From 197ab2941c64a90b09e2412a5b88afddc596d256 Mon Sep 17 00:00:00 2001
From: "sijie.sun" <sijie.sun@smartx.com>
Date: Tue, 30 Sep 2025 23:35:32 +0800
Subject: [PATCH] fix data not encrypted when no tun is enabled

---
 .github/workflows/gui.yml          |  2 +-
 easytier/src/gateway/icmp_proxy.rs |  2 +-
 easytier/src/gateway/kcp_proxy.rs  |  2 +-
 easytier/src/gateway/socks5.rs     |  6 ++----
 easytier/src/gateway/udp_proxy.rs  |  2 +-
 easytier/src/peers/peer_manager.rs | 16 +++++++++++++---
 6 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/gui.yml b/.github/workflows/gui.yml
index 5516a35..c402ff9 100644
--- a/.github/workflows/gui.yml
+++ b/.github/workflows/gui.yml
@@ -115,7 +115,7 @@ jobs:
           sudo apt install aptitude
           sudo aptitude install -y libgstreamer1.0-0:arm64 gstreamer1.0-plugins-base:arm64 gstreamer1.0-plugins-good:arm64 \
             libgstreamer-gl1.0-0:arm64 libgstreamer-plugins-base1.0-0:arm64 libgstreamer-plugins-good1.0-0:arm64 libwebkit2gtk-4.1-0:arm64 \
-            libwebkit2gtk-4.1-dev:arm64 libssl-dev:arm64 gcc-aarch64-linux-gnu
+            libwebkit2gtk-4.1-dev:arm64 libssl-dev:arm64 gcc-aarch64-linux-gnu libsoup-3.0-dev:arm64 libjavascriptcoregtk-4.1-dev:arm64
           echo "PKG_CONFIG_SYSROOT_DIR=/usr/aarch64-linux-gnu/" >> "$GITHUB_ENV"
           echo "PKG_CONFIG_PATH=/usr/lib/aarch64-linux-gnu/pkgconfig/" >> "$GITHUB_ENV"
 
diff --git a/easytier/src/gateway/icmp_proxy.rs b/easytier/src/gateway/icmp_proxy.rs
index 172fd4f..a9738ee 100644
--- a/easytier/src/gateway/icmp_proxy.rs
+++ b/easytier/src/gateway/icmp_proxy.rs
@@ -285,7 +285,7 @@ impl IcmpProxy {
                         tracing::warn!("peer manager is gone, icmp proxy send loop exit");
                         return;
                     };
-                    let ret = pm.send_msg(msg, to_peer_id).await;
+                    let ret = pm.send_msg_for_proxy(msg, to_peer_id).await;
                     if ret.is_err() {
                         tracing::error!("send icmp packet to peer failed: {:?}", ret);
                     }
diff --git a/easytier/src/gateway/kcp_proxy.rs b/easytier/src/gateway/kcp_proxy.rs
index 9c2f8ca..0d085b3 100644
--- a/easytier/src/gateway/kcp_proxy.rs
+++ b/easytier/src/gateway/kcp_proxy.rs
@@ -107,7 +107,7 @@ async fn handle_kcp_output(
         let mut packet = ZCPacket::new_with_payload(&packet.inner().freeze());
         packet.fill_peer_manager_hdr(peer_mgr.my_peer_id(), dst_peer_id, packet_type);
 
-        if let Err(e) = peer_mgr.send_msg(packet, dst_peer_id).await {
+        if let Err(e) = peer_mgr.send_msg_for_proxy(packet, dst_peer_id).await {
             tracing::error!("failed to send kcp packet to peer: {:?}", e);
         }
     }
diff --git a/easytier/src/gateway/socks5.rs b/easytier/src/gateway/socks5.rs
index 32a13b6..8112e28 100644
--- a/easytier/src/gateway/socks5.rs
+++ b/easytier/src/gateway/socks5.rs
@@ -305,8 +305,7 @@ impl Socks5ServerNet {
                     tracing::error!("send to smoltcp stack failed: {:?}", e);
                 }
             }
-            tracing::error!("smoltcp stack sink exited");
-            panic!("smoltcp stack sink exited");
+            tracing::warn!("smoltcp stack sink exited");
         });
 
         forward_tasks.spawn(async move {
@@ -327,8 +326,7 @@ impl Socks5ServerNet {
                     tracing::error!("send to peer failed in smoltcp sender: {:?}", e);
                 }
             }
-            tracing::error!("smoltcp stack stream exited");
-            panic!("smoltcp stack stream exited");
+            tracing::warn!("smoltcp stack stream exited");
         });
 
         let interface_config = smoltcp::iface::Config::new(smoltcp::wire::HardwareAddress::Ip);
diff --git a/easytier/src/gateway/udp_proxy.rs b/easytier/src/gateway/udp_proxy.rs
index 7d6948b..c710905 100644
--- a/easytier/src/gateway/udp_proxy.rs
+++ b/easytier/src/gateway/udp_proxy.rs
@@ -443,7 +443,7 @@ impl UdpProxy {
                 hdr.set_latency_first(is_latency_first);
                 let to_peer_id = hdr.to_peer_id.into();
                 tracing::trace!(?msg, ?to_peer_id, "udp nat packet response send");
-                let ret = peer_manager.send_msg(msg, to_peer_id).await;
+                let ret = peer_manager.send_msg_for_proxy(msg, to_peer_id).await;
                 if ret.is_err() {
                     tracing::error!("send icmp packet to peer failed: {:?}", ret);
                 }
diff --git a/easytier/src/peers/peer_manager.rs b/easytier/src/peers/peer_manager.rs
index 3c240ff..4521a4d 100644
--- a/easytier/src/peers/peer_manager.rs
+++ b/easytier/src/peers/peer_manager.rs
@@ -995,11 +995,21 @@ impl PeerManager {
         }
     }
 
-    pub async fn send_msg(&self, msg: ZCPacket, dst_peer_id: PeerId) -> Result<(), Error> {
+    pub async fn send_msg_for_proxy(
+        &self,
+        mut msg: ZCPacket,
+        dst_peer_id: PeerId,
+    ) -> Result<(), Error> {
         self.self_tx_counters
-            .self_tx_bytes
+            .compress_tx_bytes_before
             .add(msg.buf_len() as u64);
-        self.self_tx_counters.self_tx_packets.inc();
+
+        Self::try_compress_and_encrypt(self.data_compress_algo, &self.encryptor, &mut msg).await?;
+
+        self.self_tx_counters
+            .compress_tx_bytes_after
+            .add(msg.buf_len() as u64);
+
         let msg_len = msg.buf_len() as u64;
         let result =
             Self::send_msg_internal(&self.peers, &self.foreign_network_client, msg, dst_peer_id)