From 73bbbeba6acfc27626a19cd31cbca4b92d6fe3b6 Mon Sep 17 00:00:00 2001 From: Vladislav Yarmak Date: Fri, 26 Jul 2024 11:51:46 +0300 Subject: [PATCH 1/3] pass connection_id option --- client/config.go | 1 + cmd/dtlspipe/main.go | 4 ++++ server/config.go | 1 + 3 files changed, 6 insertions(+) diff --git a/client/config.go b/client/config.go index 900c5a0..46eff24 100644 --- a/client/config.go +++ b/client/config.go @@ -23,6 +23,7 @@ type Config struct { StaleMode util.StaleMode TimeLimitFunc func() time.Duration AllowFunc func(net.Addr) bool + EnableCID bool } func (cfg *Config) populateDefaults() *Config { diff --git a/cmd/dtlspipe/main.go b/cmd/dtlspipe/main.go index 6352978..0458a79 100644 --- a/cmd/dtlspipe/main.go +++ b/cmd/dtlspipe/main.go @@ -135,6 +135,7 @@ var ( mtu = flag.Int("mtu", 1400, "MTU used for DTLS fragments") cpuprofile = flag.String("cpuprofile", "", "write cpu profile to file") skipHelloVerify = flag.Bool("skip-hello-verify", true, "(server only) skip hello verify request. Useful to workaround DPI") + connectionIDExt = flag.Bool("cid", true, "enable connection_id extension") ciphersuites = cipherlistArg{} curves = curvelistArg{} staleMode = util.EitherStale @@ -253,6 +254,7 @@ func cmdClient(bindAddress, remoteAddress string) int { StaleMode: staleMode, TimeLimitFunc: util.TimeLimitFunc(timeLimit.low, timeLimit.high), AllowFunc: util.AllowByRatelimit(rateLimit.value), + EnableCID: *connectionIDExt, } clt, err := client.New(&cfg) @@ -306,6 +308,7 @@ func cmdHoppingClient(args []string) int { StaleMode: staleMode, TimeLimitFunc: util.TimeLimitFunc(timeLimit.low, timeLimit.high), AllowFunc: util.AllowByRatelimit(rateLimit.value), + EnableCID: *connectionIDExt, } clt, err := client.New(&cfg) @@ -345,6 +348,7 @@ func cmdServer(bindAddress, remoteAddress string) int { StaleMode: staleMode, TimeLimitFunc: util.TimeLimitFunc(timeLimit.low, timeLimit.high), AllowFunc: util.AllowByRatelimit(rateLimit.value), + EnableCID: *connectionIDExt, } srv, err := server.New(&cfg) diff --git a/server/config.go b/server/config.go index b42dee5..0e07339 100644 --- a/server/config.go +++ b/server/config.go @@ -23,6 +23,7 @@ type Config struct { StaleMode util.StaleMode TimeLimitFunc func() time.Duration AllowFunc func(net.Addr) bool + EnableCID bool } func (cfg *Config) populateDefaults() *Config { From d271d25e5022b05bcdbca626b778a9ac0a207431 Mon Sep 17 00:00:00 2001 From: Vladislav Yarmak Date: Fri, 26 Jul 2024 12:02:35 +0300 Subject: [PATCH 2/3] incorporate CID option into DTLS configuration --- client/client.go | 4 ++++ server/server.go | 3 +++ 2 files changed, 7 insertions(+) diff --git a/client/client.go b/client/client.go index 329cd87..6c06b23 100644 --- a/client/client.go +++ b/client/client.go @@ -65,6 +65,10 @@ func New(cfg *Config) (*Client, error) { CipherSuites: cfg.CipherSuites, EllipticCurves: cfg.EllipticCurves, } + if cfg.EnableCID { + client.dtlsConfig.ConnectionIDGenerator = dtls.OnlySendCIDGenerator() + } + lc := udp.ListenConfig{ Backlog: Backlog, } diff --git a/server/server.go b/server/server.go index 78b1ef8..9d5742f 100644 --- a/server/server.go +++ b/server/server.go @@ -71,6 +71,9 @@ func New(cfg *Config) (*Server, error) { return nil }, } + if cfg.EnableCID { + srv.dtlsConfig.ConnectionIDGenerator = dtls.RandomCIDGenerator(8) + } srv.listener, err = dtls.Listen("udp", net.UDPAddrFromAddrPort(lAddrPort), srv.dtlsConfig) if err != nil { cancelCtx() From 7ab7bb2bfd5f932f153f6ad9e241e90a1c964a08 Mon Sep 17 00:00:00 2001 From: Vladislav Yarmak Date: Fri, 26 Jul 2024 13:27:59 +0300 Subject: [PATCH 3/3] upd docs --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e5c85aa..4e273af 100644 --- a/README.md +++ b/README.md @@ -113,6 +113,8 @@ dtlspipe version Print program version and exit. Options: + -cid + enable connection_id extension (default true) -ciphers value colon-separated list of ciphers to use -cpuprofile string