diff --git a/src/main.rs b/src/main.rs index 41ab62f..04b74b6 100644 --- a/src/main.rs +++ b/src/main.rs @@ -53,14 +53,9 @@ struct Client { #[arg(short='L', long, value_name = "{tcp,udp,socks5}://[BIND:]PORT:HOST:PORT", value_parser = parse_tunnel_arg)] local_to_remote: Vec, - /// (linux only) Mark network packet with SO_MARK sockoption with the specified value. - /// You need to use {root, sudo, capabilities} to run wstunnel when using this option - #[arg(long, value_name = "INT", verbatim_doc_comment)] - socket_so_mark: Option, - /// Domain name that will be use as SNI during TLS handshake /// Warning: If you are behind a CDN (i.e: Cloudflare) you must set this domain also in the http HOST header. - /// or it will be flag as fishy as your request rejected + /// or it will be flagged as fishy and your request rejected #[arg(long, value_name = "DOMAIN_NAME", value_parser = parse_sni_override, verbatim_doc_comment)] tls_sni_override: Option, diff --git a/src/tls.rs b/src/tls.rs index 158abdb..0bb63fc 100644 --- a/src/tls.rs +++ b/src/tls.rs @@ -61,7 +61,7 @@ pub fn tls_connector( let certs = rustls_native_certs::load_native_certs() .with_context(|| "Cannot load system certificates")?; for cert in certs { - root_store.add(&Certificate(cert.0)).unwrap(); + root_store.add(&Certificate(cert.0))?; } let mut config = ClientConfig::builder() diff --git a/src/transport.rs b/src/transport.rs index 8aaa162..28896db 100644 --- a/src/transport.rs +++ b/src/transport.rs @@ -293,7 +293,13 @@ async fn server_upgrade( tokio::spawn( async move { - let (ws_rx, mut ws_tx) = fut.await.unwrap().split(tokio::io::split); + let (ws_rx, mut ws_tx) = match fut.await { + Ok(ws) => ws.split(tokio::io::split), + Err(err) => { + error!("Error during http upgrade request: {:?}", err); + return; + } + }; let (close_tx, close_rx) = oneshot::channel::<()>(); let connect_timeout = server_config.timeout_connect; let ping_frequency = server_config @@ -477,8 +483,7 @@ async fn propagate_write( error!("error while reading from websocket rx {}", err); break; } - Err(err) => { - trace!("frame {:?}", err); + Err(_) => { // TODO: Check that the connection is not closed (no easy method to know if a tx is closed ...) continue; } diff --git a/src/udp.rs b/src/udp.rs index c21e68e..fdef752 100644 --- a/src/udp.rs +++ b/src/udp.rs @@ -19,8 +19,7 @@ use tracing::{debug, error, info}; const DEFAULT_UDP_BUFFER_SIZE: usize = 8 * 1024; struct UdpServer { - listener: UdpSocket, - std_socket: std::net::UdpSocket, + listener: Arc, buffer: Vec, peers: HashMap, keys_to_delete: Arc>>, @@ -28,12 +27,9 @@ struct UdpServer { } impl UdpServer { - pub fn new(listener: UdpSocket, timeout: Option) -> Self { - let socket = listener.into_std().unwrap(); - let listener = UdpSocket::from_std(socket.try_clone().unwrap()).unwrap(); + pub fn new(listener: Arc, timeout: Option) -> Self { Self { listener, - std_socket: socket, peers: HashMap::with_hasher(ahash::RandomState::new()), buffer: vec![0u8; DEFAULT_UDP_BUFFER_SIZE], keys_to_delete: Default::default(), @@ -55,14 +51,14 @@ impl UdpServer { keys_to_delete.clear(); } - fn clone_socket(&self) -> UdpSocket { - UdpSocket::from_std(self.std_socket.try_clone().unwrap()).unwrap() + fn clone_socket(&self) -> Arc { + self.listener.clone() } } #[pin_project(PinnedDrop)] pub struct UdpStream { - socket: UdpSocket, + socket: Arc, peer: SocketAddr, #[pin] deadline: Option, @@ -144,7 +140,7 @@ pub async fn run_server( .await .with_context(|| format!("Cannot create UDP server {:?}", bind))?; - let udp_server = UdpServer::new(listener, timeout); + let udp_server = UdpServer::new(Arc::new(listener), timeout); let stream = stream::unfold(udp_server, |mut server| async { loop { server.clean_dead_keys();