fix data not encrypted when no tun is enabled (#1435)

2025-12-12 12:47:25 +08:00 · 2025-10-01 11:16:24 +08:00
parent 020bf04ec4
commit 971ef82679
6 changed files with 19 additions and 11 deletions
--- a/easytier/src/gateway/icmp_proxy.rs
+++ b/easytier/src/gateway/icmp_proxy.rs
@@ -285,7 +285,7 @@ impl IcmpProxy {
                        tracing::warn!("peer manager is gone, icmp proxy send loop exit");
                        return;
                    };
-                    let ret = pm.send_msg(msg, to_peer_id).await;
+                    let ret = pm.send_msg_for_proxy(msg, to_peer_id).await;
                    if ret.is_err() {
                        tracing::error!("send icmp packet to peer failed: {:?}", ret);
                    }
--- a/easytier/src/gateway/kcp_proxy.rs
+++ b/easytier/src/gateway/kcp_proxy.rs
@@ -107,7 +107,7 @@ async fn handle_kcp_output(
        let mut packet = ZCPacket::new_with_payload(&packet.inner().freeze());
        packet.fill_peer_manager_hdr(peer_mgr.my_peer_id(), dst_peer_id, packet_type);

-        if let Err(e) = peer_mgr.send_msg(packet, dst_peer_id).await {
+        if let Err(e) = peer_mgr.send_msg_for_proxy(packet, dst_peer_id).await {
            tracing::error!("failed to send kcp packet to peer: {:?}", e);
        }
    }
--- a/easytier/src/gateway/socks5.rs
+++ b/easytier/src/gateway/socks5.rs
@@ -305,8 +305,7 @@ impl Socks5ServerNet {
                    tracing::error!("send to smoltcp stack failed: {:?}", e);
                }
            }
-            tracing::error!("smoltcp stack sink exited");
-            panic!("smoltcp stack sink exited");
+            tracing::warn!("smoltcp stack sink exited");
        });

        forward_tasks.spawn(async move {
@@ -327,8 +326,7 @@ impl Socks5ServerNet {
                    tracing::error!("send to peer failed in smoltcp sender: {:?}", e);
                }
            }
-            tracing::error!("smoltcp stack stream exited");
-            panic!("smoltcp stack stream exited");
+            tracing::warn!("smoltcp stack stream exited");
        });

        let interface_config = smoltcp::iface::Config::new(smoltcp::wire::HardwareAddress::Ip);
--- a/easytier/src/gateway/udp_proxy.rs
+++ b/easytier/src/gateway/udp_proxy.rs
@@ -443,7 +443,7 @@ impl UdpProxy {
                hdr.set_latency_first(is_latency_first);
                let to_peer_id = hdr.to_peer_id.into();
                tracing::trace!(?msg, ?to_peer_id, "udp nat packet response send");
-                let ret = peer_manager.send_msg(msg, to_peer_id).await;
+                let ret = peer_manager.send_msg_for_proxy(msg, to_peer_id).await;
                if ret.is_err() {
                    tracing::error!("send icmp packet to peer failed: {:?}", ret);
                }
--- a/easytier/src/peers/peer_manager.rs
+++ b/easytier/src/peers/peer_manager.rs
@@ -995,11 +995,21 @@ impl PeerManager {
        }
    }

-    pub async fn send_msg(&self, msg: ZCPacket, dst_peer_id: PeerId) -> Result<(), Error> {
+    pub async fn send_msg_for_proxy(
+        &self,
+        mut msg: ZCPacket,
+        dst_peer_id: PeerId,
+    ) -> Result<(), Error> {
        self.self_tx_counters
-            .self_tx_bytes
+            .compress_tx_bytes_before
            .add(msg.buf_len() as u64);
-        self.self_tx_counters.self_tx_packets.inc();
+
+        Self::try_compress_and_encrypt(self.data_compress_algo, &self.encryptor, &mut msg).await?;
+
+        self.self_tx_counters
+            .compress_tx_bytes_after
+            .add(msg.buf_len() as u64);
+
        let msg_len = msg.buf_len() as u64;
        let result =
            Self::send_msg_internal(&self.peers, &self.foreign_network_client, msg, dst_peer_id)