tuic_test.go 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187
  1. package main
  2. import (
  3. "net/netip"
  4. "testing"
  5. C "github.com/sagernet/sing-box/constant"
  6. "github.com/sagernet/sing-box/option"
  7. "github.com/gofrs/uuid/v5"
  8. )
  9. func TestTUICSelf(t *testing.T) {
  10. t.Run("self", func(t *testing.T) {
  11. testTUICSelf(t, false, false)
  12. })
  13. t.Run("self-udp-stream", func(t *testing.T) {
  14. testTUICSelf(t, true, false)
  15. })
  16. t.Run("self-early", func(t *testing.T) {
  17. testTUICSelf(t, false, true)
  18. })
  19. }
  20. func testTUICSelf(t *testing.T, udpStream bool, zeroRTTHandshake bool) {
  21. _, certPem, keyPem := createSelfSignedCertificate(t, "example.org")
  22. var udpRelayMode string
  23. if udpStream {
  24. udpRelayMode = "quic"
  25. }
  26. startInstance(t, option.Options{
  27. Inbounds: []option.Inbound{
  28. {
  29. Type: C.TypeMixed,
  30. Tag: "mixed-in",
  31. MixedOptions: option.HTTPMixedInboundOptions{
  32. ListenOptions: option.ListenOptions{
  33. Listen: option.NewListenAddress(netip.IPv4Unspecified()),
  34. ListenPort: clientPort,
  35. },
  36. },
  37. },
  38. {
  39. Type: C.TypeTUIC,
  40. TUICOptions: option.TUICInboundOptions{
  41. ListenOptions: option.ListenOptions{
  42. Listen: option.NewListenAddress(netip.IPv4Unspecified()),
  43. ListenPort: serverPort,
  44. },
  45. Users: []option.TUICUser{{
  46. UUID: uuid.Nil.String(),
  47. }},
  48. ZeroRTTHandshake: zeroRTTHandshake,
  49. InboundTLSOptionsContainer: option.InboundTLSOptionsContainer{
  50. TLS: &option.InboundTLSOptions{
  51. Enabled: true,
  52. ServerName: "example.org",
  53. CertificatePath: certPem,
  54. KeyPath: keyPem,
  55. },
  56. },
  57. },
  58. },
  59. },
  60. Outbounds: []option.Outbound{
  61. {
  62. Type: C.TypeDirect,
  63. },
  64. {
  65. Type: C.TypeTUIC,
  66. Tag: "tuic-out",
  67. TUICOptions: option.TUICOutboundOptions{
  68. ServerOptions: option.ServerOptions{
  69. Server: "127.0.0.1",
  70. ServerPort: serverPort,
  71. },
  72. UUID: uuid.Nil.String(),
  73. UDPRelayMode: udpRelayMode,
  74. ZeroRTTHandshake: zeroRTTHandshake,
  75. OutboundTLSOptionsContainer: option.OutboundTLSOptionsContainer{
  76. TLS: &option.OutboundTLSOptions{
  77. Enabled: true,
  78. ServerName: "example.org",
  79. CertificatePath: certPem,
  80. },
  81. },
  82. },
  83. },
  84. },
  85. Route: &option.RouteOptions{
  86. Rules: []option.Rule{
  87. {
  88. DefaultOptions: option.DefaultRule{
  89. Inbound: []string{"mixed-in"},
  90. Outbound: "tuic-out",
  91. },
  92. },
  93. },
  94. },
  95. })
  96. testSuitLargeUDP(t, clientPort, testPort)
  97. }
  98. func TestTUICInbound(t *testing.T) {
  99. caPem, certPem, keyPem := createSelfSignedCertificate(t, "example.org")
  100. startInstance(t, option.Options{
  101. Inbounds: []option.Inbound{
  102. {
  103. Type: C.TypeTUIC,
  104. TUICOptions: option.TUICInboundOptions{
  105. ListenOptions: option.ListenOptions{
  106. Listen: option.NewListenAddress(netip.IPv4Unspecified()),
  107. ListenPort: serverPort,
  108. },
  109. Users: []option.TUICUser{{
  110. UUID: "FE35D05B-8803-45C4-BAE6-723AD2CD5D3D",
  111. Password: "tuic",
  112. }},
  113. InboundTLSOptionsContainer: option.InboundTLSOptionsContainer{
  114. TLS: &option.InboundTLSOptions{
  115. Enabled: true,
  116. ServerName: "example.org",
  117. CertificatePath: certPem,
  118. KeyPath: keyPem,
  119. },
  120. },
  121. },
  122. },
  123. },
  124. })
  125. startDockerContainer(t, DockerOptions{
  126. Image: ImageTUICClient,
  127. Ports: []uint16{serverPort, clientPort},
  128. Bind: map[string]string{
  129. "tuic-client.json": "/etc/tuic/config.json",
  130. caPem: "/etc/tuic/ca.pem",
  131. },
  132. })
  133. testSuitLargeUDP(t, clientPort, testPort)
  134. }
  135. func TestTUICOutbound(t *testing.T) {
  136. _, certPem, keyPem := createSelfSignedCertificate(t, "example.org")
  137. startDockerContainer(t, DockerOptions{
  138. Image: ImageTUICServer,
  139. Ports: []uint16{testPort},
  140. Bind: map[string]string{
  141. "tuic-server.json": "/etc/tuic/config.json",
  142. certPem: "/etc/tuic/cert.pem",
  143. keyPem: "/etc/tuic/key.pem",
  144. },
  145. })
  146. startInstance(t, option.Options{
  147. Inbounds: []option.Inbound{
  148. {
  149. Type: C.TypeMixed,
  150. MixedOptions: option.HTTPMixedInboundOptions{
  151. ListenOptions: option.ListenOptions{
  152. Listen: option.NewListenAddress(netip.IPv4Unspecified()),
  153. ListenPort: clientPort,
  154. },
  155. },
  156. },
  157. },
  158. Outbounds: []option.Outbound{
  159. {
  160. Type: C.TypeTUIC,
  161. TUICOptions: option.TUICOutboundOptions{
  162. ServerOptions: option.ServerOptions{
  163. Server: "127.0.0.1",
  164. ServerPort: serverPort,
  165. },
  166. UUID: "FE35D05B-8803-45C4-BAE6-723AD2CD5D3D",
  167. Password: "tuic",
  168. OutboundTLSOptionsContainer: option.OutboundTLSOptionsContainer{
  169. TLS: &option.OutboundTLSOptions{
  170. Enabled: true,
  171. ServerName: "example.org",
  172. CertificatePath: certPem,
  173. },
  174. },
  175. },
  176. },
  177. },
  178. })
  179. testSuitLargeUDP(t, clientPort, testPort)
  180. }