mirror of
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git
synced 2025-10-13 20:11:19 -04:00
Update Relay Pattern format to include dollar sign
This commit is contained in:
Shelikhoo
parent
ddf72025d1
commit
97dea533da
4 changed files with 24 additions and 15 deletions
|
|
@ -3,9 +3,14 @@ package namematcher
|
||||||
import "strings"
|
import "strings"
|
||||||
|
|
||||||
func NewNameMatcher(rule string) NameMatcher {
|
func NewNameMatcher(rule string) NameMatcher {
|
||||||
|
rule = strings.TrimSuffix(rule, "$")
|
||||||
return NameMatcher{suffix: strings.TrimPrefix(rule, "^"), exact: strings.HasPrefix(rule, "^")}
|
return NameMatcher{suffix: strings.TrimPrefix(rule, "^"), exact: strings.HasPrefix(rule, "^")}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func IsValidRule(rule string) bool {
|
||||||
|
return strings.HasSuffix(rule, "$")
|
||||||
|
}
|
||||||
|
|
||||||
type NameMatcher struct {
|
type NameMatcher struct {
|
||||||
exact bool
|
exact bool
|
||||||
suffix string
|
suffix string
|
||||||
|
|
|
||||||
|
|
@ -11,13 +11,13 @@ func TestMatchMember(t *testing.T) {
|
||||||
expects bool
|
expects bool
|
||||||
}{
|
}{
|
||||||
{matcher: "", target: "", expects: true},
|
{matcher: "", target: "", expects: true},
|
||||||
{matcher: "^snowflake.torproject.net", target: "snowflake.torproject.net", expects: true},
|
{matcher: "^snowflake.torproject.net$", target: "snowflake.torproject.net", expects: true},
|
||||||
{matcher: "^snowflake.torproject.net", target: "faketorproject.net", expects: false},
|
{matcher: "^snowflake.torproject.net$", target: "faketorproject.net", expects: false},
|
||||||
{matcher: "snowflake.torproject.net", target: "faketorproject.net", expects: false},
|
{matcher: "snowflake.torproject.net$", target: "faketorproject.net", expects: false},
|
||||||
{matcher: "snowflake.torproject.net", target: "snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "snowflake.torproject.net", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "imaginary-01-snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "imaginary-01-snowflake.torproject.net", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "imaginary-aaa-snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "imaginary-aaa-snowflake.torproject.net", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "imaginary-aaa-snowflake.faketorproject.net", expects: false},
|
{matcher: "snowflake.torproject.net$", target: "imaginary-aaa-snowflake.faketorproject.net", expects: false},
|
||||||
}
|
}
|
||||||
for _, v := range testingVector {
|
for _, v := range testingVector {
|
||||||
t.Run(v.matcher+"<>"+v.target, func(t *testing.T) {
|
t.Run(v.matcher+"<>"+v.target, func(t *testing.T) {
|
||||||
|
|
@ -36,12 +36,12 @@ func TestMatchSubset(t *testing.T) {
|
||||||
expects bool
|
expects bool
|
||||||
}{
|
}{
|
||||||
{matcher: "", target: "", expects: true},
|
{matcher: "", target: "", expects: true},
|
||||||
{matcher: "^snowflake.torproject.net", target: "^snowflake.torproject.net", expects: true},
|
{matcher: "^snowflake.torproject.net$", target: "^snowflake.torproject.net$", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "^snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "^snowflake.torproject.net$", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "snowflake.torproject.net$", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "testing-snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "testing-snowflake.torproject.net$", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "^testing-snowflake.torproject.net", expects: true},
|
{matcher: "snowflake.torproject.net$", target: "^testing-snowflake.torproject.net$", expects: true},
|
||||||
{matcher: "snowflake.torproject.net", target: "", expects: false},
|
{matcher: "snowflake.torproject.net$", target: "", expects: false},
|
||||||
}
|
}
|
||||||
for _, v := range testingVector {
|
for _, v := range testingVector {
|
||||||
t.Run(v.matcher+"<>"+v.target, func(t *testing.T) {
|
t.Run(v.matcher+"<>"+v.target, func(t *testing.T) {
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,6 @@ import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/namematcher"
|
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
|
|
@ -43,6 +42,7 @@ import (
|
||||||
|
|
||||||
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/event"
|
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/event"
|
||||||
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/messages"
|
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/messages"
|
||||||
|
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/namematcher"
|
||||||
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/task"
|
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/task"
|
||||||
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/util"
|
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/util"
|
||||||
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/websocketconn"
|
"git.torproject.org/pluggable-transports/snowflake.git/v2/common/websocketconn"
|
||||||
|
|
@ -582,6 +582,10 @@ func (sf *SnowflakeProxy) Start() error {
|
||||||
return fmt.Errorf("invalid relay url: %s", err)
|
return fmt.Errorf("invalid relay url: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !namematcher.IsValidRule(sf.RelayDomainNamePattern) {
|
||||||
|
return fmt.Errorf("invalid relay domain name pattern")
|
||||||
|
}
|
||||||
|
|
||||||
config = webrtc.Configuration{
|
config = webrtc.Configuration{
|
||||||
ICEServers: []webrtc.ICEServer{
|
ICEServers: []webrtc.ICEServer{
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ func main() {
|
||||||
unsafeLogging := flag.Bool("unsafe-logging", false, "prevent logs from being scrubbed")
|
unsafeLogging := flag.Bool("unsafe-logging", false, "prevent logs from being scrubbed")
|
||||||
keepLocalAddresses := flag.Bool("keep-local-addresses", false, "keep local LAN address ICE candidates")
|
keepLocalAddresses := flag.Bool("keep-local-addresses", false, "keep local LAN address ICE candidates")
|
||||||
relayURL := flag.String("relay", sf.DefaultRelayURL, "websocket relay URL")
|
relayURL := flag.String("relay", sf.DefaultRelayURL, "websocket relay URL")
|
||||||
allowedRelayHostNamePattern := flag.String("allowed-relay-hostname-pattern", "snowflake.torproject.net", "a pattern to specify allowed hostname pattern for relay URL.")
|
allowedRelayHostNamePattern := flag.String("allowed-relay-hostname-pattern", "snowflake.torproject.net$", "a pattern to specify allowed hostname pattern for relay URL.")
|
||||||
allowNonTLSRelay := flag.Bool("allow-non-tls-relay", false, "allow relay without tls encryption")
|
allowNonTLSRelay := flag.Bool("allow-non-tls-relay", false, "allow relay without tls encryption")
|
||||||
NATTypeMeasurementInterval := flag.Duration("nat-retest-interval", time.Hour*24,
|
NATTypeMeasurementInterval := flag.Duration("nat-retest-interval", time.Hour*24,
|
||||||
"the time interval in second before NAT type is retested, 0s disables retest. Valid time units are \"s\", \"m\", \"h\". ")
|
"the time interval in second before NAT type is retested, 0s disables retest. Valid time units are \"s\", \"m\", \"h\". ")
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue