wgproxy 0.3.0

A tiny layer-4-proxy to bridge WireGuard®-like traffic via a jump-host
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156

//! Session-related test cases

mod utils;
use std::net::UdpSocket;
use std::thread;

/// Tests that a trivial handshake and subsequent session works
#[test]
pub fn handshake() {
    // Start custom proxy session for testing
    let (config, wgproxy, server) = utils::session();

    // Setup client
    let client = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let handshake = utils::handshake(&config.WGPROXY_PUBKEY);
    let mut buf = [0; 512];

    // Do handshake
    client.send_to(&handshake, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake);

    // Send packet back to the client
    server.send_to(b"TESTOLOPE", relay_nat_address).expect("failed to send test reply");
    let (buf_len, _) = client.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], b"TESTOLOPE");
}

/// Tests that multiple handshakes do not reset the an existing session
#[test]
pub fn handshake2() {
    // Start custom proxy session for testing
    let (config, wgproxy, server) = utils::session();

    // Setup client
    let client0 = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let client1 = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let handshake0 = utils::handshake(&config.WGPROXY_PUBKEY);
    let handshake1 = utils::handshake(&config.WGPROXY_PUBKEY);
    let mut buf = [0; 512];

    // Send packet to the server
    client0.send_to(&handshake0, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake0);

    // Send a packet back to the client
    server.send_to(b"testolope:0", relay_nat_address).expect("failed to send test reply");
    let (buf_len, _) = client0.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], b"testolope:0");

    // Do another handshake from the new address
    client1.send_to(&handshake1, wgproxy).expect("failed to send test packet");

    // Send second packet back to the client and ensure that it arrives on the old address
    server.send_to(b"testolope:1", relay_nat_address).expect("failed to send test reply");
    let (buf_len, _) = client0.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], b"testolope:1");
}

/// Tests that session timeouts are handled gracefully
#[test]
pub fn timeout() {
    // Start custom proxy session for testing
    let (config, wgproxy, server) = utils::session();

    // Setup client
    let client = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let handshake0 = utils::handshake(&config.WGPROXY_PUBKEY);
    let handshake1 = utils::handshake(&config.WGPROXY_PUBKEY);
    let mut buf = [0; 512];

    // Do handshake
    client.send_to(&handshake0, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake0);

    // Let the connection timeout, then send a packet back
    thread::sleep(config.WGPROXY_TIMEOUT * 2);
    server.send_to(b"testolope:0", relay_nat_address).expect("failed to send test reply");

    // Do another handshake
    client.send_to(&handshake1, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake1);

    // Send second packet back to the client and ensure that only this packet arrives
    server.send_to(b"testolope:1", relay_nat_address).expect("failed to send test reply");
    let (buf_len, _) = client.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], b"testolope:1");
}

/// Tests that session timeouts and address changes are handled gracefully
#[test]
pub fn timeout2() {
    // Start custom proxy session for testing
    let (config, wgproxy, server) = utils::session();

    // Setup client
    let client0 = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let client1 = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let handshake0 = utils::handshake(&config.WGPROXY_PUBKEY);
    let handshake1 = utils::handshake(&config.WGPROXY_PUBKEY);
    let mut buf = [0; 512];

    // Do handshake
    client0.send_to(&handshake0, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake0);

    // Let the connection timeout, then send a packet back
    thread::sleep(config.WGPROXY_TIMEOUT * 2);
    server.send_to(b"testolope:0", relay_nat_address).expect("failed to send test reply");

    // Do another handshake from the new address
    client1.send_to(&handshake1, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake1);

    // Send second packet back to the client and ensure that this packet arrives on the new address
    server.send_to(b"testolope:1", relay_nat_address).expect("failed to send test reply");
    let (buf_len, _) = client1.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], b"testolope:1");
}

/// Tests that a trivial handshake and subsequent session works with a bunch of messages
#[test]
pub fn batch() {
    // Start custom proxy session for testing
    let (config, wgproxy, server) = utils::session();

    // Setup client
    let client = UdpSocket::bind("127.0.0.1:0").expect("failed to create client socket");
    let handshake = utils::handshake(&config.WGPROXY_PUBKEY);
    let mut buf = [0; 512];

    // Do handshake
    client.send_to(&handshake, wgproxy).expect("failed to send test packet");
    let (buf_len, relay_nat_address) = server.recv_from(&mut buf).expect("failed to receive test packet");
    assert_eq!(&buf[..buf_len], handshake);

    // Send a lot of messages
    for index in 0usize..65536 {
        // Send packet to the server
        let message = index.to_ne_bytes();
        client.send_to(&message, relay_nat_address).expect("failed to send test reply");
        let (buf_len, _) = server.recv_from(&mut buf).expect("failed to receive test packet");
        assert_eq!(&buf[..buf_len], &message);

        // Send packet back to the client
        let message = (!index).to_ne_bytes();
        server.send_to(&message, relay_nat_address).expect("failed to send test reply");
        let (buf_len, _) = client.recv_from(&mut buf).expect("failed to receive test packet");
        assert_eq!(&buf[..buf_len], &message);
    }
}