Add Early Data and Custom Header Support to HTTPUpgrade Transport (#3276

) * Add early reply draining for httpupgrade * Add early data config for httpupgrade * Add early data implementation for httpupgrade * Add send extra header for httpupgrade
v2fly · Jan 8, 2025 · 4c1d948 · 4c1d948
1 parent f0a87b9
commit 4c1d948
Show file tree

Hide file tree

Showing 10 changed files with 639 additions and 78 deletions.
diff --git a/testing/scenarios/config/httpupgrade_earlydataShortEarlyData_client.json b/testing/scenarios/config/httpupgrade_earlydataShortEarlyData_client.json
@@ -0,0 +1,48 @@
+{
+  "log": {
+    "error": {
+      "level": "Debug",
+      "type": "Console"
+    },
+    "access": {
+      "type": "None"
+    }
+  },
+  "outbounds": [
+    {
+      "protocol": "vmess",
+      "settings": {
+        "address": "127.0.0.1",
+        "port": 17793,
+        "uuid": "bcc71618-e552-42c2-a2a3-d4c17a9df764"
+      },
+      "streamSettings": {
+        "transport": "httpupgrade",
+        "transportSettings": {
+          "path": "b66efc0c7752",
+          "maxEarlyData": 32,
+          "earlyDataHeaderName": "Sec-Websocket-Key"
+        },
+        "security": "tls",
+        "securitySettings": {
+          "pinnedPeerCertificateChainSha256": [
+            "kqHyvea27Pn+JiSqA72lhu9IKAKeGR+3yCyA8JR1mug="
+          ],
+          "allowInsecureIfPinnedPeerCertificate": true
+        }
+      }
+    }
+  ],
+  "inbounds": [
+    {
+      "protocol": "socks",
+      "settings": {
+        "udpEnabled": false,
+        "address": "127.0.0.1",
+        "packetEncoding": "Packet"
+      },
+      "port": 17794,
+      "listen": "127.0.0.1"
+    }
+  ]
+}
diff --git a/testing/scenarios/config/httpupgrade_earlydataShortEarlyData_server.json b/testing/scenarios/config/httpupgrade_earlydataShortEarlyData_server.json
@@ -0,0 +1,46 @@
+{
+  "log": {
+    "error": {
+      "level": "Debug",
+      "type": "Console"
+    },
+    "access": {
+      "type": "None"
+    }
+  },
+  "outbounds": [
+    {
+      "protocol": "freedom"
+    }
+  ],
+  "inbounds": [
+    {
+      "listen": "127.0.0.1",
+      "port": 17793,
+      "protocol": "vmess",
+      "settings": {
+        "users": [
+          "bcc71618-e552-42c2-a2a3-d4c17a9df764"
+        ]
+      },
+      "streamSettings": {
+        "transport": "httpupgrade",
+        "transportSettings": {
+          "path": "b66efc0c7752",
+          "maxEarlyData": 32,
+          "earlyDataHeaderName": "Sec-Websocket-Key"
+        },
+        "security": "tls",
+        "securitySettings": {
+          "certificate": [
+            {
+              "usage": "ENCIPHERMENT",
+              "certificateFile": "cert/self-signed_cert.pem",
+              "keyFile": "cert/self-signed_key.pem"
+            }
+          ]
+        }
+      }
+    }
+  ]
+}
diff --git a/testing/scenarios/config/httpupgrade_earlydata_client.json b/testing/scenarios/config/httpupgrade_earlydata_client.json
@@ -0,0 +1,48 @@
+{
+  "log": {
+    "error": {
+      "level": "Debug",
+      "type": "Console"
+    },
+    "access": {
+      "type": "None"
+    }
+  },
+  "outbounds": [
+    {
+      "protocol": "vmess",
+      "settings": {
+        "address": "127.0.0.1",
+        "port": 17793,
+        "uuid": "bcc71618-e552-42c2-a2a3-d4c17a9df764"
+      },
+      "streamSettings": {
+        "transport": "httpupgrade",
+        "transportSettings": {
+          "path": "b66efc0c7752",
+          "maxEarlyData": 2048,
+          "earlyDataHeaderName": "Sec-Websocket-Key"
+        },
+        "security": "tls",
+        "securitySettings": {
+          "pinnedPeerCertificateChainSha256": [
+            "kqHyvea27Pn+JiSqA72lhu9IKAKeGR+3yCyA8JR1mug="
+          ],
+          "allowInsecureIfPinnedPeerCertificate": true
+        }
+      }
+    }
+  ],
+  "inbounds": [
+    {
+      "protocol": "socks",
+      "settings": {
+        "udpEnabled": false,
+        "address": "127.0.0.1",
+        "packetEncoding": "Packet"
+      },
+      "port": 17794,
+      "listen": "127.0.0.1"
+    }
+  ]
+}
diff --git a/testing/scenarios/config/httpupgrade_earlydata_server.json b/testing/scenarios/config/httpupgrade_earlydata_server.json
@@ -0,0 +1,46 @@
+{
+  "log": {
+    "error": {
+      "level": "Debug",
+      "type": "Console"
+    },
+    "access": {
+      "type": "None"
+    }
+  },
+  "outbounds": [
+    {
+      "protocol": "freedom"
+    }
+  ],
+  "inbounds": [
+    {
+      "listen": "127.0.0.1",
+      "port": 17793,
+      "protocol": "vmess",
+      "settings": {
+        "users": [
+          "bcc71618-e552-42c2-a2a3-d4c17a9df764"
+        ]
+      },
+      "streamSettings": {
+        "transport": "httpupgrade",
+        "transportSettings": {
+          "path": "b66efc0c7752",
+          "maxEarlyData": 2048,
+          "earlyDataHeaderName": "Sec-Websocket-Key"
+        },
+        "security": "tls",
+        "securitySettings": {
+          "certificate": [
+            {
+              "usage": "ENCIPHERMENT",
+              "certificateFile": "cert/self-signed_cert.pem",
+              "keyFile": "cert/self-signed_key.pem"
+            }
+          ]
+        }
+      }
+    }
+  ]
+}
diff --git a/testing/scenarios/httpupgrade_test.go b/testing/scenarios/httpupgrade_test.go
@@ -50,3 +50,81 @@ func TestHTTPUpgrade(t *testing.T) {
 		t.Error(err)
 	}
 }
+
+func TestHTTPUpgradeWithEarlyData(t *testing.T) {
+	tcpServer := tcp.Server{
+		MsgProcessor: xor,
+	}
+	dest, err := tcpServer.Start()
+	common.Must(err)
+	defer tcpServer.Close()
+
+	coreInst, InstMgrIfce := NewInstanceManagerCoreInstance()
+	defer coreInst.Close()
+
+	common.Must(InstMgrIfce.AddInstance(
+		context.TODO(),
+		"httpupgrade_client",
+		common.Must2(os.ReadFile("config/httpupgrade_earlydata_client.json")).([]byte),
+		"jsonv5"))
+
+	common.Must(InstMgrIfce.AddInstance(
+		context.TODO(),
+		"httpupgrade_server",
+		common.Must2(os.ReadFile("config/httpupgrade_earlydata_server.json")).([]byte),
+		"jsonv5"))
+
+	common.Must(InstMgrIfce.StartInstance(context.TODO(), "httpupgrade_server"))
+	common.Must(InstMgrIfce.StartInstance(context.TODO(), "httpupgrade_client"))
+
+	defer func() {
+		common.Must(InstMgrIfce.StopInstance(context.TODO(), "httpupgrade_server"))
+		common.Must(InstMgrIfce.StopInstance(context.TODO(), "httpupgrade_client"))
+		common.Must(InstMgrIfce.UntrackInstance(context.TODO(), "httpupgrade_server"))
+		common.Must(InstMgrIfce.UntrackInstance(context.TODO(), "httpupgrade_client"))
+		coreInst.Close()
+	}()
+
+	if err := testTCPConnViaSocks(17794, dest.Port, 1024, time.Second*2)(); err != nil {
+		t.Error(err)
+	}
+}
+
+func TestHTTPUpgradeWithShortEarlyData(t *testing.T) {
+	tcpServer := tcp.Server{
+		MsgProcessor: xor,
+	}
+	dest, err := tcpServer.Start()
+	common.Must(err)
+	defer tcpServer.Close()
+
+	coreInst, InstMgrIfce := NewInstanceManagerCoreInstance()
+	defer coreInst.Close()
+
+	common.Must(InstMgrIfce.AddInstance(
+		context.TODO(),
+		"httpupgrade_client",
+		common.Must2(os.ReadFile("config/httpupgrade_earlydataShortEarlyData_client.json")).([]byte),
+		"jsonv5"))
+
+	common.Must(InstMgrIfce.AddInstance(
+		context.TODO(),
+		"httpupgrade_server",
+		common.Must2(os.ReadFile("config/httpupgrade_earlydataShortEarlyData_server.json")).([]byte),
+		"jsonv5"))
+
+	common.Must(InstMgrIfce.StartInstance(context.TODO(), "httpupgrade_server"))
+	common.Must(InstMgrIfce.StartInstance(context.TODO(), "httpupgrade_client"))
+
+	defer func() {
+		common.Must(InstMgrIfce.StopInstance(context.TODO(), "httpupgrade_server"))
+		common.Must(InstMgrIfce.StopInstance(context.TODO(), "httpupgrade_client"))
+		common.Must(InstMgrIfce.UntrackInstance(context.TODO(), "httpupgrade_server"))
+		common.Must(InstMgrIfce.UntrackInstance(context.TODO(), "httpupgrade_client"))
+		coreInst.Close()
+	}()
+
+	if err := testTCPConnViaSocks(17794, dest.Port, 1024, time.Second*2)(); err != nil {
+		t.Error(err)
+	}
+}