hackclub/burrow
1
0
Fork 0
Code Pull requests Releases Packages Activity Actions 4

Update for MacOS

Browse source
This commit is contained in:
Jett Chen 2023-12-11 19:04:53 +08:00
parent 3e5a01ffbe
commit c346ec5b39
4 changed files with 31 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Apple/NetworkExtension/NetworkExtension-macOS.entitlements
View file

@ -4,6 +4,8 @@
<dict> <dict>
<key>com.apple.security.network.client</key> <key>com.apple.security.network.client</key>
<true/> <true/>
<key>com.apple.security.network.server</key>
<true/>
<key>com.apple.developer.networking.networkextension</key> <key>com.apple.developer.networking.networkextension</key>
<array> <array>
<string>packet-tunnel-provider</string> <string>packet-tunnel-provider</string>

6
burrow/src/daemon/mod.rs
View file

@ -2,13 +2,14 @@ use std::{
net::{IpAddr, Ipv4Addr, SocketAddr}, net::{IpAddr, Ipv4Addr, SocketAddr},
sync::Arc, sync::Arc,
}; };
use std::net::ToSocketAddrs;
mod command; mod command;
mod instance; mod instance;
mod net; mod net;
mod response; mod response;
use anyhow::{Error, Result}; use anyhow::{anyhow, Error, Result};
use base64::{engine::general_purpose, Engine as _}; use base64::{engine::general_purpose, Engine as _};
pub use command::{DaemonCommand, DaemonStartOptions}; pub use command::{DaemonCommand, DaemonStartOptions};
use fehler::throws; use fehler::throws;
@ -52,7 +53,8 @@ pub async fn daemon_main() -> Result<()> {
let private_key = parse_secret_key("GNqIAOCRxjl/cicZyvkvpTklgQuUmGUIEkH7IXF/sEE=")?; let private_key = parse_secret_key("GNqIAOCRxjl/cicZyvkvpTklgQuUmGUIEkH7IXF/sEE=")?;
let public_key = parse_public_key("uy75leriJay0+oHLhRMpV+A5xAQ0hCJ+q7Ww81AOvT4=")?; let public_key = parse_public_key("uy75leriJay0+oHLhRMpV+A5xAQ0hCJ+q7Ww81AOvT4=")?;
let preshared_key = Some(parse_key("s7lx/mg+reVEMnGnqeyYOQkzD86n2+gYnx1M9ygi08k=")?); let preshared_key = Some(parse_key("s7lx/mg+reVEMnGnqeyYOQkzD86n2+gYnx1M9ygi08k=")?);
let endpoint = SocketAddr::new(IpAddr::V4(Ipv4Addr::new(198, 18, 6, 180)), 51820); // DNS lookup under macos fails, somehow let endpoint = "wg.burrow.rs:51820".to_socket_addrs()?.next()
.ok_or(anyhow!("DNS Lookup Fails!"))?; // DNS lookup under macos fails, somehow
let iface = Interface::new(vec![Peer { let iface = Interface::new(vec![Peer {
endpoint, endpoint,

1
burrow/src/wireguard/iface.rs
View file

@ -131,6 +131,7 @@ impl Interface {
}; };
tracing::debug!("dst_addr: {}", dst_addr); tracing::debug!("dst_addr: {}", dst_addr);
debug!("src_addr: {}", Tunnel::src_address(src).unwrap());
let Some(idx) = pcbs.find(dst_addr) else { let Some(idx) = pcbs.find(dst_addr) else {
continue continue

24
burrow/src/wireguard/noise/mod.rs
View file

@ -205,6 +205,30 @@ impl Tunnel {
} }
} }
pub fn src_address(packet: &[u8]) -> Option<IpAddr> {
if packet.is_empty() {
return None
}
match packet[0] >> 4 {
4 if packet.len() >= IPV4_MIN_HEADER_SIZE => {
let addr_bytes: [u8; IPV4_IP_SZ] = packet
[IPV4_SRC_IP_OFF..IPV4_SRC_IP_OFF + IPV4_IP_SZ]
.try_into()
.unwrap();
Some(IpAddr::from(addr_bytes))
}
6 if packet.len() >= IPV6_MIN_HEADER_SIZE => {
let addr_bytes: [u8; IPV6_IP_SZ] = packet
[IPV6_SRC_IP_OFF..IPV6_SRC_IP_OFF + IPV6_IP_SZ]
.try_into()
.unwrap();
Some(IpAddr::from(addr_bytes))
}
_ => None,
}
}
/// Create a new tunnel using own private key and the peer public key /// Create a new tunnel using own private key and the peer public key
pub fn new( pub fn new(
static_private: x25519::StaticSecret, static_private: x25519::StaticSecret,