Merge branch 'main' into junyi-outline-cli

.gitignore

@@ -0,0 +1,2 @@
+# MacOS files
+.DS_Store

CONTRIBUTING.md

@@ -0,0 +1,182 @@
+# How to contribute
+
+We'd love to accept your patches and contributions to this project.
+
+## Before you begin
+
+### Sign our Contributor License Agreement
+
+Contributions to this project must be accompanied by a
+[Contributor License Agreement](https://cla.developers.google.com/about) (CLA).
+You (or your employer) retain the copyright to your contribution; this simply
+gives us permission to use and redistribute your contributions as part of the
+project.
+
+If you or your current employer have already signed the Google CLA (even if it
+was for a different project), you probably don't need to do it again.
+
+Visit <https://cla.developers.google.com/> to see your current agreements or to
+sign a new one.
+
+### Review our community guidelines
+
+This project follows
+[Google's Open Source Community Guidelines](https://opensource.google/conduct/).
+
+## Contribution process
+
+### Code reviews
+
+All submissions, including submissions by project members, require review. We
+use GitHub pull requests for this purpose. Consult
+[GitHub Help](https://help.github.com/articles/about-pull-requests/) for more
+information on using pull requests.
+
+# Cross-platform Development
+
+## Building
+
+In Go you can compile for other target operating system and architecture by specifying the `GOOS` and `GOARCH` environment variables and using the [`go build` command](https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependencies). That only works if you are not using [Cgo](https://pkg.go.dev/cmd/cgo) to call C code.
+
+<details>
+  <summary>Examples</summary>
+
+MacOS example:
+```
+% GOOS=darwin go build -C x -o ./bin/ ./outline-connectivity 
+% file ./x/bin/outline-connectivity 
+./x/bin/outline-connectivity: Mach-O 64-bit executable x86_64
+```
+
+Linux example:
+```
+% GOOS=linux go build -C x -o ./bin/ ./outline-connectivity 
+% file ./x/bin/outline-connectivity                      
+./x/bin/outline-connectivity: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Go BuildID=n0WfUGLum4Y6OpYxZYuz/lbtEdv_kvyUCd3V_qOqb/CC_6GAQqdy_ebeYTdn99/Tk_G3WpBWi8vxqmIlIuU, with debug_info, not stripped
+```
+
+Windows example:
+```
+% GOOS=windows go build -C x -o ./bin/ ./outline-connectivity 
+% file ./x/bin/outline-connectivity.exe 
+./x/bin/outline-connectivity.exe: PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
+```
+</details>
+
+## Running Linux binaries
+
+To run Linux binaries you can use a Linux container via [Podman](https://podman.io/).
+
+### Set up podman
+<details>
+  <summary>Instructions</summary>
+
+[Install Podman](https://podman.io/docs/installation) (once). On macOS:
+```sh
+brew install podman
+```
+
+Create the podman service VM (once) with the [`podman machine init` command](https://docs.podman.io/en/latest/markdown/podman-machine-init.1.html):
+```sh
+podman machine init
+```
+
+Start the VM with the [`podman machine start` command](https://docs.podman.io/en/latest/markdown/podman-machine-start.1.html), after every time it is stopped:
+```sh
+podman machine start
+``` 
+
+You can see the VM running with the [`podman machine list` command](https://docs.podman.io/en/latest/markdown/podman-machine-list.1.html):
+```
+% podman machine list
+NAME                     VM TYPE     CREATED        LAST UP            CPUS        MEMORY      DISK SIZE
+podman-machine-default*  qemu        3 minutes ago  Currently running  1           2.147GB     107.4GB
+```
+
+When you are done with development, you can stop the machine with the [`podman machine stop` command](https://docs.podman.io/en/latest/markdown/podman-machine-stop.1.html):
+```sh
+podman machine stop
+```
+</details>
+
+### Run
+
+The easiest way is to run a binary is to use the [`go run` command](https://pkg.go.dev/cmd/go#hdr-Compile_and_run_Go_program) directly with the `-exec` flag and our convenience tool `run_on_podman.sh`:
+```sh
+GOOS=linux go run -C x -exec "$(pwd)/run_on_podman.sh" ./outline-connectivity
+```
+
+It also works with the [`go test` command](https://pkg.go.dev/cmd/go#hdr-Test_packages):
+```sh
+GOOS=linux go test -exec "$(pwd)/run_on_podman.sh"  ./...
+```
+
+<details>
+  <summary>Details and direct invocation</summary>
+
+The `run_on_podman.sh` script uses the [`podman run` command](https://docs.podman.io/en/latest/markdown/podman-run.1.html) and a minimal ["distroless" container image](https://github.com/GoogleContainerTools/distroless) to run the binary you want:
+```sh
+podman run --arch $(uname -m) --rm -it -v "${bin}":/outline/bin gcr.io/distroless/static-debian11 /outline/bin "$@"
+```
+
+You can also use `podman run` directly to run a pre-built binary:
+```
+% podman run --rm -it -v ./x/bin:/outline gcr.io/distroless/static-debian11 /outline/outline-connectivity
+Usage of /outline/outline-connectivity:
+  -domain string
+        Domain name to resolve in the test (default "example.com.")
+  -key string
+        Outline access key
+  -proto string
+        Comma-separated list of the protocols to test. Muse be "tcp", "udp", or a combination of them (default "tcp,udp")
+  -resolver string
+        Comma-separated list of addresses of DNS resolver to use for the test (default "8.8.8.8,2001:4860:4860::8888")
+  -v    Enable debug output
+```
+
+Flags explanation:
+- `--rm`: Remove container (and pod if created) after exit
+- `-i` (interactive): Keep STDIN open even if not attached
+- `-t` (tty): Allocate a pseudo-TTY for container
+- `-v` (volume): Bind mount a volume into the container. Volume source will be on the server machine, not the client
+</details>
+
+## Running Windows binaries
+
+To run Windows binaries you can use [Wine](https://en.wikipedia.org/wiki/Wine_(software)) to emulate a Windows environment.
+This is not the same as a real Windows environment, so make sure you test on actual Windows machines.
+
+### Install Wine
+
+<details>
+  <summary>Instructions</summary>
+
+Follow the instructions at https://wiki.winehq.org/Download.
+
+On macOS: 
+```
+brew tap homebrew/cask-versions
+brew install --cask --no-quarantine wine-stable
+```
+
+After installation, `wine64` should be on your `PATH`. Check with `wine64 --version`:
+```
+wine64 --version
+```
+
+</details>
+
+### Run
+
+You can pass `wine64` as the `-exec` parameter in the `go` calls.
+
+To build:
+
+```sh
+GOOS=windows go run -C x -exec "wine64" ./outline-connectivity
+```
+
+For tests:
+```sh
+GOOS=windows go test -exec "wine64"  ./...
+```

README.md

@@ -7,24 +7,81 @@
 [![Mattermost](https://badgen.net/badge/Mattermost/Outline%20Community/blue)](https://community.internetfreedomfestival.org/community/channels/outline-community)
 [![Reddit](https://badgen.net/badge/Reddit/r%2Foutlinevpn/orange)](https://www.reddit.com/r/outlinevpn/)
 
-This is the repository to hold the future Outline SDK as we develop it. The goal is to clean up and move reusable code from [outline-ss-server](https://github.com/Jigsaw-Code/outline-ss-server) and [outline-go-tun2socks](https://github.com/Jigsaw-Code/outline-go-tun2socks).
+<p align="center">
+<img src="https://github.com/Jigsaw-Code/outline-brand/blob/main/assets/powered_by_outline/color/logo.png?raw=true" width=400pt />
+</p>
 
-**WARNING: This code is not ready to be used by the public. There's no guarantee of stability.**
+> **Warning**
+> This code is not ready to be used by the public. There's no guarantee of stability.
 
-Tentative roadmap:
+The Outline SDK helps developers:
+- Create tools to protect against network-level interference
+- Add network-level interference protection to existing apps, such as content or communication apps
 
-- Transport libraries
-  - [x] Generic transport client primitives (`StreamDialer`, `PacketListener` and Endpoints)
-  - [x] TCP and UDP client implementations
-  - [x] Shadowsocks client implementations
-  - [ ] Generic transport server primitives (TBD)
-  - [ ] TCP and UDP server implementations
-  - [ ] Shadowsocks server implementations
-  - [ ] Utility implementations (`ReplaceablePacketListener`, `TruncateDNSPacketListener`)
+## Advantages
+
+| Multi-Platform | Proven Technology | Composable |
+|:-:|:-:|:-:|
+| The Outline SDK can be used on Android, iOS, Windows, macOS or Linux. | The Outline Client and Server have been using the code in the SDK for years, helping millions of users in the harshest conditions. | The SDK interfaces were carefully designed to allow for composition and reuse, so you can craft your own transport. |
+
+## Integration
+
+The Outline SDK is written in Go. There are multiple ways to integrate the Outline SDK into your app:
+
+- As a **Go library** ([reference](https://pkg.go.dev/github.com/Jigsaw-Code/outline-internal-sdk)), in a Go application (CLI or graphical app with frameworks like [Fyne.io](https://fyne.io/), [Wails](https://wails.io/), [Qt for Go](https://therecipe.github.io/qt/), or [Go Mobile app](https://pkg.go.dev/golang.org/x/mobile/app))
+- As a **C library**, generated using the appropriate [Go build mode](https://pkg.go.dev/cmd/go#hdr-Build_modes).
+- As a native **mobile library**, using [`gomobile bind`](https://pkg.go.dev/golang.org/x/mobile/cmd/gomobile) to generate Java and Objective-C bindings for Android, iOS and macOS.
+- As a **side service**, built as a standalone Go binary that your main application talks to. Note that this is not possible on iOS, due to the limitation on starting sub-processes.
+
+The Outline Client uses the mobile library approach on Android, iOS and macOS (based on Cordova) and the side service on Windows and Linux (based on Electron).
+
+
+## Tentative Roadmap
+
+The launch will have two milestones: Alpha and Beta. We are currently in pre-Alpha. Note that most of the code is not new. It's the code being used by the production Outline Client and Server. The SDK work is repackaging code from [outline-ss-server](https://github.com/Jigsaw-Code/outline-ss-server) and [outline-go-tun2socks](https://github.com/Jigsaw-Code/outline-go-tun2socks) in a way that is easier to reuse and extend.
+
+### Alpha
+The goal of the Alpha release is to make it available to potential developers early so they can provide feedback on the SDK and help shape the interfaces, processes and tools.
+
+The code in this repository will move to https://github.com/Jigsaw-Code/outline-sdk and versions will be tagged.
+
+Alpha tasks:
+
+- Transport-level libraries
+  - [x] Add generic transport client primitives (`StreamDialer`, `PacketListener` and Endpoints)
+  - [x] Add TCP and UDP client implementations
+  - [x] Add Shadowsocks client implementations
+  - [x] Use transport libraries in the Outline Client
+  - [x] Use transport libraries in the Outline Server 
+
+- Network-level libraries
+  - [x] Add IP Device abstraction
+  - [x] Add IP Device implementation based on go-tun2socks (LWIP)
+  - [x] Add UDP handler to fallback to DNS-over-TCP
+  - [x] Add DelegatePacketProxy for runtime PacketProxy replacement
+
+
+### Beta
+
+The goal of the Beta release is to communicate that the SDK is ready for broader consumption, after we believe the APIs are stable enough and we have all the supporting resources in place (website, documentation, examples, etc
+
+Beta tasks:
 
 - Network libraries
-  - [ ] Generic network primitives (TBD, something like a generic TUN device)
-  - [ ] Implementation based on go-tun2socks
+  - [ ] Use network libraries in the Outline Client
+  - [ ] Add extensive testing
+
+- Serverless transport libraries
+  - [ ] Encrypted DNS
+  - [ ] Packet splitting
+
+- Proxy transport libraries
+  - [ ] HTTP Connect
+  - [ ] SOCKS5
 
-- VPN API
-  - [ ] VPN API for desktop (Linux, Windows, macOS)
+- Add Resources
+  - [ ] Website
+  - [ ] Bindings
+  - [ ] Integration documentation
+  - [ ] Example command-line apps
+  - [ ] Example graphical apps

go.mod

@@ -3,6 +3,8 @@ module github.com/Jigsaw-Code/outline-internal-sdk
 go 1.20
 
 require (
+	github.com/eycorsican/go-tun2socks v1.16.11
+	github.com/google/gopacket v1.1.19
 	github.com/shadowsocks/go-shadowsocks2 v0.1.5
 	github.com/stretchr/testify v1.8.2
 	golang.org/x/crypto v0.7.0

go.sum

@@ -1,6 +1,10 @@
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/eycorsican/go-tun2socks v1.16.11 h1:+hJDNgisrYaGEqoSxhdikMgMJ4Ilfwm/IZDrWRrbaH8=
+github.com/eycorsican/go-tun2socks v1.16.11/go.mod h1:wgB2BFT8ZaPKyKOQ/5dljMG/YIow+AIXyq4KBwJ5sGQ=
+github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8=
+github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
@@ -12,6 +16,7 @@ github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr
 github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s=
 github.com/shadowsocks/go-shadowsocks2 v0.1.5 h1:PDSQv9y2S85Fl7VBeOMF9StzeXZyK1HakRm86CUbr28=
 github.com/shadowsocks/go-shadowsocks2 v0.1.5/go.mod h1:AGGpIoek4HRno4xzyFiAtLHkOpcoznZEkAccaI/rplM=
+github.com/songgao/water v0.0.0-20190725173103-fd331bda3f4b/go.mod h1:P5HUIBuIWKbyjl083/loAegFkfbFNx5i2qEP4CNbm7E=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -20,16 +25,25 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20191021144547-ec77196f6094/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=