feat(sniffer): add quic sniffer

component/sniffer/base_sniffer.go

@@ -23,8 +23,8 @@ func (*BaseSniffer) Protocol() string {
 	return "unknown"
 }
 
-// SniffTCP implements sniffer.Sniffer
-func (*BaseSniffer) SniffTCP(bytes []byte) (string, error) {
+// SniffData implements sniffer.Sniffer
+func (*BaseSniffer) SniffData(bytes []byte) (string, error) {
 	return "", errors.New("TODO")
 }
 

component/sniffer/dispatcher.go

@@ -35,9 +35,43 @@ type SnifferDispatcher struct {
 	parsePureIp     bool
 }
 
+func (sd *SnifferDispatcher) shouldOverride(metadata *C.Metadata) bool {
+	return (metadata.Host == "" && sd.parsePureIp) ||
+		sd.forceDomain.Has(metadata.Host) ||
+		(metadata.DNSMode == C.DNSMapping && sd.forceDnsMapping)
+}
+
+func (sd *SnifferDispatcher) UDPSniff(packet C.PacketAdapter) bool {
+	metadata := packet.Metadata()
+
+	if sd.shouldOverride(packet.Metadata()) {
+		for sniffer, config := range sd.sniffers {
+			if sniffer.SupportNetwork() == C.UDP || sniffer.SupportNetwork() == C.ALLNet {
+				inWhitelist := sniffer.SupportPort(metadata.DstPort)
+				overrideDest := config.OverrideDest
+
+				if inWhitelist {
+					var copyBuf = make([]byte, len(packet.Data()))
+					copy(copyBuf, packet.Data())
+
+					host, err := sniffer.SniffData(copyBuf)
+					if err != nil {
+						continue
+					}
+
+					sd.replaceDomain(metadata, host, overrideDest)
+					return true
+				}
+			}
+		}
+	}
+
+	return false
+}
+
 // TCPSniff returns true if the connection is sniffed to have a domain
 func (sd *SnifferDispatcher) TCPSniff(conn *N.BufferedConn, metadata *C.Metadata) bool {
-	if (metadata.Host == "" && sd.parsePureIp) || sd.forceDomain.Has(metadata.Host) || (metadata.DNSMode == C.DNSMapping && sd.forceDnsMapping) {
+	if sd.shouldOverride(metadata) {
 		inWhitelist := false
 		overrideDest := false
 		for sniffer, config := range sd.sniffers {
@@ -125,7 +159,7 @@ func (sd *SnifferDispatcher) sniffDomain(conn *N.BufferedConn, metadata *C.Metad
 				continue
 			}
 
-			host, err := s.SniffTCP(bytes)
+			host, err := s.SniffData(bytes)
 			if err != nil {
 				//log.Debugln("[Sniffer] [%s] Sniff data failed %s", s.Protocol(), metadata.DstIP)
 				continue
@@ -194,6 +228,8 @@ func NewSniffer(name sniffer.Type, snifferConfig SnifferConfig) (sniffer.Sniffer
 		return NewTLSSniffer(snifferConfig)
 	case sniffer.HTTP:
 		return NewHTTPSniffer(snifferConfig)
+	case sniffer.QUIC:
+		return NewQuicSniffer(snifferConfig)
 	default:
 		return nil, ErrorUnsupportedSniffer
 	}

component/sniffer/http_sniffer.go

@@ -58,7 +58,7 @@ func (http *HTTPSniffer) SupportNetwork() C.NetWork {
 	return C.TCP
 }
 
-func (http *HTTPSniffer) SniffTCP(bytes []byte) (string, error) {
+func (http *HTTPSniffer) SniffData(bytes []byte) (string, error) {
 	domain, err := SniffHTTP(bytes)
 	if err == nil {
 		return *domain, nil

component/sniffer/quic_sniffer.go

@@ -1,3 +1,290 @@
 package sniffer
 
-//TODO
+import (
+	"crypto"
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/tls"
+	_ "crypto/tls"
+	"encoding/binary"
+	"errors"
+	"github.com/Dreamacro/clash/common/buf"
+	"github.com/Dreamacro/clash/common/utils"
+	C "github.com/Dreamacro/clash/constant"
+	"github.com/metacubex/quic-go/quicvarint"
+	"golang.org/x/crypto/hkdf"
+	"io"
+	_ "unsafe"
+)
+
+// Modified from https://github.com/v2fly/v2ray-core/blob/master/common/protocol/quic/sniff.go
+
+const (
+	versionDraft29 uint32 = 0xff00001d
+	version1       uint32 = 0x1
+)
+
+type cipherSuiteTLS13 struct {
+	ID     uint16
+	KeyLen int
+	AEAD   func(key, fixedNonce []byte) cipher.AEAD
+	Hash   crypto.Hash
+}
+
+// github.com/quic-go/quic-go/internal/handshake/cipher_suite.go describes these cipher suite implementations are copied from the standard library crypto/tls package.
+// So we can user go:linkname to implement the same feature.
+
+//go:linkname aeadAESGCMTLS13 crypto/tls.aeadAESGCMTLS13
+func aeadAESGCMTLS13(key, nonceMask []byte) cipher.AEAD
+
+var (
+	quicSaltOld  = []byte{0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99}
+	quicSalt     = []byte{0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a}
+	initialSuite = &cipherSuiteTLS13{
+		ID:     tls.TLS_AES_128_GCM_SHA256,
+		KeyLen: 16,
+		AEAD:   aeadAESGCMTLS13,
+		Hash:   crypto.SHA256,
+	}
+	errNotQuic        = errors.New("not QUIC")
+	errNotQuicInitial = errors.New("not QUIC initial packet")
+)
+
+type QuicSniffer struct {
+	*BaseSniffer
+}
+
+func NewQuicSniffer(snifferConfig SnifferConfig) (*QuicSniffer, error) {
+	ports := snifferConfig.Ports
+	if len(ports) == 0 {
+		ports = utils.IntRanges[uint16]{utils.NewRange[uint16](443, 443)}
+	}
+	return &QuicSniffer{
+		BaseSniffer: NewBaseSniffer(ports, C.UDP),
+	}, nil
+}
+
+func (quic QuicSniffer) Protocol() string {
+	return "quic"
+}
+
+func (quic QuicSniffer) SupportNetwork() C.NetWork {
+	return C.UDP
+}
+
+func (quic QuicSniffer) SniffData(b []byte) (string, error) {
+	buffer := buf.As(b)
+	typeByte, err := buffer.ReadByte()
+	if err != nil {
+		return "", errNotQuic
+	}
+	isLongHeader := typeByte&0x80 > 0
+	if !isLongHeader || typeByte&0x40 == 0 {
+		return "", errNotQuicInitial
+	}
+
+	vb, err := buffer.ReadBytes(4)
+	if err != nil {
+		return "", errNotQuic
+	}
+
+	versionNumber := binary.BigEndian.Uint32(vb)
+
+	if versionNumber != 0 && typeByte&0x40 == 0 {
+		return "", errNotQuic
+	} else if versionNumber != versionDraft29 && versionNumber != version1 {
+		return "", errNotQuic
+	}
+
+	if (typeByte&0x30)>>4 != 0x0 {
+		return "", errNotQuicInitial
+	}
+
+	var destConnID []byte
+	if l, err := buffer.ReadByte(); err != nil {
+		return "", errNotQuic
+	} else if destConnID, err = buffer.ReadBytes(int(l)); err != nil {
+		return "", errNotQuic
+	}
+
+	if l, err := buffer.ReadByte(); err != nil {
+		return "", errNotQuic
+	} else if _, err := buffer.ReadBytes(int(l)); err != nil {
+		return "", errNotQuic
+	}
+
+	tokenLen, err := quicvarint.Read(buffer)
+	if err != nil || tokenLen > uint64(len(b)) {
+		return "", errNotQuic
+	}
+
+	if _, err = buffer.ReadBytes(int(tokenLen)); err != nil {
+		return "", errNotQuic
+	}
+
+	packetLen, err := quicvarint.Read(buffer)
+	if err != nil {
+		return "", errNotQuic
+	}
+
+	hdrLen := len(b) - int(buffer.Len())
+
+	origPNBytes := make([]byte, 4)
+	copy(origPNBytes, b[hdrLen:hdrLen+4])
+
+	var salt []byte
+	if versionNumber == version1 {
+		salt = quicSalt
+	} else {
+		salt = quicSaltOld
+	}
+	initialSecret := hkdf.Extract(crypto.SHA256.New, destConnID, salt)
+	secret := hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "client in", crypto.SHA256.Size())
+	hpKey := hkdfExpandLabel(initialSuite.Hash, secret, []byte{}, "quic hp", initialSuite.KeyLen)
+	block, err := aes.NewCipher(hpKey)
+	if err != nil {
+		return "", err
+	}
+
+	cache := buf.New()
+	defer cache.Release()
+
+	mask := cache.Extend(int(block.BlockSize()))
+	block.Encrypt(mask, b[hdrLen+4:hdrLen+4+16])
+	b[0] ^= mask[0] & 0xf
+	for i := range b[hdrLen : hdrLen+4] {
+		b[hdrLen+i] ^= mask[i+1]
+	}
+	packetNumberLength := b[0]&0x3 + 1
+	var packetNumber uint32
+	{
+		n, err := buffer.ReadByte()
+		if err != nil {
+			return "", err
+		}
+		packetNumber = uint32(n)
+	}
+
+	if packetNumber != 0 && packetNumber != 1 {
+		return "", errNotQuicInitial
+	}
+
+	extHdrLen := hdrLen + int(packetNumberLength)
+	copy(b[extHdrLen:hdrLen+4], origPNBytes[packetNumberLength:])
+	data := b[extHdrLen : int(packetLen)+hdrLen]
+
+	key := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16)
+	iv := hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12)
+	c := aeadAESGCMTLS13(key, iv)
+	nonce := cache.Extend(int(c.NonceSize()))
+	binary.BigEndian.PutUint64(nonce[len(nonce)-8:], uint64(packetNumber))
+	decrypted, err := c.Open(b[extHdrLen:extHdrLen], nonce, data, b[:extHdrLen])
+	if err != nil {
+		return "", err
+	}
+	buffer = buf.As(decrypted)
+
+	cryptoLen := uint(0)
+	cryptoData := make([]byte, buffer.Len())
+	for i := 0; !buffer.IsEmpty(); i++ {
+		frameType := byte(0x0) // Default to PADDING frame
+		for frameType == 0x0 && !buffer.IsEmpty() {
+			frameType, _ = buffer.ReadByte()
+		}
+		switch frameType {
+		case 0x00: // PADDING frame
+		case 0x01: // PING frame
+		case 0x02, 0x03: // ACK frame
+			if _, err = quicvarint.Read(buffer); err != nil { // Field: Largest Acknowledged
+				return "", io.ErrUnexpectedEOF
+			}
+			if _, err = quicvarint.Read(buffer); err != nil { // Field: ACK Delay
+				return "", io.ErrUnexpectedEOF
+			}
+			ackRangeCount, err := quicvarint.Read(buffer) // Field: ACK Range Count
+			if err != nil {
+				return "", io.ErrUnexpectedEOF
+			}
+			if _, err = quicvarint.Read(buffer); err != nil { // Field: First ACK Range
+				return "", io.ErrUnexpectedEOF
+			}
+			for i := 0; i < int(ackRangeCount); i++ { // Field: ACK Range
+				if _, err = quicvarint.Read(buffer); err != nil { // Field: ACK Range -> Gap
+					return "", io.ErrUnexpectedEOF
+				}
+				if _, err = quicvarint.Read(buffer); err != nil { // Field: ACK Range -> ACK Range Length
+					return "", io.ErrUnexpectedEOF
+				}
+			}
+			if frameType == 0x03 {
+				if _, err = quicvarint.Read(buffer); err != nil { // Field: ECN Counts -> ECT0 Count
+					return "", io.ErrUnexpectedEOF
+				}
+				if _, err = quicvarint.Read(buffer); err != nil { // Field: ECN Counts -> ECT1 Count
+					return "", io.ErrUnexpectedEOF
+				}
+				if _, err = quicvarint.Read(buffer); err != nil { //nolint:misspell // Field: ECN Counts -> ECT-CE Count
+					return "", io.ErrUnexpectedEOF
+				}
+			}
+		case 0x06: // CRYPTO frame, we will use this frame
+			offset, err := quicvarint.Read(buffer) // Field: Offset
+			if err != nil {
+				return "", io.ErrUnexpectedEOF
+			}
+			length, err := quicvarint.Read(buffer) // Field: Length
+			if err != nil || length > uint64(buffer.Len()) {
+				return "", io.ErrUnexpectedEOF
+			}
+			if cryptoLen < uint(offset+length) {
+				cryptoLen = uint(offset + length)
+			}
+			if _, err := buffer.Read(cryptoData[offset : offset+length]); err != nil { // Field: Crypto Data
+				return "", io.ErrUnexpectedEOF
+			}
+		case 0x1c: // CONNECTION_CLOSE frame, only 0x1c is permitted in initial packet
+			if _, err = quicvarint.Read(buffer); err != nil { // Field: Error Code
+				return "", io.ErrUnexpectedEOF
+			}
+			if _, err = quicvarint.Read(buffer); err != nil { // Field: Frame Type
+				return "", io.ErrUnexpectedEOF
+			}
+			length, err := quicvarint.Read(buffer) // Field: Reason Phrase Length
+			if err != nil {
+				return "", io.ErrUnexpectedEOF
+			}
+			if _, err := buffer.ReadBytes(int(length)); err != nil { // Field: Reason Phrase
+				return "", io.ErrUnexpectedEOF
+			}
+		default:
+			// Only above frame types are permitted in initial packet.
+			// See https://www.rfc-editor.org/rfc/rfc9000.html#section-17.2.2-8
+			return "", errNotQuicInitial
+		}
+	}
+
+	domain, err := ReadClientHello(cryptoData[:cryptoLen])
+	if err != nil {
+		return "", err
+	}
+
+	return *domain, nil
+}
+
+func hkdfExpandLabel(hash crypto.Hash, secret, context []byte, label string, length int) []byte {
+	b := make([]byte, 3, 3+6+len(label)+1+len(context))
+	binary.BigEndian.PutUint16(b, uint16(length))
+	b[2] = uint8(6 + len(label))
+	b = append(b, []byte("tls13 ")...)
+	b = append(b, []byte(label)...)
+	b = b[:3+6+len(label)+1]
+	b[3+6+len(label)] = uint8(len(context))
+	b = append(b, context...)
+
+	out := make([]byte, length)
+	n, err := hkdf.Expand(hash.New, secret, b).Read(out)
+	if err != nil || n != length {
+		panic("quic: HKDF-Expand-Label invocation failed unexpectedly")
+	}
+	return out
+}

component/sniffer/sniff_test.go

@@ -1,9 +1,37 @@
 package sniffer
 
 import (
+	"encoding/hex"
+	"github.com/stretchr/testify/assert"
 	"testing"
 )
 
+func TestQuicHeaders(t *testing.T) {
+	cases := []struct {
+		input  string
+		domain string
+	}{
+		{
+			input:  "cd0000000108f1fb7bcc78aa5e7203a8f86400421531fe825b19541876db6c55c38890cd73149d267a084afee6087304095417a3033df6a81bbb71d8512e7a3e16df1e277cae5df3182cb214b8fe982ba3fdffbaa9ffec474547d55945f0fddbeadfb0b5243890b2fa3da45169e2bd34ec04b2e29382f48d612b28432a559757504d158e9e505407a77dd34f4b60b8d3b555ee85aacd6648686802f4de25e7216b19e54c5f78e8a5963380c742d861306db4c16e4f7fc94957aa50b9578a0b61f1e406b2ad5f0cd3cd271c4d99476409797b0c3cb3efec256118912d4b7e4fd79d9cb9016b6e5eaa4f5e57b637b217755daf8968a4092bed0ed5413f5d04904b3a61e4064f9211b2629e5b52a89c7b19f37a713e41e27743ea6dfa736dfa1bb0a4b2bc8c8dc632c6ce963493a20c550e6fdb2475213665e9a85cfc394da9cec0cf41f0c8abed3fc83be5245b2b5aa5e825d29349f721d30774ef5bf965b540f3d8d98febe20956b1fc8fa047e10e7d2f921c9c6622389e02322e80621a1cf5264e245b7276966eb02932584e3f7038bd36aa908766ad3fb98344025dec18670d6db43a1c5daac00937fce7b7c7d61ff4e6efd01a2bdee0ee183108b926393df4f3d74bbcbb015f240e7e346b7d01c41111a401225ce3b095ab4623a5836169bf9599eeca79d1d2e9b2202b5960a09211e978058d6fc0484eff3e91ce4649a5e3ba15b906d334cf66e28d9ff575406e1ae1ac2febafd72870b6f5d58fc5fb949cb1f40feb7c1d9ce5e71b",
+			domain: "www.google.com",
+		},
+		{
+			input:  "c3000000011266f50524e8d0fe88cbf51e3ad71a13198235000044c82dc5d943fb34cc6d5c5e433610dc7a44f5951935c2c1d14ac641b02472340a892c4492dbfe3f8262109108fc36d96bdc1e9e46b5f1f6ef6104add2aafbfd8e79246eb3b4637541aaed7d195571724e642ab4d31c909f1db86e7d8516117ce8716bd1e3acb664c499086b0f3bc7258595420e7bb969f934457d195e832ffff4ffddf11123eeadacc48190e356c8f0f6abc381deb7e285e3b0613a795b19bddb9f002ffdf6fd70f0ff2072302b33d2421aac6540bb9f0e85c7237af0dd56225b2264d769160febab952e64bd5155f23e58c6113891143f946591032b41816aed3ac54f521f60605f86791de24c5765b664c1348cc53d5d631b4bbefe1915f2b21fefafb47badeb72d8ba1fd5c3cfeb0ba9d0112396f170e94cd33952c4fa87997b870931bf1a300e8e127f530815ff087815b4f9d004cbcd17013ac143847572a1655a5b36e054e8b9951d747c2c6ff25d7b2edb13a2a6b8074062332f2191f6830cf435a4ed9db5d9c4eb43a143bf3edf0c48f6f9435dafad4afb743a5a33990379df953ecd388e848aff0ebba9ccc052b8303c0bd1fee7e7553af1894e81b7772818bb69249540ccb8cfb47b1517abaf71c81c3bd271f1a5f1b66465f850f377c9db682b8e543c3d0c10fcd2dee263630889b7d1d521d1d27e866ea4ab5f43790d6a7f76ceefd5783678ca92cc131fa42fc4a01e2a81cad734ddf17a53e1bda8e0a21afc9e8c1118c9459b13519f5b3c3d9692c92234f01129d47ae8ec70625170847472801190b46d36f73b868f55f5a18a3cb05af6d38610e0829e4fbf13ddcc202341702e43dcf33be76ff4afe327e5783287c137aad075752940b41e7d9f5146e36d908897c6d7a9fdc343fde2d9c9d6e6a6b237669bd3e6abe0a732861a679eadfa29a876c6a646953c9361830811b012b26b31c9e7158f8de9c9a108346ddee3dd3886da6258364c1281bff8e055f6384e3a23e198b5e6b726fa7f811b3338072019d4b5fd05891770d11e3ed6ab5f7ed33db1c6220c5aa8fa1909949ac55d5435b75982e17aa80940fa574f0aba4dc340129cad491fdf1f5e05c4e83e36ad29ff38f15e1c9436c792024442f57f07583d671dd05446c84ea20b471303f6ae4e5e13f244d671e0ebe94d3d5c17d3f3f378cdd51fa8a6d2c977c78a2397dd1e251cd979803d617d45f575e5d9db0a28b3c4c25fe2af24af5bddac09786b6d6d8aa19cfbd5409bdbfed7d518ef5c863f3ee757bd9d37cddc546cc57d2e52b6ae58789f297a300f1d76c3842603eae4b1224de31a939a68875c86e697aeebf7ebc65568f43fc681bacab830ac4a2164d324e90067125bad702192d01cb3cb3d2689ae681967e86fd7ac93a25cf2e905c88ca5ad7d11962f021754cf3f61224517bd3411d5b5a83955bcea79d702466d073a6eaadc1202b3693e555b051a5b19457023a01e7f943742bb7f5f8aeba8d4e363973aebdccfb12479619cfb93e833be702a307e796dc7431a48abd9b755b392c510b98cd20ef778e2ac88d6a04f23ba8a253d7eb7c13e0c88c3a21f7e23857c58704d139703a47e0965bf2dc8810dc36894ac1f3da73c155e271c106a718b2d184e4e5637c820fe909984642960edfc9e62ac50af5dd3feee6bc560ced7bda676d4e290c9c5916fad52180bbc83d3483e95c79bac15c209936f21042dc2b6253eefdac06e7f4745044eaa0acedabf1d1c8cd9402738",
+			domain: "cloudflare-dns.com",
+		},
+	}
+	q, err := NewQuicSniffer(SnifferConfig{})
+	assert.NoError(t, err)
+
+	for _, test := range cases {
+		pkt, err := hex.DecodeString(test.input)
+		assert.NoError(t, err)
+		domain, err := q.SniffData(pkt)
+		assert.NoError(t, err)
+		assert.Equal(t, test.domain, domain)
+	}
+}
+
 func TestTLSHeaders(t *testing.T) {
 	cases := []struct {
 		input  []byte

component/sniffer/tls_sniffer.go

@@ -39,7 +39,7 @@ func (tls *TLSSniffer) SupportNetwork() C.NetWork {
 	return C.TCP
 }
 
-func (tls *TLSSniffer) SniffTCP(bytes []byte) (string, error) {
+func (tls *TLSSniffer) SniffData(bytes []byte) (string, error) {
 	domain, err := SniffTLS(bytes)
 	if err == nil {
 		return *domain, nil