fix: xray stability and split-tunneling (#2187)

* fix: xray heap corruption * fix: use proper configuration for split-tunneled apps * chore: enable killswitch * chore: xray windows split-tunneling cleanup * chore: proper xray killswitch log * feat: add wait for the tun device * chore: update amnezia_xray deps for macos * fix: add nullptr check for split-tunnel on win * fix: modernize vpnAdapter grabbing function * fix: remove network watcher due to its fragileness * chore: xrayprotocol cleanup * fix: correct wrong iface index on win * chore: move tun2socks implementation to the client from the service * chore: xrayprotocol cleanup * chore: more xrayprotocol cleanup * fix: consistent tun device with GUID specified * chore: tun2socks logs * chore: PrivilegedProcess cleanup * better error handling in establishment phase * terminate&kill ops for remote process * fix: straighforward killing the process on windows * fix: finally remove GUID setting from tun2socks due to instability * fix: add sanitizer to ipc process * chore: do not collect sensitive info from tun2socks
2026-06-23 02:00:20 +07:00 · 2026-02-11 16:47:28 +01:00
parent b4f4184aa6
commit 911a999c64
30 changed files with 411 additions and 570 deletions
@@ -75,7 +75,6 @@ set(HEADERS
    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipc.h
    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserver.h
    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserverprocess.h
-    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipctun2socksprocess.h
    ${CMAKE_CURRENT_LIST_DIR}/localserver.h
    ${CMAKE_CURRENT_LIST_DIR}/../../common/logger/logger.h
    ${CMAKE_CURRENT_LIST_DIR}/router.h
@@ -97,7 +96,6 @@ set(SOURCES
    ${CMAKE_CURRENT_LIST_DIR}/../../client/core/networkUtilities.cpp
    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserver.cpp
    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipcserverprocess.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipctun2socksprocess.cpp
    ${CMAKE_CURRENT_LIST_DIR}/localserver.cpp
    ${CMAKE_CURRENT_LIST_DIR}/../../common/logger/logger.cpp
    ${CMAKE_CURRENT_LIST_DIR}/main.cpp
@@ -389,7 +387,6 @@ endif()

 qt_add_repc_sources(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipc_interface.rep)
 qt_add_repc_sources(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipc_process_interface.rep)
-qt_add_repc_sources(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../../ipc/ipc_process_tun2socks.rep)

 # copy deploy artifacts required to run the application to the debug build folder
 if(WIN32)
@@ -40,7 +40,6 @@ LocalServer::LocalServer(QObject *parent) : QObject(parent),
        if (!m_isRemotingEnabled) {
            m_isRemotingEnabled = true;
            m_serverNode.enableRemoting(&m_ipcServer);
-            m_serverNode.enableRemoting(&m_tun2socks);
        }
    });

@@ -38,7 +38,6 @@ public:
    ~LocalServer();
    QSharedPointer<QLocalServer> m_server;
    IpcServer m_ipcServer;
-    IpcProcessTun2Socks m_tun2socks;
    QRemoteObjectHost m_serverNode;
    bool m_isRemotingEnabled = false;

@@ -318,6 +318,40 @@ bool RouterWin::createTun(const QString &dev, const QString &subnet)
        return false;
    }

+    HANDLE hEvent = CreateEvent(nullptr, true, false, nullptr);
+    if (!hEvent) {
+        qCritical() << "Failed to allocate event object";
+        return false;
+    }
+    auto _guardEvent = qScopeGuard([hEvent](){ CloseHandle(hEvent); });
+
+    struct {
+        HANDLE hEvent;
+        NET_LUID luid;
+        const QString &subnet;
+        bool found;
+    } ctx = { .hEvent = hEvent, .luid = luid, .subnet = subnet, .found = false };
+
+    auto cb = [](void *priv, MIB_UNICASTIPADDRESS_ROW *row, MIB_NOTIFICATION_TYPE NotificationType) {
+        auto* c = reinterpret_cast<decltype(ctx)*>(priv);
+        if (row != nullptr && row->InterfaceLuid.Value == c->luid.Value && row->Address.si_family == AF_INET) {
+            char ip[INET_ADDRSTRLEN];
+            inet_ntop(row->Address.Ipv4.sin_family, &row->Address.Ipv4.sin_addr, ip, INET_ADDRSTRLEN);
+            if (c->subnet == ip) {
+                c->found = true;
+                SetEvent(c->hEvent);
+            }
+        }
+    };
+
+    HANDLE hNotif;
+    res = NotifyUnicastIpAddressChange(AF_INET, cb, &ctx, false, &hNotif);
+    if (res != NO_ERROR) {
+        qCritical() << "Failed to subscribe to interface change";
+        return false;
+    }
+    auto _guardNotif = qScopeGuard([hNotif](){ CancelMibChangeNotify2(hNotif); });
+
    MIB_UNICASTIPADDRESS_ROW row;
    InitializeUnicastIpAddressEntry(&row);

@@ -337,7 +371,13 @@ bool RouterWin::createTun(const QString &dev, const QString &subnet)
        return false;
    }

-    return true;
+    res = WaitForSingleObject(hEvent, 10000);
+    if (res == WAIT_TIMEOUT) {
+        qCritical() << "Timeout of waiting for IP assignment for " << dev << " device";
+        return false;
+    }
+
+    return ctx.found;
 }

 void RouterWin::suspendWcmSvc(bool suspend)
@@ -27,7 +27,7 @@
    #include <sys/socket.h>
 #endif

-void Xray::startXray(const QString &cfg)
+bool Xray::startXray(const QString &cfg)
 {
    qDebug() << "Xray::startXray()";

@@ -40,34 +40,38 @@ void Xray::startXray(const QString &cfg)

    if (auto err = amnezia_xray_setsockcallback(ctxSockCallback, this); err != nullptr) {
        qDebug() << "[xray] sockopt failed: " << err;
-        free(err);
-        return;
-    }
-
-    QByteArray bytes = cfg.toUtf8();
-    if (auto err = amnezia_xray_configure(bytes.data()); err != nullptr) {
-        qDebug() << "[xray] configuration failed: " << err;
-        free(err);
-        return;
+        amnezia_xray_free(err);
+        return false;
    }

    amnezia_xray_setloghandler(ctxLogHandler, this);

+    QByteArray bytes = cfg.toUtf8();
+    if (auto err = amnezia_xray_configure(bytes.data()); err != nullptr) {
+        qDebug() << "[xray] configuration failed: " << err;
+        amnezia_xray_free(err);
+        return false;
+    }
+
    if (auto err = amnezia_xray_start(); err != nullptr) {
        qDebug() << "[xray] failed to start: " << err;
-        free(err);
-        return;
+        amnezia_xray_free(err);
+        return false;
    }
+
+    return true;
 }

-void Xray::stopXray()
+bool Xray::stopXray()
 {
    qDebug() << "Xray::stopXray()";
    if (auto err = amnezia_xray_stop(); err != nullptr) {
        qDebug() << "[xray] failed to stop: " << err;
-        free(err);
-        return;
+        amnezia_xray_free(err);
+        return false;
    }
+
+    return true;
 }

 void Xray::logHandler(char* str)
@@ -12,8 +12,8 @@ public:
        return instance;
    }

-    void startXray(const QString& cfg);
-    void stopXray();
+    bool startXray(const QString& cfg);
+    bool stopXray();

 private:
    static void ctxSockCallback(uintptr_t fd, void* ctx) {