gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix: Decrypted traffic TCP handshake packet invalid direction

Browse Source
This commit is contained in:
luwenpeng
2023-11-20 14:28:20 +08:00
parent f4e719a78b
commit a63b66fe14
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
common/src/tfe_packet_io.cpp
View File

@@ -934,7 +934,7 @@ static void set_passthrough_reason(struct tfe_cmsg *cmsg, char *reason)
}
typedef int tcp_handshake_fn(struct tcp_restore_info *info, struct ether_addr *client_mac, struct ether_addr *server_mac, char *buffer, int size);
static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct tcp_restore_info *info, uint64_t session_id, int c2s_is_e2i_dir)
static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct tcp_restore_info *info, uint64_t session_id, struct route_ctx *c2s_route_ctx, struct route_ctx *s2c_route_ctx)
{
struct acceptor_kni_v4 *acceptor_ctx = thread->ref_acceptor_ctx;
struct packet_io *packet_io = thread->ref_io;
@@ -968,10 +968,10 @@ static void packet_io_send_fake_pkt(struct packet_io_thread_ctx *thread, struct
{
case 0: /* fail through */
case 2:
meta.is_e2i_dir = c2s_is_e2i_dir;
route_ctx_copy(&meta.route_ctx, c2s_route_ctx);
break;
case 1:
meta.is_e2i_dir = !c2s_is_e2i_dir;
route_ctx_copy(&meta.route_ctx, s2c_route_ctx);
break;
}
packet_io_set_metadata(tx_buffs[i], &meta, logger);
@@ -1082,7 +1082,7 @@ static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser
(STREAM_PROTO_SSL == (enum tfe_stream_proto)stream_protocol_in_char && thread->ref_proxy->traffic_steering_options.enable_steering_ssl) ||
enable_decrypted_traffic_steering == 1)
{
packet_io_send_fake_pkt(thread, &restore_info, meta->session_id, meta->is_e2i_dir);
packet_io_send_fake_pkt(thread, &restore_info, meta->session_id, &parser->seq_route_ctx, &parser->ack_route_ctx);
fd_fake_c = tfe_tcp_restore_fd_create(&(restore_info.client), &(restore_info.server), thread->ref_proxy->traffic_steering_options.device_client, thread->ref_proxy->traffic_steering_options.so_mask_client);
if (fd_fake_c < 0)