false /* multicastLoop */) - return writeUDP(r, data, localPort, c.id.RemotePort) - } else { - log.Debugln("the network protocl[%d] is not available", c.pkt.NetworkProtocolNumber) - return 0, fmt.Errorf("the network protocl[%d] is not available", c.pkt.NetworkProtocolNumber) - } -} - -func (c *fakeConn) LocalAddr() net.Addr { - return &net.UDPAddr{IP: net.IP(c.id.RemoteAddress), Port: int(c.id.RemotePort)} -} - -func (c *fakeConn) Close() error { - return nil -} - -func (c *fakeConn) Drop() { -} - -func (c *fakeConn) FakeIP() bool { - if c.fakeip != nil { - return *c.fakeip - } - fakeip := resolver.IsFakeIP(net.IP(c.id.LocalAddress.To4())) - c.fakeip = &fakeip - return fakeip -} - -func writeUDP(r *stack.Route, data buffer.VectorisedView, localPort, remotePort uint16) (int, error) { - const protocol = udp.ProtocolNumber - // Allocate a buffer for the UDP header. - - pkt := stack.NewPacketBuffer(stack.PacketBufferOptions{ - ReserveHeaderBytes: header.UDPMinimumSize + int(r.MaxHeaderLength()), - Data: data, - }) - - // Initialize the header. - udp := header.UDP(pkt.TransportHeader().Push(header.UDPMinimumSize)) - - length := uint16(pkt.Size()) - udp.Encode(&header.UDPFields{ - SrcPort: localPort, - DstPort: remotePort, - Length: length, - }) - - // Set the checksum field unless TX checksum offload is enabled. - // On IPv4, UDP checksum is optional, and a zero value indicates the - // transmitter skipped the checksum generation (RFC768). - // On IPv6, UDP checksum is not optional (RFC2460 Section 8.1). - if r.RequiresTXTransportChecksum() { - xsum := r.PseudoHeaderChecksum(protocol, length) - for _, v := range data.Views() { - xsum = header.Checksum(v, xsum) - } - udp.SetChecksum(^udp.CalculateChecksum(xsum)) - } - - ttl := r.DefaultTTL() - - if err := r.WritePacket(stack.NetworkHeaderParams{Protocol: protocol, TTL: ttl, TOS: 0 /* default */}, pkt); err != nil { - r.Stats().UDP.PacketSendErrors.Increment() - return 0, fmt.Errorf("%v", err) - } - - // Track count of packets sent. - r.Stats().UDP.PacketsSent.Increment() - return data.Size(), nil -} diff --git a/listener/tun/ipstack/stack.go b/listener/tun/ipstack/stack.go new file mode 100644 index 00000000..4aa2bcb9 --- /dev/null +++ b/listener/tun/ipstack/stack.go @@ -0,0 +1,5 @@ +package ipstack + +import "io" + +type Stack io.Closer diff --git a/listener/tun/ipstack/stack_adapter.go b/listener/tun/ipstack/stack_adapter.go deleted file mode 100644 index 1f4cc28f..00000000 --- a/listener/tun/ipstack/stack_adapter.go +++ /dev/null @@ -1,9 +0,0 @@ -package ipstack - -// TunAdapter hold the state of tun/tap interface -type TunAdapter interface { - Close() - Stack() string - DnsHijack() []string - AutoRoute() bool -} diff --git a/listener/tun/ipstack/system/dns.go b/listener/tun/ipstack/system/dns.go deleted file mode 100644 index 77159206..00000000 --- a/listener/tun/ipstack/system/dns.go +++ /dev/null @@ -1,75 +0,0 @@ -package system - -import ( - "encoding/binary" - "io" - "net" - "time" - - D "github.com/Dreamacro/clash/listener/tun/ipstack/commons" - "github.com/kr328/tun2socket/binding" - "github.com/kr328/tun2socket/redirect" -) - -const defaultDnsReadTimeout = time.Second * 30 - -func shouldHijackDns(dnsAddr binding.Address, targetAddr binding.Address) bool { - if targetAddr.Port != 53 { - return false - } - - return dnsAddr.IP.Equal(net.IPv4zero) || dnsAddr.IP.Equal(targetAddr.IP) -} - -func hijackUDPDns(pkt []byte, ep *binding.Endpoint, sender redirect.UDPSender) { - go func() { - answer, err := D.RelayDnsPacket(pkt) - if err != nil { - return - } - - _ = sender(answer, &binding.Endpoint{ - Source: ep.Target, - Target: ep.Source, - }) - }() -} - -func hijackTCPDns(conn net.Conn) { - go func() { - defer func(conn net.Conn) { - _ = conn.Close() - }(conn) - - if err := conn.SetReadDeadline(time.Now().Add(defaultDnsReadTimeout)); err != nil { - return - } - - for { - var length uint16 - if binary.Read(conn, binary.BigEndian, &length) != nil { - return - } - - data := make([]byte, length) - - _, err := io.ReadFull(conn, data) - if err != nil { - return - } - - rb, err := D.RelayDnsPacket(data) - if err != nil { - continue - } - - if binary.Write(conn, binary.BigEndian, uint16(len(rb))) != nil { - return - } - - if _, err = conn.Write(rb); err != nil { - return - } - } - }() -} diff --git a/listener/tun/ipstack/system/log.go b/listener/tun/ipstack/system/log.go deleted file mode 100644 index 6546dc27..00000000 --- a/listener/tun/ipstack/system/log.go +++ /dev/null @@ -1,21 +0,0 @@ -package system - -import "github.com/Dreamacro/clash/log" - -type logger struct{} - -func (l *logger) D(format string, args ...interface{}) { - log.Debugln("[TUN] "+format, args...) -} - -func (l *logger) I(format string, args ...interface{}) { - log.Infoln("[TUN] "+format, args...) -} - -func (l *logger) W(format string, args ...interface{}) { - log.Warnln("[TUN] "+format, args...) -} - -func (l *logger) E(format string, args ...interface{}) { - log.Errorln("[TUN] "+format, args...) -} diff --git a/listener/tun/ipstack/system/mars/mars.go b/listener/tun/ipstack/system/mars/mars.go new file mode 100644 index 00000000..ffc38bf7 --- /dev/null +++ b/listener/tun/ipstack/system/mars/mars.go @@ -0,0 +1,42 @@ +package mars + +import ( + "io" + "net/netip" + + "github.com/Dreamacro/clash/listener/tun/ipstack/system/mars/nat" +) + +type StackListener struct { + device io.Closer + tcp *nat.TCP + udp *nat.UDP +} + +func StartListener(device io.ReadWriteCloser, gateway netip.Addr, portal netip.Addr) (*StackListener, error) { + tcp, udp, err := nat.Start(device, gateway, portal) + if err != nil { + return nil, err + } + + return &StackListener{ + device: device, + tcp: tcp, + udp: udp, + }, nil +} + +func (t *StackListener) Close() error { + _ = t.tcp.Close() + _ = t.udp.Close() + + return t.device.Close() +} + +func (t *StackListener) TCP() *nat.TCP { + return t.tcp +} + +func (t *StackListener) UDP() *nat.UDP { + return t.udp +} diff --git a/listener/tun/ipstack/system/mars/nat/nat.go b/listener/tun/ipstack/system/mars/nat/nat.go new file mode 100644 index 00000000..6feebbef --- /dev/null +++ b/listener/tun/ipstack/system/mars/nat/nat.go @@ -0,0 +1,193 @@ +package nat + +import ( + "io" + "net" + "net/netip" + + "github.com/Dreamacro/clash/common/pool" + "github.com/Dreamacro/clash/listener/tun/ipstack/system/mars/tcpip" +) + +func Start( + device io.ReadWriter, + gateway netip.Addr, + portal netip.Addr, +) (*TCP, *UDP, error) { + if !portal.Is4() || !gateway.Is4() { + return nil, nil, net.InvalidAddrError("only ipv4 supported") + } + + listener, err := net.ListenTCP("tcp4", nil) + if err != nil { + return nil, nil, err + } + + tab := newTable() + udp := &UDP{ + device: device, + buf: [pool.UDPBufferSize]byte{}, + } + tcp := &TCP{ + listener: listener, + portal: portal, + table: tab, + } + + gatewayPort := uint16(listener.Addr().(*net.TCPAddr).Port) + + go func() { + defer tcp.Close() + defer udp.Close() + + buf := make([]byte, pool.RelayBufferSize) + + for { + n, err := device.Read(buf) + if err != nil { + return + } + + raw := buf[:n] + + var ( + ipVersion int + ip tcpip.IP + ) + + ipVersion = tcpip.IPVersion(raw) + + switch ipVersion { + case tcpip.IPv4Version: + ipv4 := tcpip.IPv4Packet(raw) + if !ipv4.Valid() { + continue + } + + if ipv4.TimeToLive() == 0x00 { + continue + } + + if ipv4.Flags()&tcpip.FlagMoreFragment != 0 { + continue + } + + if ipv4.Offset() != 0 { + continue + } + + ip = ipv4 + case tcpip.IPv6Version: + ipv6 := tcpip.IPv6Packet(raw) + if !ipv6.Valid() { + continue + } + + if ipv6.HopLimit() == 0x00 { + continue + } + + ip = ipv6 + default: + continue + } + + switch ip.Protocol() { + case tcpip.TCP: + t := tcpip.TCPPacket(ip.Payload()) + if !t.Valid() { + continue + } + + if ip.DestinationIP() == portal { + if ip.SourceIP() == gateway && t.SourcePort() == gatewayPort { + tup := tab.tupleOf(t.DestinationPort()) + if tup == zeroTuple { + continue + } + + ip.SetSourceIP(tup.DestinationAddr.Addr()) + t.SetSourcePort(tup.DestinationAddr.Port()) + ip.SetDestinationIP(tup.SourceAddr.Addr()) + t.SetDestinationPort(tup.SourceAddr.Port()) + + ip.DecTimeToLive() + ip.ResetChecksum() + t.ResetChecksum(ip.PseudoSum()) + + _, _ = device.Write(raw) + } + } else { + tup := tuple{ + SourceAddr: netip.AddrPortFrom(ip.SourceIP(), t.SourcePort()), + DestinationAddr: netip.AddrPortFrom(ip.DestinationIP(), t.DestinationPort()), + } + + port := tab.portOf(tup) + if port == 0 { + if t.Flags() != tcpip.TCPSyn { + continue + } + + port = tab.newConn(tup) + } + + ip.SetSourceIP(portal) + ip.SetDestinationIP(gateway) + t.SetSourcePort(port) + t.SetDestinationPort(gatewayPort) + + ip.ResetChecksum() + t.ResetChecksum(ip.PseudoSum()) + + _, _ = device.Write(raw) + } + case tcpip.UDP: + u := tcpip.UDPPacket(ip.Payload()) + if !u.Valid() { + continue + } + + udp.handleUDPPacket(ip, u) + case tcpip.ICMP: + i := tcpip.ICMPPacket(ip.Payload()) + + if i.Type() != tcpip.ICMPTypePingRequest || i.Code() != 0 { + continue + } + + i.SetType(tcpip.ICMPTypePingResponse) + + source := ip.SourceIP() + destination := ip.DestinationIP() + ip.SetSourceIP(destination) + ip.SetDestinationIP(source) + + ip.ResetChecksum() + i.ResetChecksum() + + _, _ = device.Write(raw) + case tcpip.ICMPv6: + i := tcpip.ICMPv6Packet(ip.Payload()) + + if i.Type() != tcpip.ICMPv6EchoRequest || i.Code() != 0 { + continue + } + + i.SetType(tcpip.ICMPv6EchoReply) + + source := ip.SourceIP() + destination := ip.DestinationIP() + ip.SetSourceIP(destination) + ip.SetDestinationIP(source) + + ip.ResetChecksum() + i.ResetChecksum(ip.PseudoSum()) + + _, _ = device.Write(raw) + } + } + }() + + return tcp, udp, nil +} diff --git a/listener/tun/ipstack/system/mars/nat/table.go b/listener/tun/ipstack/system/mars/nat/table.go new file mode 100644 index 00000000..e0d86ccc --- /dev/null +++ b/listener/tun/ipstack/system/mars/nat/table.go @@ -0,0 +1,83 @@ +package nat + +import ( + "container/list" + "net/netip" +) + +const ( + portBegin = 30000 + portLength = 4096 +) + +var zeroTuple = tuple{} + +type tuple struct { + SourceAddr netip.AddrPort + DestinationAddr netip.AddrPort +} + +type binding struct { + tuple tuple + offset uint16 +} + +type table struct { + tuples map[tuple]*list.Element + ports [portLength]*list.Element + available *list.List +} + +func (t *table) tupleOf(port uint16) tuple { + offset := port - portBegin + if offset > portLength { + return zeroTuple + } + + elm := t.ports[offset] + + t.available.MoveToFront(elm) + + return elm.Value.(*binding).tuple +} + +func (t *table) portOf(tuple tuple) uint16 { + elm := t.tuples[tuple] + if elm == nil { + return 0 + } + + t.available.MoveToFront(elm) + + return portBegin + elm.Value.(*binding).offset +} + +func (t *table) newConn(tuple tuple) uint16 { + elm := t.available.Back() + b := elm.Value.(*binding) + + delete(t.tuples, b.tuple) + t.tuples[tuple] = elm + b.tuple = tuple + + t.available.MoveToFront(elm) + + return portBegin + b.offset +} + +func newTable() *table { + result := &table{ + tuples: make(map[tuple]*list.Element, portLength), + ports: [portLength]*list.Element{}, + available: list.New(), + } + + for idx := range result.ports { + result.ports[idx] = result.available.PushFront(&binding{ + tuple: tuple{}, + offset: uint16(idx), + }) + } + + return result +} diff --git a/listener/tun/ipstack/system/mars/nat/tcp.go b/listener/tun/ipstack/system/mars/nat/tcp.go new file mode 100644 index 00000000..cc0abe7d --- /dev/null +++ b/listener/tun/ipstack/system/mars/nat/tcp.go @@ -0,0 +1,67 @@ +package nat + +import ( + "net" + "net/netip" + "time" +) + +type TCP struct { + listener *net.TCPListener + portal netip.Addr + table *table +} + +type conn struct { + net.Conn + + tuple tuple +} + +func (t *TCP) Accept() (net.Conn, error) { + c, err := t.listener.AcceptTCP() + if err != nil { + return nil, err + } + + addr := c.RemoteAddr().(*net.TCPAddr) + tup := t.table.tupleOf(uint16(addr.Port)) + if !addr.IP.Equal(t.portal.AsSlice()) || tup == zeroTuple { + _ = c.Close() + + return nil, net.InvalidAddrError("unknown remote addr") + } + + addition(c) + + return &conn{ + Conn: c, + tuple: tup, + }, nil +} + +func (t *TCP) Close() error { + return t.listener.Close() +} + +func (t *TCP) Addr() net.Addr { + return t.listener.Addr() +} + +func (t *TCP) SetDeadline(time time.Time) error { + return t.listener.SetDeadline(time) +} + +func (c *conn) LocalAddr() net.Addr { + return &net.TCPAddr{ + IP: c.tuple.SourceAddr.Addr().AsSlice(), + Port: int(c.tuple.SourceAddr.Port()), + } +} + +func (c *conn) RemoteAddr() net.Addr { + return &net.TCPAddr{ + IP: c.tuple.DestinationAddr.Addr().AsSlice(), + Port: int(c.tuple.DestinationAddr.Port()), + } +} diff --git a/listener/tun/ipstack/system/mars/nat/tcp_linux.go b/listener/tun/ipstack/system/mars/nat/tcp_linux.go new file mode 100644 index 00000000..9f433a3a --- /dev/null +++ b/listener/tun/ipstack/system/mars/nat/tcp_linux.go @@ -0,0 +1,15 @@ +package nat + +import ( + "net" + "syscall" +) + +func addition(c *net.TCPConn) { + sys, err := c.SyscallConn() + if err == nil { + _ = sys.Control(func(fd uintptr) { + _ = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_NO_CHECK, 1) + }) + } +} diff --git a/listener/tun/ipstack/system/mars/nat/tcp_others.go b/listener/tun/ipstack/system/mars/nat/tcp_others.go new file mode 100644 index 00000000..cc46bdbd --- /dev/null +++ b/listener/tun/ipstack/system/mars/nat/tcp_others.go @@ -0,0 +1,7 @@ +//go:build !linux + +package nat + +import "net" + +func addition(*net.TCPConn) {} diff --git a/listener/tun/ipstack/system/mars/nat/udp.go b/listener/tun/ipstack/system/mars/nat/udp.go new file mode 100644 index 00000000..b28614a5 --- /dev/null +++ b/listener/tun/ipstack/system/mars/nat/udp.go @@ -0,0 +1,147 @@ +package nat + +import ( + "io" + "math/rand" + "net" + "net/netip" + "sync" + + "github.com/Dreamacro/clash/common/pool" + "github.com/Dreamacro/clash/listener/tun/ipstack/system/mars/tcpip" +) + +type call struct { + cond *sync.Cond + buf []byte + n int + source net.Addr + destination net.Addr +} + +type UDP struct { + closed bool + device io.Writer + queueLock sync.Mutex + queue []*call + bufLock sync.Mutex + buf [pool.UDPBufferSize]byte +} + +func (u *UDP) ReadFrom(buf []byte) (int, net.Addr, net.Addr, error) { + u.queueLock.Lock() + defer u.queueLock.Unlock() + + for !u.closed { + c := &call{ + cond: sync.NewCond(&u.queueLock), + buf: buf, + n: -1, + source: nil, + destination: nil, + } + + u.queue = append(u.queue, c) + + c.cond.Wait() + + if c.n >= 0 { + return c.n, c.source, c.destination, nil + } + } + + return -1, nil, nil, net.ErrClosed +} + +func (u *UDP) WriteTo(buf []byte, local net.Addr, remote net.Addr) (int, error) { + if u.closed { + return 0, net.ErrClosed + } + + u.bufLock.Lock() + defer u.bufLock.Unlock() + + if len(buf) > 0xffff { + return 0, net.InvalidAddrError("invalid ip version") + } + + srcAddr, srcOk := local.(*net.UDPAddr) + dstAddr, dstOk := remote.(*net.UDPAddr) + if !srcOk || !dstOk { + return 0, net.InvalidAddrError("invalid addr") + } + + srcIP, _ := netip.AddrFromSlice(srcAddr.IP) + dstIp, _ := netip.AddrFromSlice(dstAddr.IP) + + srcAddrPort := netip.AddrPortFrom(srcIP, uint16(srcAddr.Port)) + dstAddrPort := netip.AddrPortFrom(dstIp, uint16(dstAddr.Port)) + + if !srcAddrPort.Addr().Is4() || !dstAddrPort.Addr().Is4() { + return 0, net.InvalidAddrError("invalid ip version") + } + + tcpip.SetIPv4(u.buf[:]) + + ip := tcpip.IPv4Packet(u.buf[:]) + ip.SetHeaderLen(tcpip.IPv4HeaderSize) + ip.SetTotalLength(tcpip.IPv4HeaderSize + tcpip.UDPHeaderSize + uint16(len(buf))) + ip.SetTypeOfService(0) + ip.SetIdentification(uint16(rand.Uint32())) + ip.SetFragmentOffset(0) + ip.SetTimeToLive(64) + ip.SetProtocol(tcpip.UDP) + ip.SetSourceIP(srcAddrPort.Addr()) + ip.SetDestinationIP(dstAddrPort.Addr()) + + udp := tcpip.UDPPacket(ip.Payload()) + udp.SetLength(tcpip.UDPHeaderSize + uint16(len(buf))) + udp.SetSourcePort(srcAddrPort.Port()) + udp.SetDestinationPort(dstAddrPort.Port()) + copy(udp.Payload(), buf) + + ip.ResetChecksum() + udp.ResetChecksum(ip.PseudoSum()) + + return u.device.Write(u.buf[:ip.TotalLen()]) +} + +func (u *UDP) Close() error { + u.queueLock.Lock() + defer u.queueLock.Unlock() + + u.closed = true + + for _, c := range u.queue { + c.cond.Signal() + } + + return nil +} + +func (u *UDP) handleUDPPacket(ip tcpip.IP, pkt tcpip.UDPPacket) { + var c *call + + u.queueLock.Lock() + + if len(u.queue) > 0 { + idx := len(u.queue) - 1 + c = u.queue[idx] + u.queue = u.queue[:idx] + } + + u.queueLock.Unlock() + + if c != nil { + c.source = &net.UDPAddr{ + IP: ip.SourceIP().AsSlice(), + Port: int(pkt.SourcePort()), + } + c.destination = &net.UDPAddr{ + IP: ip.DestinationIP().AsSlice(), + Port: int(pkt.DestinationPort()), + } + c.n = copy(c.buf, pkt.Payload()) + c.cond.Signal() + } +} diff --git a/listener/tun/ipstack/system/mars/tcpip/icmp.go b/listener/tun/ipstack/system/mars/tcpip/icmp.go new file mode 100644 index 00000000..d473c25f --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/icmp.go @@ -0,0 +1,40 @@ +package tcpip + +import ( + "encoding/binary" +) + +type ICMPType = byte + +const ( + ICMPTypePingRequest byte = 0x8 + ICMPTypePingResponse byte = 0x0 +) + +type ICMPPacket []byte + +func (p ICMPPacket) Type() ICMPType { + return p[0] +} + +func (p ICMPPacket) SetType(v ICMPType) { + p[0] = v +} + +func (p ICMPPacket) Code() byte { + return p[1] +} + +func (p ICMPPacket) Checksum() uint16 { + return binary.BigEndian.Uint16(p[2:]) +} + +func (p ICMPPacket) SetChecksum(sum [2]byte) { + p[2] = sum[0] + p[3] = sum[1] +} + +func (p ICMPPacket) ResetChecksum() { + p.SetChecksum(zeroChecksum) + p.SetChecksum(Checksum(0, p)) +} diff --git a/listener/tun/ipstack/system/mars/tcpip/icmpv6.go b/listener/tun/ipstack/system/mars/tcpip/icmpv6.go new file mode 100644 index 00000000..a87f965f --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/icmpv6.go @@ -0,0 +1,172 @@ +package tcpip + +import ( + "encoding/binary" +) + +type ICMPv6Packet []byte + +const ( + ICMPv6HeaderSize = 4 + + ICMPv6MinimumSize = 8 + + ICMPv6PayloadOffset = 8 + + ICMPv6EchoMinimumSize = 8 + + ICMPv6ErrorHeaderSize = 8 + + ICMPv6DstUnreachableMinimumSize = ICMPv6MinimumSize + + ICMPv6PacketTooBigMinimumSize = ICMPv6MinimumSize + + ICMPv6ChecksumOffset = 2 + + icmpv6PointerOffset = 4 + + icmpv6MTUOffset = 4 + + icmpv6IdentOffset = 4 + + icmpv6SequenceOffset = 6 + + NDPHopLimit = 255 +) + +type ICMPv6Type byte + +const ( + ICMPv6DstUnreachable ICMPv6Type = 1 + ICMPv6PacketTooBig ICMPv6Type = 2 + ICMPv6TimeExceeded ICMPv6Type = 3 + ICMPv6ParamProblem ICMPv6Type = 4 + ICMPv6EchoRequest ICMPv6Type = 128 + ICMPv6EchoReply ICMPv6Type = 129 + + ICMPv6RouterSolicit ICMPv6Type = 133 + ICMPv6RouterAdvert ICMPv6Type = 134 + ICMPv6NeighborSolicit ICMPv6Type = 135 + ICMPv6NeighborAdvert ICMPv6Type = 136 + ICMPv6RedirectMsg ICMPv6Type = 137 + + ICMPv6MulticastListenerQuery ICMPv6Type = 130 + ICMPv6MulticastListenerReport ICMPv6Type = 131 + ICMPv6MulticastListenerDone ICMPv6Type = 132 +) + +func (typ ICMPv6Type) IsErrorType() bool { + return typ&0x80 == 0 +} + +type ICMPv6Code byte + +const ( + ICMPv6NetworkUnreachable ICMPv6Code = 0 + ICMPv6Prohibited ICMPv6Code = 1 + ICMPv6BeyondScope ICMPv6Code = 2 + ICMPv6AddressUnreachable ICMPv6Code = 3 + ICMPv6PortUnreachable ICMPv6Code = 4 + ICMPv6Policy ICMPv6Code = 5 + ICMPv6RejectRoute ICMPv6Code = 6 +) + +const ( + ICMPv6HopLimitExceeded ICMPv6Code = 0 + ICMPv6ReassemblyTimeout ICMPv6Code = 1 +) + +const ( + ICMPv6ErroneousHeader ICMPv6Code = 0 + + ICMPv6UnknownHeader ICMPv6Code = 1 + + ICMPv6UnknownOption ICMPv6Code = 2 +) + +const ICMPv6UnusedCode ICMPv6Code = 0 + +func (b ICMPv6Packet) Type() ICMPv6Type { + return ICMPv6Type(b[0]) +} + +func (b ICMPv6Packet) SetType(t ICMPv6Type) { + b[0] = byte(t) +} + +func (b ICMPv6Packet) Code() ICMPv6Code { + return ICMPv6Code(b[1]) +} + +func (b ICMPv6Packet) SetCode(c ICMPv6Code) { + b[1] = byte(c) +} + +func (b ICMPv6Packet) TypeSpecific() uint32 { + return binary.BigEndian.Uint32(b[icmpv6PointerOffset:]) +} + +func (b ICMPv6Packet) SetTypeSpecific(val uint32) { + binary.BigEndian.PutUint32(b[icmpv6PointerOffset:], val) +} + +func (b ICMPv6Packet) Checksum() uint16 { + return binary.BigEndian.Uint16(b[ICMPv6ChecksumOffset:]) +} + +func (b ICMPv6Packet) SetChecksum(sum [2]byte) { + _ = b[ICMPv6ChecksumOffset+1] + b[ICMPv6ChecksumOffset] = sum[0] + b[ICMPv6ChecksumOffset+1] = sum[1] +} + +func (ICMPv6Packet) SourcePort() uint16 { + return 0 +} + +func (ICMPv6Packet) DestinationPort() uint16 { + return 0 +} + +func (ICMPv6Packet) SetSourcePort(uint16) { +} + +func (ICMPv6Packet) SetDestinationPort(uint16) { +} + +func (b ICMPv6Packet) MTU() uint32 { + return binary.BigEndian.Uint32(b[icmpv6MTUOffset:]) +} + +func (b ICMPv6Packet) SetMTU(mtu uint32) { + binary.BigEndian.PutUint32(b[icmpv6MTUOffset:], mtu) +} + +func (b ICMPv6Packet) Ident() uint16 { + return binary.BigEndian.Uint16(b[icmpv6IdentOffset:]) +} + +func (b ICMPv6Packet) SetIdent(ident uint16) { + binary.BigEndian.PutUint16(b[icmpv6IdentOffset:], ident) +} + +func (b ICMPv6Packet) Sequence() uint16 { + return binary.BigEndian.Uint16(b[icmpv6SequenceOffset:]) +} + +func (b ICMPv6Packet) SetSequence(sequence uint16) { + binary.BigEndian.PutUint16(b[icmpv6SequenceOffset:], sequence) +} + +func (b ICMPv6Packet) MessageBody() []byte { + return b[ICMPv6HeaderSize:] +} + +func (b ICMPv6Packet) Payload() []byte { + return b[ICMPv6PayloadOffset:] +} + +func (b ICMPv6Packet) ResetChecksum(psum uint32) { + b.SetChecksum(zeroChecksum) + b.SetChecksum(Checksum(psum, b)) +} diff --git a/listener/tun/ipstack/system/mars/tcpip/ip.go b/listener/tun/ipstack/system/mars/tcpip/ip.go new file mode 100644 index 00000000..1ca49d8d --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/ip.go @@ -0,0 +1,215 @@ +package tcpip + +import ( + "encoding/binary" + "errors" + "net/netip" +) + +type IPProtocol = byte + +type IP interface { + Payload() []byte + SourceIP() netip.Addr + DestinationIP() netip.Addr + SetSourceIP(ip netip.Addr) + SetDestinationIP(ip netip.Addr) + Protocol() IPProtocol + DecTimeToLive() + ResetChecksum() + PseudoSum() uint32 +} + +// IPProtocol type +const ( + ICMP IPProtocol = 0x01 + TCP IPProtocol = 0x06 + UDP IPProtocol = 0x11 + ICMPv6 IPProtocol = 0x3a +) + +const ( + FlagDontFragment = 1 << 1 + FlagMoreFragment = 1 << 2 +) + +const ( + IPv4HeaderSize = 20 + + IPv4Version = 4 + + IPv4OptionsOffset = 20 + IPv4PacketMinLength = IPv4OptionsOffset +) + +var ( + ErrInvalidLength = errors.New("invalid packet length") + ErrInvalidIPVersion = errors.New("invalid ip version") + ErrInvalidChecksum = errors.New("invalid checksum") +) + +type IPv4Packet []byte + +func (p IPv4Packet) TotalLen() uint16 { + return binary.BigEndian.Uint16(p[2:]) +} + +func (p IPv4Packet) SetTotalLength(length uint16) { + binary.BigEndian.PutUint16(p[2:], length) +} + +func (p IPv4Packet) HeaderLen() uint16 { + return uint16(p[0]&0xf) * 4 +} + +func (p IPv4Packet) SetHeaderLen(length uint16) { + p[0] &= 0xF0 + p[0] |= byte(length / 4) +} + +func (p IPv4Packet) TypeOfService() byte { + return p[1] +} + +func (p IPv4Packet) SetTypeOfService(tos byte) { + p[1] = tos +} + +func (p IPv4Packet) Identification() uint16 { + return binary.BigEndian.Uint16(p[4:]) +} + +func (p IPv4Packet) SetIdentification(id uint16) { + binary.BigEndian.PutUint16(p[4:], id) +} + +func (p IPv4Packet) FragmentOffset() uint16 { + return binary.BigEndian.Uint16([]byte{p[6] & 0x7, p[7]}) * 8 +} + +func (p IPv4Packet) SetFragmentOffset(offset uint32) { + flags := p.Flags() + binary.BigEndian.PutUint16(p[6:], uint16(offset/8)) + p.SetFlags(flags) +} + +func (p IPv4Packet) DataLen() uint16 { + return p.TotalLen() - p.HeaderLen() +} + +func (p IPv4Packet) Payload() []byte { + return p[p.HeaderLen():p.TotalLen()] +} + +func (p IPv4Packet) Protocol() IPProtocol { + return p[9] +} + +func (p IPv4Packet) SetProtocol(protocol IPProtocol) { + p[9] = protocol +} + +func (p IPv4Packet) Flags() byte { + return p[6] >> 5 +} + +func (p IPv4Packet) SetFlags(flags byte) { + p[6] &= 0x1F + p[6] |= flags << 5 +} + +func (p IPv4Packet) Offset() uint16 { + offset := binary.BigEndian.Uint16(p[6:8]) + + return (offset & 0x1fff) * 8 +} + +func (p IPv4Packet) SourceIP() netip.Addr { + return netip.AddrFrom4([4]byte{p[12], p[13], p[14], p[15]}) +} + +func (p IPv4Packet) SetSourceIP(ip netip.Addr) { + if ip.Is4() { + copy(p[12:16], ip.AsSlice()) + } +} + +func (p IPv4Packet) DestinationIP() netip.Addr { + return netip.AddrFrom4([4]byte{p[16], p[17], p[18], p[19]}) +} + +func (p IPv4Packet) SetDestinationIP(ip netip.Addr) { + if ip.Is4() { + copy(p[16:20], ip.AsSlice()) + } +} + +func (p IPv4Packet) Checksum() uint16 { + return binary.BigEndian.Uint16(p[10:]) +} + +func (p IPv4Packet) SetChecksum(sum [2]byte) { + p[10] = sum[0] + p[11] = sum[1] +} + +func (p IPv4Packet) TimeToLive() uint8 { + return p[8] +} + +func (p IPv4Packet) SetTimeToLive(ttl uint8) { + p[8] = ttl +} + +func (p IPv4Packet) DecTimeToLive() { + p[8] = p[8] - uint8(1) +} + +func (p IPv4Packet) ResetChecksum() { + p.SetChecksum(zeroChecksum) + p.SetChecksum(Checksum(0, p[:p.HeaderLen()])) +} + +// PseudoSum for tcp checksum +func (p IPv4Packet) PseudoSum() uint32 { + sum := Sum(p[12:20]) + sum += uint32(p.Protocol()) + sum += uint32(p.DataLen()) + return sum +} + +func (p IPv4Packet) Valid() bool { + return len(p) >= IPv4HeaderSize && uint16(len(p)) >= p.TotalLen() +} + +func (p IPv4Packet) Verify() error { + if len(p) < IPv4PacketMinLength { + return ErrInvalidLength + } + + checksum := []byte{p[10], p[11]} + headerLength := uint16(p[0]&0xF) * 4 + packetLength := binary.BigEndian.Uint16(p[2:]) + + if p[0]>>4 != 4 { + return ErrInvalidIPVersion + } + + if uint16(len(p)) < packetLength || packetLength < headerLength { + return ErrInvalidLength + } + + p[10] = 0 + p[11] = 0 + defer copy(p[10:12], checksum) + + answer := Checksum(0, p[:headerLength]) + + if answer[0] != checksum[0] || answer[1] != checksum[1] { + return ErrInvalidChecksum + } + + return nil +} + +var _ IP = (*IPv4Packet)(nil) diff --git a/listener/tun/ipstack/system/mars/tcpip/ipv6.go b/listener/tun/ipstack/system/mars/tcpip/ipv6.go new file mode 100644 index 00000000..fd7502d6 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/ipv6.go @@ -0,0 +1,141 @@ +package tcpip + +import ( + "encoding/binary" + "net/netip" +) + +const ( + versTCFL = 0 + + IPv6PayloadLenOffset = 4 + + IPv6NextHeaderOffset = 6 + hopLimit = 7 + v6SrcAddr = 8 + v6DstAddr = v6SrcAddr + IPv6AddressSize + + IPv6FixedHeaderSize = v6DstAddr + IPv6AddressSize +) + +const ( + versIHL = 0 + tos = 1 + ipVersionShift = 4 + ipIHLMask = 0x0f + IPv4IHLStride = 4 +) + +type IPv6Packet []byte + +const ( + IPv6MinimumSize = IPv6FixedHeaderSize + + IPv6AddressSize = 16 + + IPv6Version = 6 + + IPv6MinimumMTU = 1280 +) + +func (b IPv6Packet) PayloadLength() uint16 { + return binary.BigEndian.Uint16(b[IPv6PayloadLenOffset:]) +} + +func (b IPv6Packet) HopLimit() uint8 { + return b[hopLimit] +} + +func (b IPv6Packet) NextHeader() byte { + return b[IPv6NextHeaderOffset] +} + +func (b IPv6Packet) Protocol() IPProtocol { + return b.NextHeader() +} + +func (b IPv6Packet) Payload() []byte { + return b[IPv6MinimumSize:][:b.PayloadLength()] +} + +func (b IPv6Packet) SourceIP() netip.Addr { + addr, _ := netip.AddrFromSlice(b[v6SrcAddr:][:IPv6AddressSize]) + return addr +} + +func (b IPv6Packet) DestinationIP() netip.Addr { + addr, _ := netip.AddrFromSlice(b[v6DstAddr:][:IPv6AddressSize]) + return addr +} + +func (IPv6Packet) Checksum() uint16 { + return 0 +} + +func (b IPv6Packet) TOS() (uint8, uint32) { + v := binary.BigEndian.Uint32(b[versTCFL:]) + return uint8(v >> 20), v & 0xfffff +} + +func (b IPv6Packet) SetTOS(t uint8, l uint32) { + vtf := (6 << 28) | (uint32(t) << 20) | (l & 0xfffff) + binary.BigEndian.PutUint32(b[versTCFL:], vtf) +} + +func (b IPv6Packet) SetPayloadLength(payloadLength uint16) { + binary.BigEndian.PutUint16(b[IPv6PayloadLenOffset:], payloadLength) +} + +func (b IPv6Packet) SetSourceIP(addr netip.Addr) { + if addr.Is6() { + copy(b[v6SrcAddr:][:IPv6AddressSize], addr.AsSlice()) + } +} + +func (b IPv6Packet) SetDestinationIP(addr netip.Addr) { + if addr.Is6() { + copy(b[v6DstAddr:][:IPv6AddressSize], addr.AsSlice()) + } +} + +func (b IPv6Packet) SetHopLimit(v uint8) { + b[hopLimit] = v +} + +func (b IPv6Packet) SetNextHeader(v byte) { + b[IPv6NextHeaderOffset] = v +} + +func (b IPv6Packet) SetProtocol(p IPProtocol) { + b.SetNextHeader(p) +} + +func (b IPv6Packet) DecTimeToLive() { + b[hopLimit] = b[hopLimit] - uint8(1) +} + +func (IPv6Packet) SetChecksum(uint16) { +} + +func (IPv6Packet) ResetChecksum() { +} + +func (b IPv6Packet) PseudoSum() uint32 { + sum := Sum(b[v6SrcAddr:IPv6FixedHeaderSize]) + sum += uint32(b.Protocol()) + sum += uint32(b.PayloadLength()) + return sum +} + +func (b IPv6Packet) Valid() bool { + return len(b) >= IPv6MinimumSize && len(b) >= int(b.PayloadLength())+IPv6MinimumSize +} + +func IPVersion(b []byte) int { + if len(b) < versIHL+1 { + return -1 + } + return int(b[versIHL] >> ipVersionShift) +} + +var _ IP = (*IPv6Packet)(nil) diff --git a/listener/tun/ipstack/system/mars/tcpip/tcp.go b/listener/tun/ipstack/system/mars/tcpip/tcp.go new file mode 100644 index 00000000..d3d08878 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcp.go @@ -0,0 +1,90 @@ +package tcpip + +import ( + "encoding/binary" + "net" +) + +const ( + TCPFin uint16 = 1 << 0 + TCPSyn uint16 = 1 << 1 + TCPRst uint16 = 1 << 2 + TCPPuh uint16 = 1 << 3 + TCPAck uint16 = 1 << 4 + TCPUrg uint16 = 1 << 5 + TCPEce uint16 = 1 << 6 + TCPEwr uint16 = 1 << 7 + TCPNs uint16 = 1 << 8 +) + +const TCPHeaderSize = 20 + +type TCPPacket []byte + +func (p TCPPacket) SourcePort() uint16 { + return binary.BigEndian.Uint16(p) +} + +func (p TCPPacket) SetSourcePort(port uint16) { + binary.BigEndian.PutUint16(p, port) +} + +func (p TCPPacket) DestinationPort() uint16 { + return binary.BigEndian.Uint16(p[2:]) +} + +func (p TCPPacket) SetDestinationPort(port uint16) { + binary.BigEndian.PutUint16(p[2:], port) +} + +func (p TCPPacket) Flags() uint16 { + return uint16(p[13] | (p[12] & 0x1)) +} + +func (p TCPPacket) Checksum() uint16 { + return binary.BigEndian.Uint16(p[16:]) +} + +func (p TCPPacket) SetChecksum(sum [2]byte) { + p[16] = sum[0] + p[17] = sum[1] +} + +func (p TCPPacket) ResetChecksum(psum uint32) { + p.SetChecksum(zeroChecksum) + p.SetChecksum(Checksum(psum, p)) +} + +func (p TCPPacket) Valid() bool { + return len(p) >= TCPHeaderSize +} + +func (p TCPPacket) Verify(sourceAddress net.IP, targetAddress net.IP) error { + var checksum [2]byte + checksum[0] = p[16] + checksum[1] = p[17] + + // reset checksum + p[16] = 0 + p[17] = 0 + + // restore checksum + defer func() { + p[16] = checksum[0] + p[17] = checksum[1] + }() + + // check checksum + s := uint32(0) + s += Sum(sourceAddress) + s += Sum(targetAddress) + s += uint32(TCP) + s += uint32(len(p)) + + check := Checksum(s, p) + if checksum[0] != check[0] || checksum[1] != check[1] { + return ErrInvalidChecksum + } + + return nil +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip.go b/listener/tun/ipstack/system/mars/tcpip/tcpip.go new file mode 100644 index 00000000..87811ea2 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip.go @@ -0,0 +1,24 @@ +package tcpip + +var zeroChecksum = [2]byte{0x00, 0x00} + +var SumFnc = SumCompat + +func Sum(b []byte) uint32 { + return SumFnc(b) +} + +// Checksum for Internet Protocol family headers +func Checksum(sum uint32, b []byte) (answer [2]byte) { + sum += Sum(b) + sum = (sum >> 16) + (sum & 0xffff) + sum += sum >> 16 + sum = ^sum + answer[0] = byte(sum >> 8) + answer[1] = byte(sum) + return +} + +func SetIPv4(packet []byte) { + packet[0] = (packet[0] & 0x0f) | (4 << 4) +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64.go b/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64.go new file mode 100644 index 00000000..c7d5dcaa --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64.go @@ -0,0 +1,26 @@ +//go:build !noasm + +package tcpip + +import ( + "unsafe" + + "golang.org/x/sys/cpu" +) + +//go:noescape +func sumAsmAvx2(data unsafe.Pointer, length uintptr) uintptr + +func SumAVX2(data []byte) uint32 { + if len(data) == 0 { + return 0 + } + + return uint32(sumAsmAvx2(unsafe.Pointer(&data[0]), uintptr(len(data)))) +} + +func init() { + if cpu.X86.HasAVX2 { + SumFnc = SumAVX2 + } +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64.s b/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64.s new file mode 100644 index 00000000..100820ba --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64.s @@ -0,0 +1,140 @@ +#include "textflag.h" + +DATA endian_swap_mask<>+0(SB)/8, $0x607040502030001 +DATA endian_swap_mask<>+8(SB)/8, $0xE0F0C0D0A0B0809 +DATA endian_swap_mask<>+16(SB)/8, $0x607040502030001 +DATA endian_swap_mask<>+24(SB)/8, $0xE0F0C0D0A0B0809 +GLOBL endian_swap_mask<>(SB), RODATA, $32 + +// func sumAsmAvx2(data unsafe.Pointer, length uintptr) uintptr +// +// args (8 bytes aligned): +// data unsafe.Pointer - 8 bytes - 0 offset +// length uintptr - 8 bytes - 8 offset +// result uintptr - 8 bytes - 16 offset +#define PDATA AX +#define LENGTH CX +#define RESULT BX +TEXT ·sumAsmAvx2(SB),NOSPLIT,$0-24 + MOVQ data+0(FP), PDATA + MOVQ length+8(FP), LENGTH + XORQ RESULT, RESULT + +#define VSUM Y0 +#define ENDIAN_SWAP_MASK Y1 +BEGIN: + VMOVDQU endian_swap_mask<>(SB), ENDIAN_SWAP_MASK + VPXOR VSUM, VSUM, VSUM + +#define LOADED_0 Y2 +#define LOADED_1 Y3 +#define LOADED_2 Y4 +#define LOADED_3 Y5 +BATCH_64: + CMPQ LENGTH, $64 + JB BATCH_32 + VPMOVZXWD (PDATA), LOADED_0 + VPMOVZXWD 16(PDATA), LOADED_1 + VPMOVZXWD 32(PDATA), LOADED_2 + VPMOVZXWD 48(PDATA), LOADED_3 + VPSHUFB ENDIAN_SWAP_MASK, LOADED_0, LOADED_0 + VPSHUFB ENDIAN_SWAP_MASK, LOADED_1, LOADED_1 + VPSHUFB ENDIAN_SWAP_MASK, LOADED_2, LOADED_2 + VPSHUFB ENDIAN_SWAP_MASK, LOADED_3, LOADED_3 + VPADDD LOADED_0, VSUM, VSUM + VPADDD LOADED_1, VSUM, VSUM + VPADDD LOADED_2, VSUM, VSUM + VPADDD LOADED_3, VSUM, VSUM + ADDQ $-64, LENGTH + ADDQ $64, PDATA + JMP BATCH_64 +#undef LOADED_0 +#undef LOADED_1 +#undef LOADED_2 +#undef LOADED_3 + +#define LOADED_0 Y2 +#define LOADED_1 Y3 +BATCH_32: + CMPQ LENGTH, $32 + JB BATCH_16 + VPMOVZXWD (PDATA), LOADED_0 + VPMOVZXWD 16(PDATA), LOADED_1 + VPSHUFB ENDIAN_SWAP_MASK, LOADED_0, LOADED_0 + VPSHUFB ENDIAN_SWAP_MASK, LOADED_1, LOADED_1 + VPADDD LOADED_0, VSUM, VSUM + VPADDD LOADED_1, VSUM, VSUM + ADDQ $-32, LENGTH + ADDQ $32, PDATA + JMP BATCH_32 +#undef LOADED_0 +#undef LOADED_1 + +#define LOADED Y2 +BATCH_16: + CMPQ LENGTH, $16 + JB COLLECT + VPMOVZXWD (PDATA), LOADED + VPSHUFB ENDIAN_SWAP_MASK, LOADED, LOADED + VPADDD LOADED, VSUM, VSUM + ADDQ $-16, LENGTH + ADDQ $16, PDATA + JMP BATCH_16 +#undef LOADED + +#define EXTRACTED Y2 +#define EXTRACTED_128 X2 +#define TEMP_64 DX +COLLECT: + VEXTRACTI128 $0, VSUM, EXTRACTED_128 + VPEXTRD $0, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VPEXTRD $1, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VPEXTRD $2, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VPEXTRD $3, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VEXTRACTI128 $1, VSUM, EXTRACTED_128 + VPEXTRD $0, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VPEXTRD $1, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VPEXTRD $2, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT + VPEXTRD $3, EXTRACTED_128, TEMP_64 + ADDL TEMP_64, RESULT +#undef EXTRACTED +#undef EXTRACTED_128 +#undef TEMP_64 + +#define TEMP DX +#define TEMP2 SI +BATCH_2: + CMPQ LENGTH, $2 + JB BATCH_1 + XORQ TEMP, TEMP + MOVW (PDATA), TEMP + MOVQ TEMP, TEMP2 + SHRW $8, TEMP2 + SHLW $8, TEMP + ORW TEMP2, TEMP + ADDL TEMP, RESULT + ADDQ $-2, LENGTH + ADDQ $2, PDATA + JMP BATCH_2 +#undef TEMP + +#define TEMP DX +BATCH_1: + CMPQ LENGTH, $0 + JZ RETURN + XORQ TEMP, TEMP + MOVB (PDATA), TEMP + SHLW $8, TEMP + ADDL TEMP, RESULT +#undef TEMP + +RETURN: + MOVQ RESULT, result+16(FP) + RET diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64_test.go b/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64_test.go new file mode 100644 index 00000000..7133845a --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_amd64_test.go @@ -0,0 +1,51 @@ +package tcpip + +import ( + "crypto/rand" + "testing" + + "golang.org/x/sys/cpu" +) + +func Test_SumAVX2(t *testing.T) { + if !cpu.X86.HasAVX2 { + t.Skipf("AVX2 unavailable") + } + + bytes := make([]byte, chunkSize) + + for size := 0; size <= chunkSize; size++ { + for count := 0; count < chunkCount; count++ { + _, err := rand.Reader.Read(bytes[:size]) + if err != nil { + t.Skipf("Rand read failed: %v", err) + } + + compat := SumCompat(bytes[:size]) + avx := SumAVX2(bytes[:size]) + + if compat != avx { + t.Errorf("Sum of length=%d mismatched", size) + } + } + } +} + +func Benchmark_SumAVX2(b *testing.B) { + if !cpu.X86.HasAVX2 { + b.Skipf("AVX2 unavailable") + } + + bytes := make([]byte, chunkSize) + + _, err := rand.Reader.Read(bytes) + if err != nil { + b.Skipf("Rand read failed: %v", err) + } + + b.ResetTimer() + + for i := 0; i < b.N; i++ { + SumAVX2(bytes) + } +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64.go b/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64.go new file mode 100644 index 00000000..c16c8fac --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64.go @@ -0,0 +1,24 @@ +package tcpip + +import ( + "unsafe" + + "golang.org/x/sys/cpu" +) + +//go:noescape +func sumAsmNeon(data unsafe.Pointer, length uintptr) uintptr + +func SumNeon(data []byte) uint32 { + if len(data) == 0 { + return 0 + } + + return uint32(sumAsmNeon(unsafe.Pointer(&data[0]), uintptr(len(data)))) +} + +func init() { + if cpu.ARM64.HasASIMD { + SumFnc = SumNeon + } +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64.s b/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64.s new file mode 100644 index 00000000..f6d57cf0 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64.s @@ -0,0 +1,118 @@ +#include "textflag.h" + +// func sumAsmNeon(data unsafe.Pointer, length uintptr) uintptr +// +// args (8 bytes aligned): +// data unsafe.Pointer - 8 bytes - 0 offset +// length uintptr - 8 bytes - 8 offset +// result uintptr - 8 bytes - 16 offset +#define PDATA R0 +#define LENGTH R1 +#define RESULT R2 +#define VSUM V0 +TEXT ·sumAsmNeon(SB),NOSPLIT,$0-24 + MOVD data+0(FP), PDATA + MOVD length+8(FP), LENGTH + MOVD $0, RESULT + VMOVQ $0, $0, VSUM + +#define LOADED_0 V1 +#define LOADED_1 V2 +#define LOADED_2 V3 +#define LOADED_3 V4 +BATCH_32: + CMP $32, LENGTH + BLO BATCH_16 + VLD1 (PDATA), [LOADED_0.B8, LOADED_1.B8, LOADED_2.B8, LOADED_3.B8] + VREV16 LOADED_0.B8, LOADED_0.B8 + VREV16 LOADED_1.B8, LOADED_1.B8 + VREV16 LOADED_2.B8, LOADED_2.B8 + VREV16 LOADED_3.B8, LOADED_3.B8 + VUSHLL $0, LOADED_0.H4, LOADED_0.S4 + VUSHLL $0, LOADED_1.H4, LOADED_1.S4 + VUSHLL $0, LOADED_2.H4, LOADED_2.S4 + VUSHLL $0, LOADED_3.H4, LOADED_3.S4 + VADD LOADED_0.S4, VSUM.S4, VSUM.S4 + VADD LOADED_1.S4, VSUM.S4, VSUM.S4 + VADD LOADED_2.S4, VSUM.S4, VSUM.S4 + VADD LOADED_3.S4, VSUM.S4, VSUM.S4 + ADD $-32, LENGTH + ADD $32, PDATA + B BATCH_32 +#undef LOADED_0 +#undef LOADED_1 +#undef LOADED_2 +#undef LOADED_3 + +#define LOADED_0 V1 +#define LOADED_1 V2 +BATCH_16: + CMP $16, LENGTH + BLO BATCH_8 + VLD1 (PDATA), [LOADED_0.B8, LOADED_1.B8] + VREV16 LOADED_0.B8, LOADED_0.B8 + VREV16 LOADED_1.B8, LOADED_1.B8 + VUSHLL $0, LOADED_0.H4, LOADED_0.S4 + VUSHLL $0, LOADED_1.H4, LOADED_1.S4 + VADD LOADED_0.S4, VSUM.S4, VSUM.S4 + VADD LOADED_1.S4, VSUM.S4, VSUM.S4 + ADD $-16, LENGTH + ADD $16, PDATA + B BATCH_16 +#undef LOADED_0 +#undef LOADED_1 + +#define LOADED_0 V1 +BATCH_8: + CMP $8, LENGTH + BLO BATCH_2 + VLD1 (PDATA), [LOADED_0.B8] + VREV16 LOADED_0.B8, LOADED_0.B8 + VUSHLL $0, LOADED_0.H4, LOADED_0.S4 + VADD LOADED_0.S4, VSUM.S4, VSUM.S4 + ADD $-8, LENGTH + ADD $8, PDATA + B BATCH_8 +#undef LOADED_0 + +#define LOADED_L R3 +#define LOADED_H R4 +BATCH_2: + CMP $2, LENGTH + BLO BATCH_1 + MOVBU (PDATA), LOADED_H + MOVBU 1(PDATA), LOADED_L + LSL $8, LOADED_H + ORR LOADED_H, LOADED_L, LOADED_L + ADD LOADED_L, RESULT, RESULT + ADD $2, PDATA + ADD $-2, LENGTH + B BATCH_2 +#undef LOADED_H +#undef LOADED_L + +#define LOADED R3 +BATCH_1: + CMP $1, LENGTH + BLO COLLECT + MOVBU (PDATA), LOADED + LSL $8, LOADED + ADD LOADED, RESULT, RESULT + +#define EXTRACTED R3 +COLLECT: + VMOV VSUM.S[0], EXTRACTED + ADD EXTRACTED, RESULT + VMOV VSUM.S[1], EXTRACTED + ADD EXTRACTED, RESULT + VMOV VSUM.S[2], EXTRACTED + ADD EXTRACTED, RESULT + VMOV VSUM.S[3], EXTRACTED + ADD EXTRACTED, RESULT +#undef VSUM +#undef PDATA +#undef LENGTH + +RETURN: + MOVD RESULT, result+16(FP) + RET diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64_test.go b/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64_test.go new file mode 100644 index 00000000..131a8266 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_arm64_test.go @@ -0,0 +1,51 @@ +package tcpip + +import ( + "crypto/rand" + "testing" + + "golang.org/x/sys/cpu" +) + +func Test_SumNeon(t *testing.T) { + if !cpu.ARM64.HasASIMD { + t.Skipf("Neon unavailable") + } + + bytes := make([]byte, chunkSize) + + for size := 0; size <= chunkSize; size++ { + for count := 0; count < chunkCount; count++ { + _, err := rand.Reader.Read(bytes[:size]) + if err != nil { + t.Skipf("Rand read failed: %v", err) + } + + compat := SumCompat(bytes[:size]) + neon := sumNeon(bytes[:size]) + + if compat != neon { + t.Errorf("Sum of length=%d mismatched", size) + } + } + } +} + +func Benchmark_SumNeon(b *testing.B) { + if !cpu.ARM64.HasASIMD { + b.Skipf("Neon unavailable") + } + + bytes := make([]byte, chunkSize) + + _, err := rand.Reader.Read(bytes) + if err != nil { + b.Skipf("Rand read failed: %v", err) + } + + b.ResetTimer() + + for i := 0; i < b.N; i++ { + sumNeon(bytes) + } +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_compat.go b/listener/tun/ipstack/system/mars/tcpip/tcpip_compat.go new file mode 100644 index 00000000..0b9dbb01 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_compat.go @@ -0,0 +1,14 @@ +package tcpip + +func SumCompat(b []byte) (sum uint32) { + n := len(b) + if n&1 != 0 { + n-- + sum += uint32(b[n]) << 8 + } + + for i := 0; i < n; i += 2 { + sum += (uint32(b[i]) << 8) | uint32(b[i+1]) + } + return +} diff --git a/listener/tun/ipstack/system/mars/tcpip/tcpip_compat_test.go b/listener/tun/ipstack/system/mars/tcpip/tcpip_compat_test.go new file mode 100644 index 00000000..f8595aa5 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/tcpip_compat_test.go @@ -0,0 +1,26 @@ +package tcpip + +import ( + "crypto/rand" + "testing" +) + +const ( + chunkSize = 9000 + chunkCount = 10 +) + +func Benchmark_SumCompat(b *testing.B) { + bytes := make([]byte, chunkSize) + + _, err := rand.Reader.Read(bytes) + if err != nil { + b.Skipf("Rand read failed: %v", err) + } + + b.ResetTimer() + + for i := 0; i < b.N; i++ { + SumCompat(bytes) + } +} diff --git a/listener/tun/ipstack/system/mars/tcpip/udp.go b/listener/tun/ipstack/system/mars/tcpip/udp.go new file mode 100644 index 00000000..d2cb7f46 --- /dev/null +++ b/listener/tun/ipstack/system/mars/tcpip/udp.go @@ -0,0 +1,55 @@ +package tcpip + +import ( + "encoding/binary" +) + +const UDPHeaderSize = 8 + +type UDPPacket []byte + +func (p UDPPacket) Length() uint16 { + return binary.BigEndian.Uint16(p[4:]) +} + +func (p UDPPacket) SetLength(length uint16) { + binary.BigEndian.PutUint16(p[4:], length) +} + +func (p UDPPacket) SourcePort() uint16 { + return binary.BigEndian.Uint16(p) +} + +func (p UDPPacket) SetSourcePort(port uint16) { + binary.BigEndian.PutUint16(p, port) +} + +func (p UDPPacket) DestinationPort() uint16 { + return binary.BigEndian.Uint16(p[2:]) +} + +func (p UDPPacket) SetDestinationPort(port uint16) { + binary.BigEndian.PutUint16(p[2:], port) +} + +func (p UDPPacket) Payload() []byte { + return p[UDPHeaderSize:p.Length()] +} + +func (p UDPPacket) Checksum() uint16 { + return binary.BigEndian.Uint16(p[6:]) +} + +func (p UDPPacket) SetChecksum(sum [2]byte) { + p[6] = sum[0] + p[7] = sum[1] +} + +func (p UDPPacket) ResetChecksum(psum uint32) { + p.SetChecksum(zeroChecksum) + p.SetChecksum(Checksum(psum, p)) +} + +func (p UDPPacket) Valid() bool { + return len(p) >= UDPHeaderSize && uint16(len(p)) >= p.Length() +} diff --git a/listener/tun/ipstack/system/stack.go b/listener/tun/ipstack/system/stack.go new file mode 100644 index 00000000..01e4c952 --- /dev/null +++ b/listener/tun/ipstack/system/stack.go @@ -0,0 +1,204 @@ +package system + +import ( + "encoding/binary" + "io" + "net" + "net/netip" + "runtime" + "strconv" + "time" + + "github.com/Dreamacro/clash/adapter/inbound" + "github.com/Dreamacro/clash/common/pool" + C "github.com/Dreamacro/clash/constant" + "github.com/Dreamacro/clash/context" + "github.com/Dreamacro/clash/listener/tun/device" + "github.com/Dreamacro/clash/listener/tun/ipstack" + D "github.com/Dreamacro/clash/listener/tun/ipstack/commons" + "github.com/Dreamacro/clash/listener/tun/ipstack/system/mars" + "github.com/Dreamacro/clash/log" + "github.com/Dreamacro/clash/transport/socks5" +) + +type sysStack struct { + stack io.Closer + device device.Device +} + +func (s sysStack) Close() error { + if s.stack != nil { + _ = s.stack.Close() + } + if s.device != nil { + _ = s.device.Close() + } + return nil +} + +var ipv4LoopBack = netip.MustParsePrefix("127.0.0.0/8") + +func New(device device.Device, dnsHijack []netip.AddrPort, tunAddress netip.Prefix, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.Stack, error) { + var ( + gateway = tunAddress.Masked().Addr().Next() + portal = gateway.Next() + ) + + stack, err := mars.StartListener(device, gateway, portal) + if err != nil { + _ = device.Close() + + return nil, err + } + + dnsAddr := dnsHijack + + tcp := func() { + defer stack.TCP().Close() + defer log.Debugln("TCP: closed") + + for stack.TCP().SetDeadline(time.Time{}) == nil { + conn, err := stack.TCP().Accept() + if err != nil { + log.Debugln("Accept connection: %v", err) + + continue + } + + lAddr := conn.LocalAddr().(*net.TCPAddr) + rAddr := conn.RemoteAddr().(*net.TCPAddr) + + rAddrIp, _ := netip.AddrFromSlice(rAddr.IP) + rAddrPort := netip.AddrPortFrom(rAddrIp, uint16(rAddr.Port)) + + if ipv4LoopBack.Contains(rAddrIp) { + conn.Close() + + continue + } + + if D.ShouldHijackDns(dnsAddr, rAddrPort) { + go func() { + log.Debugln("[TUN] hijack dns tcp: %s", rAddrPort.String()) + + defer conn.Close() + + buf := pool.Get(pool.UDPBufferSize) + defer pool.Put(buf) + + for { + conn.SetReadDeadline(time.Now().Add(C.DefaultTCPTimeout)) + + length := uint16(0) + if err := binary.Read(conn, binary.BigEndian, &length); err != nil { + break + } + + if int(length) > len(buf) { + break + } + + n, err := conn.Read(buf[:length]) + if err != nil { + break + } + + msg, err := D.RelayDnsPacket(buf[:n]) + if err != nil { + break + } + + _, _ = conn.Write(msg) + } + }() + + continue + } + + metadata := &C.Metadata{ + NetWork: C.TCP, + Type: C.TUN, + SrcIP: lAddr.IP, + DstIP: rAddr.IP, + SrcPort: strconv.Itoa(lAddr.Port), + DstPort: strconv.Itoa(rAddr.Port), + AddrType: C.AtypIPv4, + Host: "", + } + + tcpIn <- context.NewConnContext(conn, metadata) + } + } + + udp := func() { + defer stack.UDP().Close() + defer log.Debugln("UDP: closed") + + for { + buf := pool.Get(pool.UDPBufferSize) + + n, lRAddr, rRAddr, err := stack.UDP().ReadFrom(buf) + if err != nil { + return + } + + raw := buf[:n] + lAddr := lRAddr.(*net.UDPAddr) + rAddr := rRAddr.(*net.UDPAddr) + + rAddrIp, _ := netip.AddrFromSlice(rAddr.IP) + rAddrPort := netip.AddrPortFrom(rAddrIp, uint16(rAddr.Port)) + + if ipv4LoopBack.Contains(rAddrIp) { + pool.Put(buf) + + continue + } + + if D.ShouldHijackDns(dnsAddr, rAddrPort) { + go func() { + defer pool.Put(buf) + + msg, err := D.RelayDnsPacket(raw) + if err != nil { + return + } + + _, _ = stack.UDP().WriteTo(msg, rAddr, lAddr) + + log.Debugln("[TUN] hijack dns udp: %s", rAddrPort.String()) + }() + + continue + } + + pkt := &packet{ + local: lAddr, + data: raw, + writeBack: func(b []byte, addr net.Addr) (int, error) { + return stack.UDP().WriteTo(b, addr, lAddr) + }, + drop: func() { + pool.Put(buf) + }, + } + + select { + case udpIn <- inbound.NewPacket(socks5.ParseAddrToSocksAddr(rAddr), pkt, C.TUN): + default: + } + } + } + + go tcp() + + numUDPWorkers := 4 + if num := runtime.GOMAXPROCS(0); num > numUDPWorkers { + numUDPWorkers = num + } + for i := 0; i < numUDPWorkers; i++ { + go udp() + } + + return &sysStack{stack: stack, device: device}, nil +} diff --git a/listener/tun/ipstack/system/tcp.go b/listener/tun/ipstack/system/tcp.go deleted file mode 100644 index f52f7268..00000000 --- a/listener/tun/ipstack/system/tcp.go +++ /dev/null @@ -1,46 +0,0 @@ -package system - -import ( - "net" - "strconv" - - "github.com/kr328/tun2socket/binding" - - C "github.com/Dreamacro/clash/constant" - "github.com/Dreamacro/clash/context" -) - -func handleTCP(conn net.Conn, endpoint *binding.Endpoint, tcpIn chan<- C.ConnContext) { - src := &net.TCPAddr{ - IP: endpoint.Source.IP, - Port: int(endpoint.Source.Port), - Zone: "", - } - - dst := &net.TCPAddr{ - IP: endpoint.Target.IP, - Port: int(endpoint.Target.Port), - Zone: "", - } - - addrType := C.AtypIPv4 - if dst.IP.To4() == nil { - addrType = C.AtypIPv6 - } - - metadata := &C.Metadata{ - NetWork: C.TCP, - Type: C.TUN, - SrcIP: src.IP, - DstIP: dst.IP, - SrcPort: strconv.Itoa(src.Port), - DstPort: strconv.Itoa(dst.Port), - AddrType: addrType, - Host: "", - } - - //if c, ok := conn.(*net.TCPConn); ok { - // c.SetKeepAlive(true) - //} - tcpIn <- context.NewConnContext(conn, metadata) -} diff --git a/listener/tun/ipstack/system/tun.go b/listener/tun/ipstack/system/tun.go deleted file mode 100644 index ede3f34a..00000000 --- a/listener/tun/ipstack/system/tun.go +++ /dev/null @@ -1,116 +0,0 @@ -package system - -import ( - "net" - "strconv" - "sync" - - "github.com/Dreamacro/clash/adapter/inbound" - "github.com/Dreamacro/clash/config" - C "github.com/Dreamacro/clash/constant" - "github.com/Dreamacro/clash/listener/tun/dev" - "github.com/Dreamacro/clash/listener/tun/ipstack" - "github.com/Dreamacro/clash/log" - "github.com/kr328/tun2socket" - "github.com/kr328/tun2socket/binding" - "github.com/kr328/tun2socket/redirect" -) - -type systemAdapter struct { - device dev.TunDevice - tun *tun2socket.Tun2Socket - lock sync.Mutex - stackName string - dnsHackjack []string - autoRoute bool -} - -func NewAdapter(device dev.TunDevice, conf config.Tun, mtu int, gateway, mirror string, onStop func(), tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.TunAdapter, error) { - adapter := &systemAdapter{ - device: device, - stackName: conf.Stack, - dnsHackjack: conf.DnsHijack, - autoRoute: conf.AutoRoute, - } - - adapter.lock.Lock() - defer adapter.lock.Unlock() - - dnsHost, dnsPort, err := net.SplitHostPort(conf.DnsHijack[0]) - if err != nil { - return nil, err - } - - dnsP, err := strconv.Atoi(dnsPort) - if err != nil { - return nil, err - } - - dnsAddr := binding.Address{ - IP: net.ParseIP(dnsHost), - Port: uint16(dnsP), - } - - t := tun2socket.NewTun2Socket(device, mtu, net.ParseIP(gateway), net.ParseIP(mirror)) - - t.SetAllocator(allocUDP) - t.SetClosedHandler(onStop) - t.SetLogger(&logger{}) - - t.SetTCPHandler(func(conn net.Conn, endpoint *binding.Endpoint) { - if shouldHijackDns(dnsAddr, endpoint.Target) { - hijackTCPDns(conn) - log.Debugln("[TUN] hijack dns tcp: %s:%d", endpoint.Target.IP.String(), endpoint.Target.Port) - return - } - - handleTCP(conn, endpoint, tcpIn) - }) - t.SetUDPHandler(func(payload []byte, endpoint *binding.Endpoint, sender redirect.UDPSender) { - if shouldHijackDns(dnsAddr, endpoint.Target) { - hijackUDPDns(payload, endpoint, sender) - log.Debugln("[TUN] hijack dns udp: %s:%d", endpoint.Target.IP.String(), endpoint.Target.Port) - return - } - - handleUDP(payload, endpoint, sender, udpIn) - }) - - t.Start() - - adapter.tun = t - - return adapter, nil -} - -func (t *systemAdapter) Stack() string { - return t.stackName -} - -func (t *systemAdapter) AutoRoute() bool { - return t.autoRoute -} - -func (t *systemAdapter) DnsHijack() []string { - return t.dnsHackjack -} - -func (t *systemAdapter) Close() { - t.lock.Lock() - defer t.lock.Unlock() - - t.stopLocked() -} - -func (t *systemAdapter) stopLocked() { - if t.tun != nil { - t.tun.Close() - } - - if t.device != nil { - _ = t.device.Close() - } - - t.tun = nil - t.device = nil -} diff --git a/listener/tun/ipstack/system/udp.go b/listener/tun/ipstack/system/udp.go index afb99174..cb2761e8 100644 --- a/listener/tun/ipstack/system/udp.go +++ b/listener/tun/ipstack/system/udp.go @@ -1,74 +1,26 @@ package system -import ( - "io" - "net" +import "net" - "github.com/Dreamacro/clash/adapter/inbound" - "github.com/Dreamacro/clash/common/pool" - C "github.com/Dreamacro/clash/constant" - "github.com/Dreamacro/clash/transport/socks5" - "github.com/kr328/tun2socket/binding" - "github.com/kr328/tun2socket/redirect" -) - -type udpPacket struct { - source binding.Address - data []byte - send redirect.UDPSender +type packet struct { + local *net.UDPAddr + data []byte + writeBack func(b []byte, addr net.Addr) (int, error) + drop func() } -func (u *udpPacket) Data() []byte { - return u.data +func (pkt *packet) Data() []byte { + return pkt.data } -func (u *udpPacket) WriteBack(b []byte, addr net.Addr) (n int, err error) { - uAddr, ok := addr.(*net.UDPAddr) - if !ok { - return 0, io.ErrClosedPipe - } - - return len(b), u.send(b, &binding.Endpoint{ - Source: binding.Address{IP: uAddr.IP, Port: uint16(uAddr.Port)}, - Target: u.source, - }) +func (pkt *packet) WriteBack(b []byte, addr net.Addr) (n int, err error) { + return pkt.writeBack(b, addr) } -func (u *udpPacket) Drop() { - recycleUDP(u.data) +func (pkt *packet) Drop() { + pkt.drop() } -func (u *udpPacket) LocalAddr() net.Addr { - return &net.UDPAddr{ - IP: u.source.IP, - Port: int(u.source.Port), - Zone: "", - } -} - -func handleUDP(payload []byte, endpoint *binding.Endpoint, sender redirect.UDPSender, udpIn chan<- *inbound.PacketAdapter) { - pkt := &udpPacket{ - source: endpoint.Source, - data: payload, - send: sender, - } - - rAddr := &net.UDPAddr{ - IP: endpoint.Target.IP, - Port: int(endpoint.Target.Port), - Zone: "", - } - - select { - case udpIn <- inbound.NewPacket(socks5.ParseAddrToSocksAddr(rAddr), pkt, C.TUN): - default: - } -} - -func allocUDP(size int) []byte { - return pool.Get(size) -} - -func recycleUDP(payload []byte) { - _ = pool.Put(payload) +func (pkt *packet) LocalAddr() net.Addr { + return pkt.local } diff --git a/listener/tun/tun_adapter.go b/listener/tun/tun_adapter.go index 882eaabe..b60ae583 100644 --- a/listener/tun/tun_adapter.go +++ b/listener/tun/tun_adapter.go @@ -1,29 +1,55 @@ package tun import ( - "errors" "fmt" + "net/netip" + "net/url" + "runtime" "strings" "time" "github.com/Dreamacro/clash/adapter/inbound" + "github.com/Dreamacro/clash/common/cmd" + "github.com/Dreamacro/clash/component/process" "github.com/Dreamacro/clash/config" C "github.com/Dreamacro/clash/constant" - "github.com/Dreamacro/clash/listener/tun/dev" + "github.com/Dreamacro/clash/listener/tun/device" + "github.com/Dreamacro/clash/listener/tun/device/fdbased" + "github.com/Dreamacro/clash/listener/tun/device/tun" "github.com/Dreamacro/clash/listener/tun/ipstack" + "github.com/Dreamacro/clash/listener/tun/ipstack/commons" "github.com/Dreamacro/clash/listener/tun/ipstack/gvisor" "github.com/Dreamacro/clash/listener/tun/ipstack/system" "github.com/Dreamacro/clash/log" ) -// New create TunAdapter -func New(conf config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.TunAdapter, error) { - tunAddress := "198.18.0.1" - autoRoute := conf.AutoRoute - stack := conf.Stack - var tunAdapter ipstack.TunAdapter +// New TunAdapter +func New(tunConf *config.Tun, tunAddressPrefix string, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.PacketAdapter) (ipstack.Stack, error) { + var ( + tunAddress = netip.MustParsePrefix(tunAddressPrefix) + devName = tunConf.Device + stackType = tunConf.Stack + autoRoute = tunConf.AutoRoute + mtu = 9000 - device, err := dev.OpenTunDevice(tunAddress, autoRoute) + tunDevice device.Device + tunStack ipstack.Stack + + err error + ) + + if devName == "" { + devName = generateDeviceName() + } + + if !tunAddress.IsValid() || !tunAddress.Addr().Is4() { + tunAddress = netip.MustParsePrefix("198.18.0.1/16") + } + + process.AppendLocalIPs(tunAddress.Masked().Addr().Next().AsSlice()) + + // open tun device + tunDevice, err = parseDevice(devName, uint32(mtu)) if err != nil { for i := 1; i < 3; i++ { time.Sleep(time.Second * 1) @@ -32,31 +58,117 @@ func New(conf config.Tun, tcpIn chan<- C.ConnContext, udpIn chan<- *inbound.Pack break } } - if err != nil { - return nil, fmt.Errorf("can't open tun: %v", err) + return nil, fmt.Errorf("can't open tun: %w", err) } } - mtu, err := device.MTU() - if err != nil { - _ = device.Close() - return nil, errors.New("unable to get device mtu") + // new ip stack + switch stackType { + case C.TunGvisor: + err = tunDevice.UseEndpoint() + if err != nil { + _ = tunDevice.Close() + return nil, fmt.Errorf("can't attach endpoint to tun: %w", err) + } + + tunStack, err = gvisor.New(tunDevice, + &gvisor.GVHandler{ + DNSAdds: tunConf.DNSHijack, + TCPIn: tcpIn, UDPIn: udpIn, + }, + gvisor.WithDefault(), + ) + + if err != nil { + _ = tunDevice.Close() + return nil, fmt.Errorf("can't New gvisor stack: %w", err) + } + case C.TunSystem: + err = tunDevice.UseIOBased() + if err != nil { + _ = tunDevice.Close() + return nil, fmt.Errorf("can't New system stack: %w", err) + } + + tunStack, err = system.New(tunDevice, tunConf.DNSHijack, tunAddress, tcpIn, udpIn) + if err != nil { + _ = tunDevice.Close() + return nil, fmt.Errorf("can't New system stack: %w", err) + } + default: + // never happen } - if strings.EqualFold(stack, "system") { - tunAdapter, err = system.NewAdapter(device, conf, mtu, tunAddress, tunAddress, func() {}, tcpIn, udpIn) - } else if strings.EqualFold(stack, "gvisor") { - tunAdapter, err = gvisor.NewAdapter(device, conf, tcpIn, udpIn) - } else { - err = fmt.Errorf("can not support tun ip stack: %s, only support \"lwip\" \"system\" and \"gvisor\"", stack) + // setting address and routing + err = commons.ConfigInterfaceAddress(tunDevice, tunAddress, mtu, autoRoute) + if err != nil { + _ = tunDevice.Close() + return nil, fmt.Errorf("setting interface address and routing failed: %w", err) } + setAtLatest(stackType, devName) + + log.Infoln("TUN stack listening at: %s(%s), mtu: %d, auto route: %v, ip stack: %s", tunDevice.Name(), tunAddress.Masked().Addr().Next().String(), mtu, autoRoute, stackType) + return tunStack, nil +} + +func generateDeviceName() string { + switch runtime.GOOS { + case "darwin": + return tun.Driver + "://Meta" + case "windows": + return tun.Driver + "://Meta" + default: + return tun.Driver + "://Meta" + } +} + +func parseDevice(s string, mtu uint32) (device.Device, error) { + if !strings.Contains(s, "://") { + s = fmt.Sprintf("%s://%s", tun.Driver /* default driver */, s) + } + + u, err := url.Parse(s) if err != nil { - _ = device.Close() return nil, err } - log.Infoln("Tun adapter listening at: %s(%s), mtu: %d, auto route: %v, ip stack: %s", device.Name(), tunAddress, mtu, autoRoute, stack) - return tunAdapter, nil + name := u.Host + driver := strings.ToLower(u.Scheme) + + switch driver { + case fdbased.Driver: + return fdbased.Open(name, mtu) + case tun.Driver: + return tun.Open(name, mtu) + default: + return nil, fmt.Errorf("unsupported driver: %s", driver) + } +} + +func setAtLatest(stackType C.TUNStack, devName string) { + if stackType != C.TunSystem { + return + } + + switch runtime.GOOS { + case "windows": + _, _ = cmd.ExecCmd("ipconfig /renew") + case "linux": + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.ip_forward=1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.forwarding = 1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.accept_local = 1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.accept_redirects = 1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.all.rp_filter = 2") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.forwarding = 1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.accept_local = 1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.accept_redirects = 1") + // _, _ = cmd.ExecCmd("sysctl -w net.ipv4.conf.default.rp_filter = 2") + // _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.forwarding = 1", devName)) + // _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.accept_local = 1", devName)) + // _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.accept_redirects = 1", devName)) + // _, _ = cmd.ExecCmd(fmt.Sprintf("sysctl -w net.ipv4.conf.%s.rp_filter = 2", devName)) + // _, _ = cmd.ExecCmd("iptables -t filter -P FORWARD ACCEPT") + } } diff --git a/log/log.go b/log/log.go index 4e5c375b..3a7ea729 100644 --- a/log/log.go +++ b/log/log.go @@ -97,9 +97,3 @@ func newLog(logLevel LogLevel, format string, v ...any) *Event { Payload: fmt.Sprintf(format, v...), } } - -func PrintLog(logLevel LogLevel, format string, v ...interface{}) { - event := newLog(logLevel, format, v...) - logCh <- event - print(event) -} diff --git a/main.go b/main.go index cad43d75..af71e413 100644 --- a/main.go +++ b/main.go @@ -69,7 +69,7 @@ func main() { } C.SetConfig(configFile) } else { - configFile := filepath.Join(C.Path.HomeDir(), C.Path.Config()) + configFile = filepath.Join(C.Path.HomeDir(), C.Path.Config()) C.SetConfig(configFile) } @@ -110,9 +110,9 @@ func main() { signal.Notify(sigCh, syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM) <-sigCh - // clean up - log.Warnln("Clash clean up") - hub.CleanUp() + // cleanup + log.Warnln("Clash cleanup") + hub.Cleanup() log.Warnln("Clash shutting down") } diff --git a/rule/common/base.go b/rule/common/base.go index 118153d4..d858a7d6 100644 --- a/rule/common/base.go +++ b/rule/common/base.go @@ -14,6 +14,22 @@ var ( noResolve = "no-resolve" ) +type Base struct { + ruleExtra *C.RuleExtra +} + +func (b *Base) RuleExtra() *C.RuleExtra { + return b.ruleExtra +} + +func (b *Base) SetRuleExtra(re *C.RuleExtra) { + b.ruleExtra = re +} + +func (b *Base) ShouldFindProcess() bool { + return false +} + func HasNoResolve(params []string) bool { for _, p := range params { if p == noResolve { @@ -25,9 +41,9 @@ func HasNoResolve(params []string) bool { func FindNetwork(params []string) C.NetWork { for _, p := range params { - if p == "tcp" { + if strings.EqualFold(p, "tcp") { return C.TCP - } else if p == "udp" { + } else if strings.EqualFold(p, "udp") { return C.UDP } } diff --git a/rule/common/domain.go b/rule/common/domain.go index 9a3a65bc..5082edbf 100644 --- a/rule/common/domain.go +++ b/rule/common/domain.go @@ -7,9 +7,9 @@ import ( ) type Domain struct { - domain string - adapter string - ruleExtra *C.RuleExtra + *Base + domain string + adapter string } func (d *Domain) RuleType() C.RuleType { @@ -35,18 +35,16 @@ func (d *Domain) ShouldResolveIP() bool { return false } -func (d *Domain) RuleExtra() *C.RuleExtra { - return d.ruleExtra -} - func (d *Domain) ShouldFindProcess() bool { return false } -func NewDomain(domain string, adapter string, ruleExtra *C.RuleExtra) *Domain { +func NewDomain(domain string, adapter string) *Domain { return &Domain{ - domain: strings.ToLower(domain), - adapter: adapter, - ruleExtra: ruleExtra, + Base: &Base{}, + domain: strings.ToLower(domain), + adapter: adapter, } } + +var _ C.Rule = (*Domain)(nil) diff --git a/rule/common/domain_keyword.go b/rule/common/domain_keyword.go index 694cb5f4..7d6930a0 100644 --- a/rule/common/domain_keyword.go +++ b/rule/common/domain_keyword.go @@ -7,9 +7,9 @@ import ( ) type DomainKeyword struct { - keyword string - adapter string - ruleExtra *C.RuleExtra + *Base + keyword string + adapter string } func (dk *DomainKeyword) RuleType() C.RuleType { @@ -40,14 +40,12 @@ func (dk *DomainKeyword) ShouldFindProcess() bool { return false } -func (dk *DomainKeyword) RuleExtra() *C.RuleExtra { - return dk.ruleExtra -} - -func NewDomainKeyword(keyword string, adapter string, ruleExtra *C.RuleExtra) *DomainKeyword { +func NewDomainKeyword(keyword string, adapter string) *DomainKeyword { return &DomainKeyword{ - keyword: strings.ToLower(keyword), - adapter: adapter, - ruleExtra: ruleExtra, + Base: &Base{}, + keyword: strings.ToLower(keyword), + adapter: adapter, } } + +var _ C.Rule = (*DomainKeyword)(nil) diff --git a/rule/common/domain_suffix.go b/rule/common/domain_suffix.go index 5bd6041e..d963ffe2 100644 --- a/rule/common/domain_suffix.go +++ b/rule/common/domain_suffix.go @@ -7,9 +7,9 @@ import ( ) type DomainSuffix struct { - suffix string - adapter string - ruleExtra *C.RuleExtra + *Base + suffix string + adapter string } func (ds *DomainSuffix) RuleType() C.RuleType { @@ -36,19 +36,16 @@ func (ds *DomainSuffix) ShouldResolveIP() bool { return false } -func (ds *DomainSuffix) RuleExtra() *C.RuleExtra { - return ds.ruleExtra -} - - func (ds *DomainSuffix) ShouldFindProcess() bool { return false } -func NewDomainSuffix(suffix string, adapter string, ruleExtra *C.RuleExtra) *DomainSuffix { +func NewDomainSuffix(suffix string, adapter string) *DomainSuffix { return &DomainSuffix{ - suffix: strings.ToLower(suffix), - adapter: adapter, - ruleExtra: ruleExtra, + Base: &Base{}, + suffix: strings.ToLower(suffix), + adapter: adapter, } } + +var _ C.Rule = (*DomainSuffix)(nil) diff --git a/rule/common/final.go b/rule/common/final.go index 7f7cf6eb..b2c1bbe0 100644 --- a/rule/common/final.go +++ b/rule/common/final.go @@ -5,8 +5,8 @@ import ( ) type Match struct { - adapter string - ruleExtra *C.RuleExtra + *Base + adapter string } func (f *Match) RuleType() C.RuleType { @@ -33,16 +33,11 @@ func (f *Match) ShouldFindProcess() bool { return false } -func (f *Match) RuleExtra() *C.RuleExtra { - return f.ruleExtra +func NewMatch(adapter string) *Match { + return &Match{ + Base: &Base{}, + adapter: adapter, + } } -func NewMatch(adapter string, ruleExtra *C.RuleExtra) *Match { - if ruleExtra.SourceIPs == nil { - ruleExtra = nil - } - return &Match{ - adapter: adapter, - ruleExtra: ruleExtra, - } -} +var _ C.Rule = (*Match)(nil) diff --git a/rule/common/geoip.go b/rule/common/geoip.go index bac36f45..3823fbaa 100644 --- a/rule/common/geoip.go +++ b/rule/common/geoip.go @@ -4,18 +4,19 @@ import ( "fmt" "github.com/Dreamacro/clash/component/geodata" "github.com/Dreamacro/clash/component/geodata/router" - "github.com/Dreamacro/clash/component/mmdb" "strings" + "github.com/Dreamacro/clash/component/mmdb" + "github.com/Dreamacro/clash/component/resolver" C "github.com/Dreamacro/clash/constant" "github.com/Dreamacro/clash/log" ) type GEOIP struct { - country string - adapter string - noResolveIP bool - ruleExtra *C.RuleExtra + *Base + country string + adapter string + noResolveIP bool geoIPMatcher *router.GeoIPMatcher } @@ -33,8 +34,13 @@ func (g *GEOIP) Match(metadata *C.Metadata) bool { return false } - if strings.EqualFold(g.country, "LAN") || C.TunBroadcastAddr.Equal(ip) { - return ip.IsPrivate() + if strings.EqualFold(g.country, "LAN") { + return ip.IsPrivate() || + ip.IsUnspecified() || + ip.IsLoopback() || + ip.IsMulticast() || + ip.IsLinkLocalUnicast() || + resolver.IsFakeBroadcastIP(ip) } if !C.GeodataMode { record, _ := mmdb.Instance().Country(ip) @@ -55,10 +61,6 @@ func (g *GEOIP) ShouldResolveIP() bool { return !g.noResolveIP } -func (g *GEOIP) RuleExtra() *C.RuleExtra { - return g.ruleExtra -} - func (g *GEOIP) GetCountry() string { return g.country } @@ -67,13 +69,13 @@ func (g *GEOIP) GetIPMatcher() *router.GeoIPMatcher { return g.geoIPMatcher } -func NewGEOIP(country string, adapter string, noResolveIP bool, ruleExtra *C.RuleExtra) (*GEOIP, error) { +func NewGEOIP(country string, adapter string, noResolveIP bool) (*GEOIP, error) { if !C.GeodataMode { geoip := &GEOIP{ + Base: &Base{}, country: country, adapter: adapter, noResolveIP: noResolveIP, - ruleExtra: ruleExtra, } return geoip, nil } @@ -85,11 +87,13 @@ func NewGEOIP(country string, adapter string, noResolveIP bool, ruleExtra *C.Rul log.Infoln("Start initial GeoIP rule %s => %s, records: %d", country, adapter, recordsCount) geoip := &GEOIP{ + Base: &Base{}, country: country, adapter: adapter, noResolveIP: noResolveIP, - ruleExtra: ruleExtra, geoIPMatcher: geoIPMatcher, } return geoip, nil } + +var _ C.Rule = (*GEOIP)(nil) diff --git a/rule/common/geosite.go b/rule/common/geosite.go index bf81e9c7..574671b9 100644 --- a/rule/common/geosite.go +++ b/rule/common/geosite.go @@ -13,10 +13,10 @@ import ( ) type GEOSITE struct { - country string - adapter string - ruleExtra *C.RuleExtra - matcher *router.DomainMatcher + *Base + country string + adapter string + matcher *router.DomainMatcher } func (gs *GEOSITE) RuleType() C.RuleType { @@ -48,10 +48,6 @@ func (gs *GEOSITE) ShouldFindProcess() bool { return false } -func (gs *GEOSITE) RuleExtra() *C.RuleExtra { - return gs.ruleExtra -} - func (gs *GEOSITE) GetDomainMatcher() *router.DomainMatcher { return gs.matcher } @@ -65,11 +61,13 @@ func NewGEOSITE(country string, adapter string, ruleExtra *C.RuleExtra) (*GEOSIT log.Infoln("Start initial GeoSite rule %s => %s, records: %d", country, adapter, recordsCount) geoSite := &GEOSITE{ - country: country, - adapter: adapter, - ruleExtra: ruleExtra, - matcher: matcher, + Base: &Base{}, + country: country, + adapter: adapter, + matcher: matcher, } return geoSite, nil } + +var _ C.Rule = (*GEOSITE)(nil) diff --git a/rule/common/ipcidr.go b/rule/common/ipcidr.go index a777b869..06119d9a 100644 --- a/rule/common/ipcidr.go +++ b/rule/common/ipcidr.go @@ -21,9 +21,9 @@ func WithIPCIDRNoResolve(noResolve bool) IPCIDROption { } type IPCIDR struct { + *Base ipnet *net.IPNet adapter string - ruleExtra *C.RuleExtra isSourceIP bool noResolveIP bool } @@ -59,20 +59,16 @@ func (i *IPCIDR) ShouldFindProcess() bool { return false } -func (i *IPCIDR) RuleExtra() *C.RuleExtra { - return i.ruleExtra -} - -func NewIPCIDR(s string, adapter string, ruleExtra *C.RuleExtra, opts ...IPCIDROption) (*IPCIDR, error) { +func NewIPCIDR(s string, adapter string, opts ...IPCIDROption) (*IPCIDR, error) { _, ipnet, err := net.ParseCIDR(s) if err != nil { return nil, errPayload } ipcidr := &IPCIDR{ - ipnet: ipnet, - adapter: adapter, - ruleExtra: ruleExtra, + Base: &Base{}, + ipnet: ipnet, + adapter: adapter, } for _, o := range opts { @@ -81,3 +77,5 @@ func NewIPCIDR(s string, adapter string, ruleExtra *C.RuleExtra, opts ...IPCIDRO return ipcidr, nil } + +var _ C.Rule = (*IPCIDR)(nil) diff --git a/rule/common/port.go b/rule/common/port.go index a796d2b2..2d665a1a 100644 --- a/rule/common/port.go +++ b/rule/common/port.go @@ -14,11 +14,11 @@ type portReal struct { } type Port struct { - adapter string - port string - isSource bool - portList []portReal - ruleExtra *C.RuleExtra + *Base + adapter string + port string + isSource bool + portList []portReal } func (p *Port) ShouldFindProcess() bool { @@ -51,16 +51,8 @@ func (p *Port) ShouldResolveIP() bool { return false } -func (p *Port) RuleExtra() *C.RuleExtra { - return p.ruleExtra -} - func (p *Port) matchPortReal(portRef string) bool { - port, err := strconv.Atoi(portRef) - if err != nil { - return false - } - + port, _ := strconv.Atoi(portRef) var rs bool for _, pr := range p.portList { if pr.portEnd == -1 { @@ -75,7 +67,7 @@ func (p *Port) matchPortReal(portRef string) bool { return false } -func NewPort(port string, adapter string, isSource bool, ruleExtra *C.RuleExtra) (*Port, error) { +func NewPort(port string, adapter string, isSource bool) (*Port, error) { ports := strings.Split(port, "/") if len(ports) > 28 { return nil, fmt.Errorf("%s, too many ports to use, maximum support 28 ports", errPayload.Error()) @@ -93,24 +85,25 @@ func NewPort(port string, adapter string, isSource bool, ruleExtra *C.RuleExtra) return nil, errPayload } - portStart, err := strconv.Atoi(strings.Trim(subPorts[0], "[ ]")) - if err != nil || portStart < 0 || portStart > 65535 { + portStart, err := strconv.ParseUint(strings.Trim(subPorts[0], "[ ]"), 10, 16) + if err != nil { return nil, errPayload } - if subPortsLen == 1 { - portList = append(portList, portReal{portStart, -1}) - } else if subPortsLen == 2 { - portEnd, err1 := strconv.Atoi(strings.Trim(subPorts[1], "[ ]")) - if err1 != nil || portEnd < 0 || portEnd > 65535 { + switch subPortsLen { + case 1: + portList = append(portList, portReal{int(portStart), -1}) + case 2: + portEnd, err := strconv.ParseUint(strings.Trim(subPorts[1], "[ ]"), 10, 16) + if err != nil { return nil, errPayload } shouldReverse := portStart > portEnd if shouldReverse { - portList = append(portList, portReal{portEnd, portStart}) + portList = append(portList, portReal{int(portEnd), int(portStart)}) } else { - portList = append(portList, portReal{portStart, portEnd}) + portList = append(portList, portReal{int(portStart), int(portEnd)}) } } } @@ -120,10 +113,12 @@ func NewPort(port string, adapter string, isSource bool, ruleExtra *C.RuleExtra) } return &Port{ - adapter: adapter, - port: port, - isSource: isSource, - portList: portList, - ruleExtra: ruleExtra, + Base: &Base{}, + adapter: adapter, + port: port, + isSource: isSource, + portList: portList, }, nil } + +var _ C.Rule = (*Port)(nil) diff --git a/rule/parser.go b/rule/parser.go index e415b6b7..010b2205 100644 --- a/rule/parser.go +++ b/rule/parser.go @@ -14,41 +14,35 @@ func ParseRule(tp, payload, target string, params []string) (C.Rule, error) { parsed C.Rule ) - ruleExtra := &C.RuleExtra{ - Network: RC.FindNetwork(params), - SourceIPs: RC.FindSourceIPs(params), - ProcessNames: RC.FindProcessName(params), - } - switch tp { case "DOMAIN": - parsed = RC.NewDomain(payload, target, ruleExtra) + parsed = RC.NewDomain(payload, target) case "DOMAIN-SUFFIX": - parsed = RC.NewDomainSuffix(payload, target, ruleExtra) + parsed = RC.NewDomainSuffix(payload, target) case "DOMAIN-KEYWORD": - parsed = RC.NewDomainKeyword(payload, target, ruleExtra) + parsed = RC.NewDomainKeyword(payload, target) case "GEOSITE": - parsed, parseErr = RC.NewGEOSITE(payload, target, ruleExtra) + parsed, parseErr = RC.NewGEOSITE(payload, target) case "GEOIP": noResolve := RC.HasNoResolve(params) - parsed, parseErr = RC.NewGEOIP(payload, target, noResolve, ruleExtra) + parsed, parseErr = RC.NewGEOIP(payload, target, noResolve) case "IP-CIDR", "IP-CIDR6": noResolve := RC.HasNoResolve(params) - parsed, parseErr = RC.NewIPCIDR(payload, target, ruleExtra, RC.WithIPCIDRNoResolve(noResolve)) + parsed, parseErr = RC.NewIPCIDR(payload, target, RC.WithIPCIDRNoResolve(noResolve)) case "SRC-IP-CIDR": - parsed, parseErr = RC.NewIPCIDR(payload, target, ruleExtra, RC.WithIPCIDRSourceIP(true), RC.WithIPCIDRNoResolve(true)) + parsed, parseErr = RC.NewIPCIDR(payload, target, RC.WithIPCIDRSourceIP(true), RC.WithIPCIDRNoResolve(true)) case "SRC-PORT": - parsed, parseErr = RC.NewPort(payload, target, true, ruleExtra) + parsed, parseErr = RC.NewPort(payload, target, true) case "DST-PORT": - parsed, parseErr = RC.NewPort(payload, target, false, ruleExtra) + parsed, parseErr = RC.NewPort(payload, target, false) case "PROCESS-NAME": - parsed, parseErr = RC.NewProcess(payload, target, true,ruleExtra) + parsed, parseErr = RC.NewProcess(payload, target, true) case "PROCESS-PATH": - parsed, parseErr = RC.NewProcess(payload, target, false,ruleExtra) + parsed, parseErr = RC.NewProcess(payload, target, false) case "MATCH": - parsed = RC.NewMatch(target, ruleExtra) + parsed = RC.NewMatch(target) case "RULE-SET": - parsed, parseErr = RP.NewRuleSet(payload, target, ruleExtra) + parsed, parseErr = RP.NewRuleSet(payload, target) case "NETWORK": parsed, parseErr = RC.NewNetworkType(payload, target) case "AND": @@ -61,5 +55,17 @@ func ParseRule(tp, payload, target string, params []string) (C.Rule, error) { parseErr = fmt.Errorf("unsupported rule type %s", tp) } - return parsed, parseErr + if parseErr != nil { + return nil, parseErr + } + + ruleExtra := &C.RuleExtra{ + Network: RC.FindNetwork(params), + SourceIPs: RC.FindSourceIPs(params), + ProcessNames: RC.FindProcessName(params), + } + + parsed.SetRuleExtra(ruleExtra) + + return parsed, nil } diff --git a/test/go.mod b/test/go.mod index 2c66f153..7030e49b 100644 --- a/test/go.mod +++ b/test/go.mod @@ -23,16 +23,11 @@ require ( github.com/gofrs/uuid v4.2.0+incompatible // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/golang/protobuf v1.5.2 // indirect github.com/google/btree v1.0.1 // indirect github.com/gorilla/mux v1.8.0 // indirect github.com/gorilla/websocket v1.5.0 // indirect github.com/insomniacslk/dhcp v0.0.0-20220119180841-3c283ff8b7dd // indirect - github.com/gorilla/websocket v1.4.2 // indirect - github.com/insomniacslk/dhcp v0.0.0-20211214070828-5297eed8f489 // indirect - github.com/kr328/tun2socket v0.0.0-20210412191540-3d56c47e2d99 // indirect github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect - github.com/morikuni/aec v1.0.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.0.2 // indirect github.com/oschwald/geoip2-golang v1.6.1 // indirect @@ -41,31 +36,25 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/sirupsen/logrus v1.8.1 // indirect github.com/u-root/uio v0.0.0-20210528114334-82958018845c // indirect - github.com/xtls/go v0.0.0-20201118062508-3632bf3b7499 // indirect - github.com/yaling888/go-lwip v0.0.0-20211103185822-c9d650538091 // indirect + github.com/xtls/go v0.0.0-20210920065950-d4af136d3672 // indirect go.etcd.io/bbolt v1.3.6 // indirect go.uber.org/atomic v1.9.0 // indirect golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect - golang.org/x/mod v0.4.2 // indirect + golang.org/x/mod v0.5.1 // indirect golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect golang.org/x/sys v0.0.0-20220315194320-039c03cc5b86 // indirect - golang.org/x/text v0.3.7 // indirect + golang.org/x/text v0.3.8-0.20220124021120-d1c84af989ab // indirect golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect - golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 // indirect + golang.org/x/tools v0.1.9 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect + golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 // indirect + golang.zx2c4.com/wireguard v0.0.0-20220310012736-ae6bc4dd64e1 // indirect + golang.zx2c4.com/wireguard/windows v0.5.4-0.20220201002028-22d54a5eb477 // indirect google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect google.golang.org/grpc v1.45.0 // indirect google.golang.org/protobuf v1.27.1 // indirect - golang.org/x/sys v0.0.0-20211107104306-e0b2ad06fe42 // indirect - golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect - golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect - golang.zx2c4.com/wireguard/windows v0.5.1 // indirect - google.golang.org/genproto v0.0.0-20210722135532-667f2b7c528f // indirect - google.golang.org/grpc v1.42.0 // indirect - google.golang.org/protobuf v1.27.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect gotest.tools/v3 v3.1.0 // indirect - gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect - gvisor.dev/gvisor v0.0.0-20211104052249-2de3450f76d6 // indirect + gvisor.dev/gvisor v0.0.0-20220315202956-f1399ecf1672 // indirect ) diff --git a/test/go.sum b/test/go.sum index 337e4902..ac2a7f95 100644 --- a/test/go.sum +++ b/test/go.sum @@ -20,9 +20,6 @@ cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmW cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= -cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= -cloud.google.com/go v0.88.0/go.mod h1:dnKwfYbP9hQhefiUvpbcAyoGSHUrOxR20JVElLiUvEY= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -31,6 +28,7 @@ cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4g cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= +cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -41,26 +39,24 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg= github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= +github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= -github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= +github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= -github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= +github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= +github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= @@ -74,8 +70,9 @@ github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugX github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.1 h1:aPJp2QD7OOrhO5tQXqQoGSJc+DjDtWTGLOmNyAm6FgY= github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= +github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= @@ -83,10 +80,14 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= +github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= +github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= +github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= @@ -97,12 +98,17 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= +github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= +github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/bazelbuild/rules_go v0.27.0/go.mod h1:MC23Dc/wkXEyk3Wpq6lCqz0ZAYOZDw2DR5y3N1q2i7M= +github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -110,20 +116,27 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA= +github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= +github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= +github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= +github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= +github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -132,6 +145,7 @@ github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLI github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= +github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -142,6 +156,9 @@ github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= +github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= +github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= +github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU= github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= @@ -156,17 +173,18 @@ github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4S github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= +github.com/containerd/cgroups v1.0.3/go.mod h1:/ofk34relqNjSGyqPrmEULrO4Sc8LJhvJmWbUCUKqj8= github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= +github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= @@ -175,8 +193,11 @@ github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7 github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= -github.com/containerd/containerd v1.5.8 h1:NmkCC1/QxyZFBny8JogwLpOy2f+VEbO/f6bV2Mqtwuw= +github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= +github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s= +github.com/containerd/containerd v1.6.1 h1:oa2uY0/0G+JX4X7hpGCYvkp9FjUancz56kSNnb1sG3o= +github.com/containerd/containerd v1.6.1/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -184,7 +205,7 @@ github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cE github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/continuity v0.2.1/go.mod h1:wCYX+dRqZdImhGucXOqTQn05AhX6EUDaGEMUzTFFpLg= +github.com/containerd/continuity v0.2.2/go.mod h1:pWygW9u7LtS1o4N/Tn0FoCFDIXZ7rxcMX7HX1Dmibvk= github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= @@ -193,6 +214,8 @@ github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1S github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= +github.com/containerd/go-cni v1.1.0/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= +github.com/containerd/go-cni v1.1.3/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= @@ -202,9 +225,11 @@ github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= +github.com/containerd/imgcrypt v1.1.3/go.mod h1:/TPA1GIDXMzbj01yd8pIbQiLdQxed5ue1wb8bP7PQu4= github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= @@ -223,15 +248,20 @@ github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNR github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= +github.com/containernetworking/cni v1.0.1/go.mod h1:AKuhXbN5EzmD4yTNtfSsX3tPcmtrBI6QcRV0NiNt15Y= github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= +github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= +github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= +github.com/coreos/go-iptables v0.6.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -246,13 +276,14 @@ github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfc github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= +github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ= github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= -github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -261,13 +292,16 @@ github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= +github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/docker v20.10.12+incompatible h1:CEeNmFM0QZIsJCZKMkZx0ZcahTiewkrgiwfYD+dfl1U= -github.com/docker/docker v20.10.12+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= +github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.13+incompatible h1:5s7uxnKZG+b8hYWlPYUi6x1Sjpq2MSt96d15eLZeHyw= +github.com/docker/docker v20.10.13+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= @@ -281,7 +315,6 @@ github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZ github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= @@ -294,53 +327,65 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.m github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fanliao/go-promise v0.0.0-20141029170127-1890db352a72/go.mod h1:PjfxuH4FZdUyfMdtBio2lsRr1AKEaVPwelzuHuh8Lqc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= +github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= +github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= -github.com/go-chi/cors v1.2.0/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58= -github.com/go-chi/render v1.0.1/go.mod h1:pq4Rr7HbnsdaeHagklXub+p6Wd16Af5l9koip1OvJns= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.1/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gofrs/uuid v4.2.0+incompatible h1:yyYWMnhkhrKwwr8gAOcOCYxOOscHgDS9yZgBrnJfGa0= github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= -github.com/gogo/googleapis v1.4.1/go.mod h1:2lpHqI5OcWCtVElxXnPt+s8oJvMpySlOyM6xDCrzib4= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= @@ -354,6 +399,7 @@ github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4er github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= @@ -363,7 +409,6 @@ github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= -github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -382,7 +427,6 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= @@ -400,15 +444,13 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-github/v35 v35.1.0/go.mod h1:s0515YVTI+IMrDoy9Y4pHt9ShGpzHvHO8rZ7L7acgvs= -github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= -github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= +github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -420,74 +462,95 @@ github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210715191844-86eeefc3e471/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20211008130755-947d60d73cc0/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/subcommands v1.0.2-0.20190508160503-636abe8753b8/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/googleapis/gnostic v0.4.0/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= -github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= +github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= +github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= +github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= +github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= +github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= +github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= -github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= +github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= +github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= +github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= +github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= +github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= +github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= +github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/hugelgupf/socketpair v0.0.0-20190730060125-05d35a94e714/go.mod h1:2Goc3h8EklBH5mspfHFxBnEoURQCGzQQH1ga9Myjvis= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ianlancetaylor/demangle v0.0.0-20210905161508-09a460cdf81d/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/insomniacslk/dhcp v0.0.0-20211214070828-5297eed8f489 h1:jhdHqd7DxBrzfuFSoPxjD6nUVaV/1RIn9aHA0WCf/as= -github.com/insomniacslk/dhcp v0.0.0-20211214070828-5297eed8f489/go.mod h1:h+MxyHxRg9NH3terB1nfRIUaQEcI0XOVkdR9LNBlp8E= +github.com/insomniacslk/dhcp v0.0.0-20220119180841-3c283ff8b7dd h1:efcJu2Vzz6DoSq245deWNzTz6l/gsqdphm3FjmI88/g= +github.com/insomniacslk/dhcp v0.0.0-20220119180841-3c283ff8b7dd/go.mod h1:h+MxyHxRg9NH3terB1nfRIUaQEcI0XOVkdR9LNBlp8E= +github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= +github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/jsimonetti/rtnetlink v0.0.0-20190606172950-9527aa82566a/go.mod h1:Oz+70psSo5OFh8DBl0Zv2ACw7Esh6pPUphlvZG9x7uw= github.com/jsimonetti/rtnetlink v0.0.0-20200117123717-f846d4f6c1f4/go.mod h1:WGuG/smIU4J/54PblvSbh+xvCZmpJnFgr3ds6Z55XMQ= github.com/jsimonetti/rtnetlink v0.0.0-20201009170750-9c6f07d100c1/go.mod h1:hqoO/u39cqLeBLebZ8fWdE96O7FxrAsRYhnVOdgHxok= github.com/jsimonetti/rtnetlink v0.0.0-20201110080708-d2c240429e6c/go.mod h1:huN4d1phzjhlOsNIjFsw2SVRbwIHj3fJDMEU2SDPTmg= -github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= @@ -503,27 +566,29 @@ github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfn github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.4-0.20190131011033-7dc38fb350b1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr328/tun2socket v0.0.0-20210412191540-3d56c47e2d99 h1:dkEFEnGUg2z/FAPywWr4yfR/sWDQK76qn3J4Y5H2hJs= -github.com/kr328/tun2socket v0.0.0-20210412191540-3d56c47e2d99/go.mod h1:FWfSixjrLgtK+dHkDoN6lHMNhvER24gnjUZd/wt8Z9o= -github.com/lxn/walk v0.0.0-20210112085537-c389da54e794/go.mod h1:E23UucZGqpuUANJooIbHWCufXvOcT6E7Stq81gU+CSQ= -github.com/lxn/win v0.0.0-20210218163916-a377121e959e/go.mod h1:KxxjdtRkfNoYDCUP5ryK7XJJNTnpC8atvtmTheChOtk= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= +github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/mattbaird/jsonpatch v0.0.0-20171005235357-81af80346b1a/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= github.com/mdlayher/ethernet v0.0.0-20190606142754-0394541c37b7/go.mod h1:U6ZQobyTjI/tJyq2HG+i/dfSoFUt8/aZCM+GKtmFk/Y= github.com/mdlayher/netlink v0.0.0-20190409211403-11939a169225/go.mod h1:eQB3mZE4aiYnlUsyGGCOpPETfdQq4Jhsgf1fk3cwQaA= github.com/mdlayher/netlink v1.0.0/go.mod h1:KxeJAFOFLG6AjpyDkQ/iIhxygIUKD+vcwqcnu43w/+M= @@ -531,35 +596,49 @@ github.com/mdlayher/netlink v1.1.0/go.mod h1:H4WCitaheIsdF9yOYu8CFmCgQthAPIWZmcK github.com/mdlayher/netlink v1.1.1/go.mod h1:WTYpFb/WTvlRJAyKhZL5/uy69TDDpHHu2VZmb2XgV7o= github.com/mdlayher/raw v0.0.0-20190606142536-fef19f00fc18/go.mod h1:7EpbotpCmVZcu+KCX4g9WaRNuu11uyhiW7+Le1dKawg= github.com/mdlayher/raw v0.0.0-20191009151244-50f2db8cc065/go.mod h1:7EpbotpCmVZcu+KCX4g9WaRNuu11uyhiW7+Le1dKawg= -github.com/miekg/dns v1.1.45 h1:g5fRIhm9nx7g8osrAvgb16QJfmyMsyOCb+J7LSv+Qzk= -github.com/miekg/dns v1.1.45/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= +github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= +github.com/miekg/dns v1.1.47 h1:J9bWiXbqMbnZPcY8Qi2E3EWIBsIm6MZzzJB9VRg5gL8= +github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= +github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= +github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= +github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= +github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= +github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= +github.com/moby/sys/signal v0.6.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= +github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= +github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 h1:dcztxKSvZ4Id8iPpHERQBbIJfabdt4wUm5qy3wOL2Zc= github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/mohae/deepcopy v0.0.0-20170308212314-bb9b5e7adda9/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= +github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= +github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -569,13 +648,20 @@ github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0= +github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= +github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= +github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -584,15 +670,16 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM= github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.0-rc90/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= +github.com/opencontainers/runc v1.1.0/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc= github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= @@ -603,22 +690,25 @@ github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mo github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/oschwald/geoip2-golang v1.5.0 h1:igg2yQIrrcRccB1ytFXqBfOHCjXWIoMv85lVJ1ONZzw= -github.com/oschwald/geoip2-golang v1.5.0/go.mod h1:xdvYt5xQzB8ORWFqPnqMwZpCpgNagttWdoZLlJQzg7s= +github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= +github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/oschwald/geoip2-golang v1.6.1 h1:GKxT3yaWWNXSb7vj6D7eoJBns+lGYgx08QO0UcNm0YY= +github.com/oschwald/geoip2-golang v1.6.1/go.mod h1:xdvYt5xQzB8ORWFqPnqMwZpCpgNagttWdoZLlJQzg7s= github.com/oschwald/maxminddb-golang v1.8.0 h1:Uh/DSnGoxsyp/KYbY1AuP0tYEwfs0sCph9p/UMXK/Hk= github.com/oschwald/maxminddb-golang v1.8.0/go.mod h1:RXZtst0N6+FY/3qCNmZMBApR19cdQj43/NM9VkrNAis= -github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= +github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= +github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= @@ -626,6 +716,7 @@ github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDf github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= +github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -637,6 +728,8 @@ github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= +github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= +github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= @@ -648,14 +741,21 @@ github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+Gx github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= +github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= +github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= +github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= +github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= +github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= @@ -670,6 +770,7 @@ github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1 github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= @@ -677,6 +778,7 @@ github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= +github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -684,26 +786,30 @@ github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= +github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= -github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c/go.mod h1:hzIxponao9Kjc7aWznkXaL4U4TWaDSs8zcsY4Ka08nM= github.com/u-root/uio v0.0.0-20210528114334-82958018845c h1:BFvcl34IGnw8yvJi8hlqLFo9EshRInwWBs2M5fGWzQA= github.com/u-root/uio v0.0.0-20210528114334-82958018845c/go.mod h1:LpEX5FO/cB+WF4TYGY1V5qktpaZLkKkSegbr0V4eYXA= @@ -713,9 +819,9 @@ github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijb github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= -github.com/vishvananda/netlink v1.0.1-0.20190930145447-2ec5bdc52b86/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= +github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= @@ -725,12 +831,15 @@ github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= -github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/xtls/go v0.0.0-20201118062508-3632bf3b7499 h1:QHESTXtfgc1ABV+ArlbPVqUx9Ht5I0dDkYhxYoXFxNo= -github.com/xtls/go v0.0.0-20201118062508-3632bf3b7499/go.mod h1:5TB2+k58gx4A4g2Nf5miSHNDF6CuAzHKpWBooLAshTs= -github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/xtls/go v0.0.0-20210920065950-d4af136d3672 h1:4mkzGhKqt3JO1BWYjtD3iRFyAx4ow67hmSqOcGjuxqQ= +github.com/xtls/go v0.0.0-20210920065950-d4af136d3672/go.mod h1:YGGVbz9cOxyKFUmhW7LGaLZaMA0cPlHJinvAmVxEMSU= +github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= @@ -740,6 +849,13 @@ go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= +go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= +go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= +go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= +go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0= +go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3MSsE= +go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc= +go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= @@ -748,34 +864,57 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0/go.mod h1:vEhqr0m4eTc+DWxfsXoXue2GBgV2uUwVznkGIHW/e5w= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= +go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= +go.opentelemetry.io/otel v1.3.0/go.mod h1:PWIKzi6JCp7sM0k9yZ43VX+T345uNbAkDKwHVjb2PTs= +go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0/go.mod h1:VpP4/RMn8bv8gNo9uK7/IMY4mtWLELsS+JIP0inH0h4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0/go.mod h1:hO1KLR7jcKaDDKDkvI9dP/FIhpmna5lkqPUQdEjFAM8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0/go.mod h1:keUU7UfnwWTWpJ+FWnyqmogPa82nuU5VUANFq49hlMY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0/go.mod h1:QNX1aly8ehqqX1LEa6YniTU7VY9I6R3X/oPxhGdTceE= +go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= +go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= +go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= +go.opentelemetry.io/otel/sdk v1.3.0/go.mod h1:rIo4suHNhQwBIPg9axF8V9CA72Wz2mKF1teNrup8yzs= +go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= +go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= +go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= +go.opentelemetry.io/otel/trace v1.3.0/go.mod h1:c/VDhno8888bvQYmbYLqe41/Ldmr/KKunbvWM4/fEjk= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.opentelemetry.io/proto/otlp v0.11.0/go.mod h1:QpEjXPrNQzrFDZgoTo49dgHR9RYRSrg3NAKnUGl9YpQ= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/automaxprocs v1.4.0/go.mod h1:/mTEdr7LvHhs0v7mjdxDreTz1OG5zdZGqgOnhWiR/+Q= +go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= +go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210317152858-513c2a44f670/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38= +golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -808,17 +947,18 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/mod v0.5.1 h1:OJxoQ/rynoF0dcCdI7cLPktw/hR2cueqYfjm43oqK38= +golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -848,6 +988,7 @@ golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/ golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -857,18 +998,35 @@ golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20211105192438-b53810dc28af h1:SMeNJG/vclJ5wyBBd4xupMsSJIHTd1coW9g7q6KOjmY= -golang.org/x/net v0.0.0-20211105192438-b53810dc28af/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -881,13 +1039,13 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190411185658-b44545bcd369/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -904,10 +1062,10 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -937,12 +1095,15 @@ golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200831180312-196b9ba8737a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -950,7 +1111,6 @@ golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201009025420-dfb3f7c4e634/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201018230417-eeed37f84f13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201101102859-da207088b7d1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -958,35 +1118,62 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211107104306-e0b2ad06fe42 h1:G2DDmludOQZoWbpCr7OKDxnl478ZBGMcOhrv+ooX/Q4= -golang.org/x/sys v0.0.0-20211107104306-e0b2ad06fe42/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210903071746-97244b99971b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220315194320-039c03cc5b86 h1:A9i04dxx7Cribqbs8jf3FQLogkL/CV2YN7hj9KWJCkc= +golang.org/x/sys v0.0.0-20220315194320-039c03cc5b86/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8-0.20220124021120-d1c84af989ab h1:eHo2TTVBaAPw9lDGK2Gb9GyPMXT6g7O63W6sx3ylbzU= +golang.org/x/text v0.3.8-0.20220124021120-d1c84af989ab/go.mod h1:EFNZuWvGYxIRUEX+K8UmCFwYmZjqcrnq15ZuVldZkZ0= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= +golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 h1:M73Iuj3xbbb9Uk1DYhzydthsj6oOd6l9bpuFcNoUvTs= +golang.org/x/time v0.0.0-20220224211638-0e9765cccd65/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -1002,9 +1189,12 @@ golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1019,14 +1209,46 @@ golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw= +golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8= +golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= +golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.9 h1:j9KsMiaP1c3B0OTQGth0/k+miLGTgLsAFUCrF2vLcF8= +golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 h1:Ug9qvr1myri/zFN6xL17LSCBGFDnphBBhzmILHsM5TY= +golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI= +golang.zx2c4.com/wireguard v0.0.0-20220310012736-ae6bc4dd64e1 h1:iuQdvJn3LrXxz3Iony1qBGVS7kEy2uHYnnjHsVbzq/s= +golang.zx2c4.com/wireguard v0.0.0-20220310012736-ae6bc4dd64e1/go.mod h1:TjUWrnD5ATh7bFvmm/ALEJZQ4ivKbETb6pmyj1vUoNI= +golang.zx2c4.com/wireguard/windows v0.5.4-0.20220201002028-22d54a5eb477 h1:aGh/leWQnRuYYo3vxSbHKrgnnQogntsZKk//JWR/f44= +golang.zx2c4.com/wireguard/windows v0.5.4-0.20220201002028-22d54a5eb477/go.mod h1:4GomF9UyodS7dPzPnrQHtpgekcDiTJISzJ3kOk07Ozs= google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= @@ -1037,12 +1259,25 @@ google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsb google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE= +google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= +google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= +google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= +google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= +google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= +google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= +google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= +google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -1063,11 +1298,37 @@ google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvx google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA= google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a h1:pOwg4OoaRYScjmR4LlLgdtnyoHYTSAVhhqe5uPdpII8= +google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= +google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= +google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0= +google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= @@ -1080,12 +1341,24 @@ google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQ google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= +google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= +google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= +google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.45.0 h1:NEpgUqV3Z+ZjkqMsxMg11IaDrXY4RY6CQukSGK0uI1M= +google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1105,13 +1378,16 @@ gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLks gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= @@ -1128,15 +1404,17 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -gvisor.dev/gvisor v0.0.0-20211104052249-2de3450f76d6 h1:ZqN8yQG1UONNe/u1LJvvTg80BDevYvaRgmWPBlCT+0g= -gvisor.dev/gvisor v0.0.0-20211104052249-2de3450f76d6/go.mod h1:btyTBPTxT8AFMvW7yctFJ2nPCEDWZLpmKQEZ0gG+bbQ= +gotest.tools/v3 v3.1.0 h1:rVV8Tcg/8jHUkPUorwjaMTtemIMVXfIPKiOqnhEhakk= +gotest.tools/v3 v3.1.0/go.mod h1:fHy7eyTmJFO5bQbUsEGQ1v4m2J3Jz9eWL54TP2/ZuYQ= +gvisor.dev/gvisor v0.0.0-20220315202956-f1399ecf1672 h1:aXIFpjZYl3zv2rQyr4rSit5Uq0k7BVXC8lJaDa4Cg7M= +gvisor.dev/gvisor v0.0.0-20220315202956-f1399ecf1672/go.mod h1:V4WNP2Uwtx69eOhvLDSQ734EaTJTaBI3P8KgRAlROsg= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1144,49 +1422,58 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -honnef.co/go/tools v0.2.1/go.mod h1:lPVVZ2BS5TfnjLyizF7o7hv7j9/L+8cZY2hLyjP9cGY= -k8s.io/api v0.16.13/go.mod h1:QWu8UWSTiuQZMMeYjwLs6ILu5O74qKSJ0c+4vrchDxs= k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/apimachinery v0.16.13/go.mod h1:4HMHS3mDHtVttspuuhrJ1GGr/0S9B6iWYWZ57KnnZqQ= -k8s.io/apimachinery v0.16.14-rc.0/go.mod h1:4HMHS3mDHtVttspuuhrJ1GGr/0S9B6iWYWZ57KnnZqQ= +k8s.io/api v0.22.5/go.mod h1:mEhXyLaSD1qTOf40rRiKXkc+2iCem09rWLlFwhCEiAs= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= +k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= +k8s.io/apimachinery v0.22.5/go.mod h1:xziclGKwuuJ2RM5/rSFQSYAj0zdbci3DH8kj+WvyN0U= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/client-go v0.16.13/go.mod h1:UKvVT4cajC2iN7DCjLgT0KVY/cbY6DGdUCyRiIfws5M= +k8s.io/apiserver v0.22.5/go.mod h1:s2WbtgZAkTKt679sYtSudEQrTGWUSQAPe6MupLnlmaQ= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= +k8s.io/client-go v0.22.5/go.mod h1:cs6yf/61q2T1SdQL5Rdcjg9J1ElXSwbjSrW2vFImM4Y= +k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= +k8s.io/component-base v0.22.5/go.mod h1:VK3I+TjuF9eaa+Ln67dKxhGar5ynVbwnGrUiNF4MqCI= k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= -k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/cri-api v0.23.1/go.mod h1:REJE3PSU0h/LOV1APBrupxrEJqnoxZC8KWzkBUHwrK4= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= +k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/kube-openapi v0.0.0-20200410163147-594e756bea31/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= +k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= +k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= +k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= +sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= +sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/transport/vless/xtls.go b/transport/vless/xtls.go index 6e2a4d46..b9a9fd27 100644 --- a/transport/vless/xtls.go +++ b/transport/vless/xtls.go @@ -23,7 +23,7 @@ func StreamXTLSConn(conn net.Conn, cfg *XTLSConfig) (net.Conn, error) { xtlsConn := xtls.Client(conn, xtlsConfig) - // fix tls handshake not timeout + // fix xtls handshake not timeout ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout) defer cancel() err := xtlsConn.HandshakeContext(ctx) diff --git a/tunnel/connection.go b/tunnel/connection.go index 45de46d7..82443c35 100644 --- a/tunnel/connection.go +++ b/tunnel/connection.go @@ -70,6 +70,9 @@ func handleSocket(ctx C.ConnContext, outbound net.Conn) { func relay(leftConn, rightConn net.Conn) { ch := make(chan error) + tcpKeepAlive(leftConn) + tcpKeepAlive(rightConn) + go func() { buf := pool.Get(pool.RelayBufferSize) // Wrapping to avoid using *net.TCPConn.(ReadFrom) @@ -86,3 +89,9 @@ func relay(leftConn, rightConn net.Conn) { rightConn.SetReadDeadline(time.Now()) <-ch } + +func tcpKeepAlive(c net.Conn) { + if tcp, ok := c.(*net.TCPConn); ok { + tcp.SetKeepAlive(true) + } +} diff --git a/tunnel/tunnel.go b/tunnel/tunnel.go index 34f069d6..df964b0b 100644 --- a/tunnel/tunnel.go +++ b/tunnel/tunnel.go @@ -5,6 +5,7 @@ import ( "fmt" R "github.com/Dreamacro/clash/rule/common" "net" + "path/filepath" "runtime" "strconv" "sync" @@ -35,8 +36,6 @@ var ( // default timeout for UDP session udpTimeout = 60 * time.Second - - preProcessCacheFinder, _ = R.NewProcess("", "", false, nil) ) func init() { @@ -152,15 +151,28 @@ func preHandleMetadata(metadata *C.Metadata) error { // redir-host should lookup the hosts metadata.DstIP = node.Data.(net.IP) } - } else if resolver.IsFakeIP(metadata.DstIP) && !C.TunBroadcastAddr.Equal(metadata.DstIP) { + } else if resolver.IsFakeIP(metadata.DstIP) { return fmt.Errorf("fake DNS record %s missing", metadata.DstIP) } } + // pre resolve process name + srcPort, err := strconv.Atoi(metadata.SrcPort) + if err == nil && P.ShouldFindProcess(metadata) { + path, err := P.FindProcessName(metadata.NetWork.String(), metadata.SrcIP, srcPort) + if err != nil { + log.Debugln("[Process] find process %s: %v", metadata.String(), err) + } else { + log.Debugln("[Process] %s from process %s", metadata.String(), path) + metadata.Process = filepath.Base(path) + metadata.ProcessPath = path + } + } + return nil } -func resolveMetadata(metadata *C.Metadata) (proxy C.Proxy, rule C.Rule, err error) { +func resolveMetadata(ctx C.PlainContext, metadata *C.Metadata) (proxy C.Proxy, rule C.Rule, err error) { switch mode { case Direct: proxy = proxies["DIRECT"] @@ -224,7 +236,7 @@ func handleUDPConn(packet *inbound.PacketAdapter) { }() pCtx := icontext.NewPacketConnContext(metadata) - proxy, rule, err := resolveMetadata(metadata) + proxy, rule, err := resolveMetadata(pCtx, metadata) if err != nil { log.Warnln("[UDP] Parse metadata failed: %s", err.Error()) return @@ -232,7 +244,7 @@ func handleUDPConn(packet *inbound.PacketAdapter) { ctx, cancel := context.WithTimeout(context.Background(), C.DefaultUDPTimeout) defer cancel() - rawPc, err := proxy.ListenPacketContext(ctx, metadata) + rawPc, err := proxy.ListenPacketContext(ctx, metadata.Pure()) if err != nil { if rule == nil { log.Warnln("[UDP] dial %s to %s error: %s", proxy.Name(), metadata.RemoteAddress(), err.Error()) @@ -282,7 +294,7 @@ func handleTCPConn(connCtx C.ConnContext) { return } - proxy, rule, err := resolveMetadata(metadata) + proxy, rule, err := resolveMetadata(connCtx, metadata) if err != nil { log.Warnln("[Metadata] parse failed: %s", err.Error()) return @@ -290,7 +302,7 @@ func handleTCPConn(connCtx C.ConnContext) { ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTCPTimeout) defer cancel() - remoteConn, err := proxy.DialContext(ctx, metadata) + remoteConn, err := proxy.DialContext(ctx, metadata.Pure()) if err != nil { if rule == nil { log.Warnln("[TCP] dial %s to %s error: %s", proxy.Name(), metadata.RemoteAddress(), err.Error()) @@ -339,9 +351,6 @@ func match(metadata *C.Metadata) (C.Proxy, C.Rule, error) { resolved = true } - // preset process name and cache it - preProcessCacheFinder.Match(metadata) - for _, rule := range rules { if !resolved && shouldResolveIP(rule, metadata) { ip, err := resolver.ResolveIP(metadata.Host) @@ -354,21 +363,6 @@ func match(metadata *C.Metadata) (C.Proxy, C.Rule, error) { resolved = true } - if !processFound && rule.ShouldFindProcess() { - processFound = true - - srcPort, err := strconv.Atoi(metadata.SrcPort) - if err == nil { - path, err := P.FindProcessName(metadata.NetWork.String(), metadata.SrcIP, srcPort) - if err != nil { - log.Debugln("[Process] find process %s: %v", metadata.String(), err) - } else { - log.Debugln("[Process] %s from process %s", metadata.String(), path) - metadata.ProcessPath = path - } - } - } - if rule.Match(metadata) { adapter, ok := proxies[rule.Adapter()] if !ok { @@ -389,6 +383,10 @@ func match(metadata *C.Metadata) (C.Proxy, C.Rule, error) { if extra.NotMatchSourceIP(metadata.SrcIP) { continue } + + if extra.NotMatchProcessName(metadata.Process) { + continue + } } return adapter, rule, nil