Cloak/internal/multiplex/stream.go

package multiplex

import (
	"errors"
	"io"
	"net"
	"time"

	log "github.com/sirupsen/logrus"
	"sync"
	"sync/atomic"
)

var ErrBrokenStream = errors.New("broken stream")

type Stream struct {
	id uint32

	session *Session

	recvBuf recvBuffer

	nextSendSeq uint64

	writingM sync.Mutex

	// atomic
	closed uint32

	// lazy allocation for obfsBuf. This is desirable because obfsBuf is only used when data is sent from
	// the stream (through Write or ReadFrom). Some streams never send data so eager allocation will waste
	// memory
	allocIdempot sync.Once
	// obfuscation happens in this buffer
	obfsBuf []byte

	// we assign each stream a fixed underlying TCP connection to utilise order guarantee provided by TCP itself
	// so that frameSorter should have few to none ooo frames to deal with
	// overall the streams in a session should be uniformly distributed across all connections
	// This is not used in unordered connection mode
	assignedConnId uint32

	rfTimeout time.Duration
}

func makeStream(sesh *Session, id uint32) *Stream {
	var recvBuf recvBuffer
	if sesh.Unordered {
		recvBuf = NewDatagramBufferedPipe()
	} else {
		recvBuf = NewStreamBuffer()
	}

	stream := &Stream{
		id:      id,
		session: sesh,
		recvBuf: recvBuf,
	}

	return stream
}

func (s *Stream) isClosed() bool { return atomic.LoadUint32(&s.closed) == 1 }

// receive a readily deobfuscated Frame so its payload can later be Read
func (s *Stream) recvFrame(frame Frame) error {
	toBeClosed, err := s.recvBuf.Write(frame)
	if toBeClosed {
		err = s.passiveClose()
		if errors.Is(err, errRepeatStreamClosing) {
			log.Debug(err)
			return nil
		}
		return err
	}
	return err
}

// Read implements io.Read
func (s *Stream) Read(buf []byte) (n int, err error) {
	//log.Tracef("attempting to read from stream %v", s.id)
	if len(buf) == 0 {
		return 0, nil
	}

	n, err = s.recvBuf.Read(buf)
	log.Tracef("%v read from stream %v with err %v", n, s.id, err)
	if err == io.EOF {
		return n, ErrBrokenStream
	}
	return
}

func (s *Stream) WriteTo(w io.Writer) (int64, error) {
	// will keep writing until the underlying buffer is closed
	n, err := s.recvBuf.WriteTo(w)
	log.Tracef("%v read from stream %v with err %v", n, s.id, err)
	if err == io.EOF {
		return n, ErrBrokenStream
	}
	return n, nil
}

func (s *Stream) sendFrame(f *Frame, framePayloadOffset int) error {
	var cipherTextLen int
	cipherTextLen, err := s.session.Obfs(f, s.obfsBuf, framePayloadOffset)
	if err != nil {
		return err
	}

	_, err = s.session.sb.send(s.obfsBuf[:cipherTextLen], &s.assignedConnId)
	log.Tracef("%v sent to remote through stream %v with err %v. seq: %v", len(f.Payload), s.id, err, f.Seq)
	if err != nil {
		if err == errBrokenSwitchboard {
			s.session.SetTerminalMsg(err.Error())
			s.session.passiveClose()
		}
		return err
	}
	return nil
}

// Write implements io.Write
func (s *Stream) Write(in []byte) (n int, err error) {
	s.writingM.Lock()
	defer s.writingM.Unlock()
	if s.isClosed() {
		return 0, ErrBrokenStream
	}

	if s.obfsBuf == nil {
		s.obfsBuf = make([]byte, s.session.StreamSendBufferSize)
	}
	for n < len(in) {
		var framePayload []byte
		if len(in)-n <= s.session.maxStreamUnitWrite {
			framePayload = in[n:]
		} else {
			if s.session.Unordered { // no splitting
				err = io.ErrShortBuffer
				return
			}
			framePayload = in[n : s.session.maxStreamUnitWrite+n]
		}
		f := &Frame{
			StreamID: s.id,
			Seq:      s.nextSendSeq,
			Closing:  C_NOOP,
			Payload:  framePayload,
		}
		s.nextSendSeq++
		err = s.sendFrame(f, 0)
		if err != nil {
			return
		}
		n += len(framePayload)
	}
	return
}

func (s *Stream) ReadFrom(r io.Reader) (n int64, err error) {
	if s.obfsBuf == nil {
		s.obfsBuf = make([]byte, s.session.StreamSendBufferSize)
	}
	for {
		if s.rfTimeout != 0 {
			if rder, ok := r.(net.Conn); !ok {
				log.Warn("ReadFrom timeout is set but reader doesn't implement SetReadDeadline")
			} else {
				rder.SetReadDeadline(time.Now().Add(s.rfTimeout))
			}
		}
		read, er := r.Read(s.obfsBuf[HEADER_LEN : HEADER_LEN+s.session.maxStreamUnitWrite])
		if er != nil {
			return n, er
		}
		if s.isClosed() {
			return n, ErrBrokenStream
		}

		s.writingM.Lock()
		f := &Frame{
			StreamID: s.id,
			Seq:      s.nextSendSeq,
			Closing:  C_NOOP,
			Payload:  s.obfsBuf[HEADER_LEN : HEADER_LEN+read],
		}
		s.nextSendSeq++
		err = s.sendFrame(f, HEADER_LEN)
		s.writingM.Unlock()

		if err != nil {
			return
		}
		n += int64(read)
	}
}

func (s *Stream) passiveClose() error {
	return s.session.closeStream(s, false)
}

// active close. Close locally and tell the remote that this stream is being closed
func (s *Stream) Close() error {
	s.writingM.Lock()
	defer s.writingM.Unlock()

	return s.session.closeStream(s, true)
}

func (s *Stream) LocalAddr() net.Addr  { return s.session.addrs.Load().([]net.Addr)[0] }
func (s *Stream) RemoteAddr() net.Addr { return s.session.addrs.Load().([]net.Addr)[1] }

// TODO: implement the following
func (s *Stream) SetWriteToTimeout(d time.Duration)  { s.recvBuf.SetWriteToTimeout(d) }
func (s *Stream) SetReadDeadline(t time.Time) error  { s.recvBuf.SetReadDeadline(t); return nil }
func (s *Stream) SetReadFromTimeout(d time.Duration) { s.rfTimeout = d }

// the following functions are purely for implementing net.Conn interface.
// they are not used
var errNotImplemented = errors.New("Not implemented")

func (s *Stream) SetDeadline(t time.Time) error      { return errNotImplemented }
func (s *Stream) SetWriteDeadline(t time.Time) error { return errNotImplemented }
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`package multiplex`

			`import (`
			`"errors"`
Experimental support for UDP 2019-08-14 09:04:27 +00:00			`"io"`
make Session implement net.Listener 2019-07-23 10:06:49 +00:00			`"net"`
			`"time"`

Improve logging 2019-08-02 14:45:33 +00:00			`log "github.com/sirupsen/logrus"`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`"sync"`
General improvements 2018-10-23 19:47:58 +00:00			`"sync/atomic"`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`)`

Redo the header obfuscation. Fix hiccups caused by short packets 2019-01-06 01:40:27 +00:00			`var ErrBrokenStream = errors.New("broken stream")`
Multiplex initial commit 2018-10-05 22:44:20 +00:00
			`type Stream struct {`
			`id uint32`

			`session *Session`

Refactor frameSorter and datagramBuffer under one interface 2019-08-22 10:48:10 +00:00			`recvBuf recvBuffer`
Refactor frame sorter 2019-08-05 12:32:53 +00:00
Use 64bit frame Seq to prevent nonce reuse 2019-08-27 14:06:28 +00:00			`nextSendSeq uint64`
Untested client 2018-10-07 17:09:45 +00:00
Synchronise stream.Write 2020-04-12 00:34:21 +00:00			`writingM sync.Mutex`
Use sync.Once to close die ch 2018-11-23 23:57:35 +00:00
More comments 2019-08-20 21:43:04 +00:00			`// atomic`
Stream optimisations 2019-07-28 10:58:45 +00:00			`closed uint32`
Buffer reuse in obfs 2019-08-04 09:38:49 +00:00
Refactor for clarity and add comments 2020-10-18 13:42:47 +00:00			`// lazy allocation for obfsBuf. This is desirable because obfsBuf is only used when data is sent from`
			`// the stream (through Write or ReadFrom). Some streams never send data so eager allocation will waste`
			`// memory`
Lazy allocation 2020-04-11 23:49:49 +00:00			`allocIdempot sync.Once`
Refactor for clarity and add comments 2020-10-18 13:42:47 +00:00			`// obfuscation happens in this buffer`
			`obfsBuf []byte`
Change the frame distribution strategy so that each stream is assigned a fixed underlying TCP connection to send its frames to reduce framesorter ooo count 2019-08-05 21:14:11 +00:00
			`// we assign each stream a fixed underlying TCP connection to utilise order guarantee provided by TCP itself`
			`// so that frameSorter should have few to none ooo frames to deal with`
			`// overall the streams in a session should be uniformly distributed across all connections`
More comments 2019-08-20 21:43:04 +00:00			`// This is not used in unordered connection mode`
Change the frame distribution strategy so that each stream is assigned a fixed underlying TCP connection to send its frames to reduce framesorter ooo count 2019-08-05 21:14:11 +00:00			`assignedConnId uint32`
Implement WriteTo and ReadFrom timeouts 2020-04-14 12:31:24 +00:00
			`rfTimeout time.Duration`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`}`

Assign connId only when needed 2020-04-12 11:51:00 +00:00			`func makeStream(sesh Session, id uint32) Stream {`
Refactor frameSorter and datagramBuffer under one interface 2019-08-22 10:48:10 +00:00			`var recvBuf recvBuffer`
Experimental support for UDP 2019-08-14 09:04:27 +00:00			`if sesh.Unordered {`
Give more descriptive names to multiplex objects 2020-10-15 21:51:36 +00:00			`recvBuf = NewDatagramBufferedPipe()`
Experimental support for UDP 2019-08-14 09:04:27 +00:00			`} else {`
Refactor frameSorter and datagramBuffer under one interface 2019-08-22 10:48:10 +00:00			`recvBuf = NewStreamBuffer()`
Experimental support for UDP 2019-08-14 09:04:27 +00:00			`}`
Refactor frame sorter 2019-08-05 12:32:53 +00:00
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`stream := &Stream{`
Assign connId only when needed 2020-04-12 11:51:00 +00:00			`id: id,`
			`session: sesh,`
			`recvBuf: recvBuf,`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`}`
Refactor frame sorter 2019-08-05 12:32:53 +00:00
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`return stream`
			`}`

Stream optimisations 2019-07-28 10:58:45 +00:00			`func (s *Stream) isClosed() bool { return atomic.LoadUint32(&s.closed) == 1 }`

Refactor for clarity and add comments 2020-10-18 13:42:47 +00:00			`// receive a readily deobfuscated Frame so its payload can later be Read`
			`func (s *Stream) recvFrame(frame Frame) error {`
Improve stream closing logic and add tests 2020-01-22 21:12:32 +00:00			`toBeClosed, err := s.recvBuf.Write(frame)`
			`if toBeClosed {`
Log repeat stream closing on Debug level 2020-04-20 22:54:41 +00:00			`err = s.passiveClose()`
			`if errors.Is(err, errRepeatStreamClosing) {`
			`log.Debug(err)`
			`return nil`
			`}`
			`return err`
Improve stream closing logic and add tests 2020-01-22 21:12:32 +00:00			`}`
			`return err`
Refactor switchboard configuration and add unordered option 2019-08-11 23:48:20 +00:00			`}`
Refactor switchboard 2019-08-05 13:33:20 +00:00
More comments 2019-08-20 21:43:04 +00:00			`// Read implements io.Read`
Stream optimisations 2019-07-28 10:58:45 +00:00			`func (s *Stream) Read(buf []byte) (n int, err error) {`
Add more trace logs 2019-08-06 10:19:47 +00:00			`//log.Tracef("attempting to read from stream %v", s.id)`
Fix infinite loop. Baseline 2018-10-16 20:13:19 +00:00			`if len(buf) == 0 {`
Change behaviour of stream.Write(nil) 2020-04-08 17:16:54 +00:00			`return 0, nil`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`}`
Experimental support for UDP 2019-08-14 09:04:27 +00:00
Remove unnecessary Len check 2019-08-30 19:39:23 +00:00			`n, err = s.recvBuf.Read(buf)`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`log.Tracef("%v read from stream %v with err %v", n, s.id, err)`
Remove unnecessary Len check 2019-08-30 19:39:23 +00:00			`if err == io.EOF {`
			`return n, ErrBrokenStream`
Fix infinite loop. Baseline 2018-10-16 20:13:19 +00:00			`}`
Remove unnecessary Len check 2019-08-30 19:39:23 +00:00			`return`
Implement stream WriteTo 2020-04-12 11:43:24 +00:00			`}`
Remove unnecessary Len check 2019-08-30 19:39:23 +00:00
Implement stream WriteTo 2020-04-12 11:43:24 +00:00			`func (s *Stream) WriteTo(w io.Writer) (int64, error) {`
			`// will keep writing until the underlying buffer is closed`
Make WriteTo return the correct errors 2020-04-12 15:34:49 +00:00			`n, err := s.recvBuf.WriteTo(w)`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`log.Tracef("%v read from stream %v with err %v", n, s.id, err)`
Make WriteTo return the correct errors 2020-04-12 15:34:49 +00:00			`if err == io.EOF {`
			`return n, ErrBrokenStream`
			`}`
			`return n, nil`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`}`

Explicitly allow buf overlap in obfs 2020-04-13 21:48:28 +00:00			`func (s Stream) sendFrame(f Frame, framePayloadOffset int) error {`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`var cipherTextLen int`
Explicitly allow buf overlap in obfs 2020-04-13 21:48:28 +00:00			`cipherTextLen, err := s.session.Obfs(f, s.obfsBuf, framePayloadOffset)`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`if err != nil {`
			`return err`
			`}`

			`_, err = s.session.sb.send(s.obfsBuf[:cipherTextLen], &s.assignedConnId)`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`log.Tracef("%v sent to remote through stream %v with err %v. seq: %v", len(f.Payload), s.id, err, f.Seq)`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`if err != nil {`
			`if err == errBrokenSwitchboard {`
			`s.session.SetTerminalMsg(err.Error())`
			`s.session.passiveClose()`
			`}`
			`return err`
			`}`
			`return nil`
			`}`

More comments 2019-08-20 21:43:04 +00:00			`// Write implements io.Write`
Stream optimisations 2019-07-28 10:58:45 +00:00			`func (s *Stream) Write(in []byte) (n int, err error) {`
Synchronise stream.Write 2020-04-12 00:34:21 +00:00			`s.writingM.Lock()`
			`defer s.writingM.Unlock()`
Stream optimisations 2019-07-28 10:58:45 +00:00			`if s.isClosed() {`
Redo the header obfuscation. Fix hiccups caused by short packets 2019-01-06 01:40:27 +00:00			`return 0, ErrBrokenStream`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`}`

Synchronise stream.Write 2020-04-12 00:34:21 +00:00			`if s.obfsBuf == nil {`
Refactor for clarity and add comments 2020-10-18 13:42:47 +00:00			`s.obfsBuf = make([]byte, s.session.StreamSendBufferSize)`
Synchronise stream.Write 2020-04-12 00:34:21 +00:00			`}`
Framing in Stream.Write to prevent silent short write 2020-04-10 17:48:36 +00:00			`for n < len(in) {`
			`var framePayload []byte`
			`if len(in)-n <= s.session.maxStreamUnitWrite {`
			`framePayload = in[n:]`
			`} else {`
Refactor udp piping and add tests 2020-04-11 21:37:15 +00:00			`if s.session.Unordered { // no splitting`
			`err = io.ErrShortBuffer`
			`return`
			`}`
Framing in Stream.Write to prevent silent short write 2020-04-10 17:48:36 +00:00			`framePayload = in[n : s.session.maxStreamUnitWrite+n]`
			`}`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`f := &Frame{`
			`StreamID: s.id,`
			`Seq: s.nextSendSeq,`
			`Closing: C_NOOP,`
			`Payload: framePayload,`
			`}`
			`s.nextSendSeq++`
Explicitly allow buf overlap in obfs 2020-04-13 21:48:28 +00:00			`err = s.sendFrame(f, 0)`
Framing in Stream.Write to prevent silent short write 2020-04-10 17:48:36 +00:00			`if err != nil {`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`return`
Fix potential deadlocks 2019-10-08 22:11:16 +00:00			`}`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`n += len(framePayload)`
			`}`
			`return`
			`}`
Multiplex initial commit 2018-10-05 22:44:20 +00:00
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`func (s *Stream) ReadFrom(r io.Reader) (n int64, err error) {`
			`if s.obfsBuf == nil {`
Refactor for clarity and add comments 2020-10-18 13:42:47 +00:00			`s.obfsBuf = make([]byte, s.session.StreamSendBufferSize)`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`}`
			`for {`
Implement WriteTo and ReadFrom timeouts 2020-04-14 12:31:24 +00:00			`if s.rfTimeout != 0 {`
			`if rder, ok := r.(net.Conn); !ok {`
			`log.Warn("ReadFrom timeout is set but reader doesn't implement SetReadDeadline")`
			`} else {`
			`rder.SetReadDeadline(time.Now().Add(s.rfTimeout))`
			`}`
			`}`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`read, er := r.Read(s.obfsBuf[HEADER_LEN : HEADER_LEN+s.session.maxStreamUnitWrite])`
			`if er != nil {`
			`return n, er`
			`}`
			`if s.isClosed() {`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`return n, ErrBrokenStream`
			`}`

			`s.writingM.Lock()`
			`f := &Frame{`
			`StreamID: s.id,`
			`Seq: s.nextSendSeq,`
			`Closing: C_NOOP,`
			`Payload: s.obfsBuf[HEADER_LEN : HEADER_LEN+read],`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`}`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`s.nextSendSeq++`
Explicitly allow buf overlap in obfs 2020-04-13 21:48:28 +00:00			`err = s.sendFrame(f, HEADER_LEN)`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`s.writingM.Unlock()`

Framing in Stream.Write to prevent silent short write 2020-04-10 17:48:36 +00:00			`if err != nil {`
			`return`
			`}`
Implement stream ReadFrom (flimsy) 2020-04-12 22:01:30 +00:00			`n += int64(read)`
Framing in Stream.Write to prevent silent short write 2020-04-10 17:48:36 +00:00			`}`
Multiplex initial commit 2018-10-05 22:44:20 +00:00			`}`

Introduce a special Session closing frame 2019-10-14 14:34:14 +00:00			`func (s *Stream) passiveClose() error {`
			`return s.session.closeStream(s, false)`
Stream closing is now ordered 2018-10-27 22:35:46 +00:00			`}`

			`// active close. Close locally and tell the remote that this stream is being closed`
Stream optimisations 2019-07-28 10:58:45 +00:00			`func (s *Stream) Close() error {`
Lock stream sending in all cases 2020-04-13 15:39:19 +00:00			`s.writingM.Lock()`
			`defer s.writingM.Unlock()`

Introduce a special Session closing frame 2019-10-14 14:34:14 +00:00			`return s.session.closeStream(s, true)`
General improvements 2018-10-23 19:47:58 +00:00			`}`
make Session implement net.Listener 2019-07-23 10:06:49 +00:00
Stream optimisations 2019-07-28 10:58:45 +00:00			`func (s *Stream) LocalAddr() net.Addr { return s.session.addrs.Load().([]net.Addr)[0] }`
			`func (s *Stream) RemoteAddr() net.Addr { return s.session.addrs.Load().([]net.Addr)[1] }`
make Session implement net.Listener 2019-07-23 10:06:49 +00:00
			`// TODO: implement the following`
Implement WriteTo and ReadFrom timeouts 2020-04-14 12:31:24 +00:00			`func (s *Stream) SetWriteToTimeout(d time.Duration) { s.recvBuf.SetWriteToTimeout(d) }`
Implement stream SetReadDeadline 2020-04-09 17:56:17 +00:00			`func (s *Stream) SetReadDeadline(t time.Time) error { s.recvBuf.SetReadDeadline(t); return nil }`
Implement WriteTo and ReadFrom timeouts 2020-04-14 12:31:24 +00:00			`func (s *Stream) SetReadFromTimeout(d time.Duration) { s.rfTimeout = d }`
Refactor for clarity and add comments 2020-10-18 13:42:47 +00:00
			`// the following functions are purely for implementing net.Conn interface.`
			`// they are not used`
			`var errNotImplemented = errors.New("Not implemented")`

			`func (s *Stream) SetDeadline(t time.Time) error { return errNotImplemented }`
Stream optimisations 2019-07-28 10:58:45 +00:00			`func (s *Stream) SetWriteDeadline(t time.Time) error { return errNotImplemented }`