mirror of
https://github.com/therealaleph/MasterHttpRelayVPN-RUST.git
synced 2026-05-18 05:44:35 +03:00
therealaleph
cb3732f920
Five user-visible changes shipping together. Each is independently useful + bounded; bundled because they're all "small architectural hardening" that benefits from one release announcement. 1. Random payload padding (#313, #365 §1) Every outbound Apps Script JSON request now carries a `_pad` field of uniform-random length 0..1024 bytes (base64). Defeats DPI that fingerprints on the tight length distribution of mhrv-rs's previous per-mode-bound packet sizes. ~25% bandwidth on a typical 2 KB batch, negligible against Apps Script's per-call latency floor. Backward- compatible — old `Code.gs` deployments ignore the unknown field. Applied at all three payload-build sites: single relay, single tunnel op, batch tunnel. 2. Active-probing decoy: GAS bad-auth → 200 HTML (#365 §3) `Code.gs` and `CodeFull.gs` now return a benign Apps-Script-style placeholder HTML page on bad/missing AUTH_KEY instead of the JSON `{"e":"unauthorized"}`. To an active scanner the deployment looks like one of the millions of forgotten public Apps Script projects rather than an obvious API endpoint. New `DIAGNOSTIC_MODE` const restores JSON errors during setup; default false (production-strong). 3. Active-probing decoy: tunnel-node bad-auth → 404 nginx (#365 §3) `tunnel-node` returns an HTTP 404 with an nginx-style HTML body on bad auth instead of `{"e":"unauthorized"}`. Active scanners cataloging the host see "static web server, nothing tunnel-shaped here." New `MHRV_DIAGNOSTIC=1` env var restores verbose JSON during setup. 4. Fix: Full-mode usage counter stuck at zero (#230, #362) `today_calls` / `today_bytes` were only being incremented on the apps_script-mode relay path. Full-mode batches go through `tunnel_client::fire_batch` which never wired into the counter. Now `fire_batch` calls `record_today(response_bytes)` after each successful batch — bytes estimated from the `d` (TCP payload) and `pkts` (UDP datagrams) sizes in the BatchTunnelResponse. Full-mode users now see real usage numbers. 5. Fix: quota reset countdown was UTC, should be PT (#230, #362) Apps Script's UrlFetchApp daily quota resets at midnight Pacific Time, not UTC. We were displaying the countdown to UTC midnight, off by 7-8h depending on DST. New `current_pt_day_key()` and `seconds_until_pacific_midnight()` helpers with hand-rolled US DST detection (2nd Sunday March → 1st Sunday November = PDT, else PST) so we don't pull `chrono-tz` and a ~3 MB IANA tzdb just for one helper. UI label "UTC day" → "PT day". Tests pin DST window boundaries against March/November of 2024, 2026, 2027 to catch regressions in the day-of-week math. Tested: - cargo test --lib: 154 passed (was 152, +2 for DST window + day-of-week) - cargo build --release: clean - cargo build --release --bin mhrv-rs-ui --features ui: clean (macOS arm64) - tunnel-node cargo test: 30 passed - Android: ./gradlew assembleDebug succeeds; APK installs + launches on mhrv_test emulator (arm64-v8a), no UnsatisfiedLink, no crash Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
113 lines
4.2 KiB
TOML
113 lines
4.2 KiB
TOML
[package]
|
|
name = "mhrv-rs"
|
|
version = "1.8.0"
|
|
edition = "2021"
|
|
description = "Rust port of MasterHttpRelayVPN -- DPI bypass via Google Apps Script relay with domain fronting"
|
|
license = "MIT"
|
|
|
|
[lib]
|
|
name = "mhrv_rs"
|
|
path = "src/lib.rs"
|
|
# `cdylib` lets the Android app dlopen libmhrv_rs.so via System.loadLibrary.
|
|
# `rlib` keeps the desktop binaries linking normally — same .rlib is used
|
|
# for `mhrv-rs` and `mhrv-rs-ui` builds on macOS/Linux/Windows.
|
|
crate-type = ["rlib", "cdylib"]
|
|
|
|
[[bin]]
|
|
name = "mhrv-rs"
|
|
path = "src/main.rs"
|
|
|
|
[[bin]]
|
|
name = "mhrv-rs-ui"
|
|
path = "src/bin/ui.rs"
|
|
required-features = ["ui"]
|
|
|
|
[features]
|
|
default = []
|
|
ui = ["dep:eframe"]
|
|
|
|
[dependencies]
|
|
tokio = { version = "1", features = ["rt-multi-thread", "macros", "net", "time", "io-util", "signal", "sync"] }
|
|
tokio-rustls = { version = "0.26", default-features = false, features = ["ring", "tls12"] }
|
|
rustls = { version = "0.23", default-features = false, features = ["ring", "std", "tls12"] }
|
|
rustls-pemfile = "2"
|
|
webpki-roots = "0.26"
|
|
rcgen = { version = "0.13", features = ["x509-parser"] }
|
|
rustls-pki-types = "1"
|
|
time = "0.3"
|
|
serde = { version = "1", features = ["derive"] }
|
|
serde_json = "1"
|
|
tracing = "0.1"
|
|
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
|
|
thiserror = "2"
|
|
base64 = "0.22"
|
|
bytes = "1"
|
|
httparse = "1"
|
|
rand = "0.8"
|
|
h2 = "0.4"
|
|
http = "1"
|
|
flate2 = "1"
|
|
directories = "5"
|
|
futures-util = { version = "0.3", default-features = false, features = ["std"] }
|
|
# 64-bit atomics on 32-bit MIPS/ARMv5 targets. Rust's std AtomicU64 is
|
|
# only available on targets that expose native 64-bit atomics, which
|
|
# mipsel-unknown-linux-musl does not — `AtomicU64` resolves to "no
|
|
# such name in sync::atomic" and the whole crate fails to build. The
|
|
# `fallback` feature uses a global spinlock when the target can't do
|
|
# 64-bit atomically; on x86_64 / aarch64 / armv7 / etc. it compiles
|
|
# down to the native instructions with no overhead.
|
|
portable-atomic = { version = "1", features = ["fallback"] }
|
|
|
|
# Optional UI dep: only pulled in when --features ui is set.
|
|
# Both `glow` (OpenGL 2+) and `wgpu` (DX12/Vulkan/Metal) are compiled in;
|
|
# the binary picks one at startup — glow by default for compat with the
|
|
# egui look-and-feel we've been shipping, but falls back to wgpu when
|
|
# `MHRV_RENDERER=wgpu` is set. Issue #28: users on older Windows
|
|
# hardware / RDP / VMs without OpenGL 2.0 crash with
|
|
# `egui_glow requires opengl 2.0+` — the wgpu backend uses DX12/Vulkan
|
|
# instead and covers those boxes.
|
|
eframe = { version = "0.28", default-features = false, features = [
|
|
"default_fonts",
|
|
"glow",
|
|
"wgpu",
|
|
"persistence",
|
|
], optional = true }
|
|
url = "2.5.8"
|
|
|
|
# Unix-only deps. Must come after `[dependencies]` because starting a new
|
|
# table here otherwise ends the main one — anything below it (incl. eframe)
|
|
# would end up scoped to cfg(unix) and disappear on Windows builds.
|
|
# libc is referenced for the RLIMIT_NOFILE bump (issue #8 — OpenWRT routers
|
|
# ship a very low fd limit that fills up fast under browser load). Already
|
|
# pulled in transitively via tokio, so zero new weight.
|
|
[target.'cfg(unix)'.dependencies]
|
|
libc = "0.2"
|
|
|
|
# Android-only deps: jni gives us the extern "system" wrappers used in
|
|
# src/android_jni.rs; zero cost on any other platform because the whole
|
|
# module is `#[cfg(target_os = "android")]`.
|
|
#
|
|
# tun2proxy is the TUN <-> SOCKS5 bridge — it reads raw IP packets from the
|
|
# fd VpnService hands us, runs a userspace TCP/IP stack (smoltcp under the
|
|
# hood), and funnels every TCP/UDP flow through our local SOCKS5. Without
|
|
# this, VpnService establishes a TUN device nothing reads from and all
|
|
# traffic black-holes (symptom: Chrome shows DNS_PROBE_STARTED).
|
|
[target.'cfg(target_os = "android")'.dependencies]
|
|
jni = { version = "0.21", default-features = false }
|
|
tun2proxy = { version = "0.7", default-features = false, features = ["udpgw"] }
|
|
|
|
[dev-dependencies]
|
|
# Used in mitm tests to sanity-check the cert extensions we emit.
|
|
x509-parser = "0.16"
|
|
# `test-util` enables `tokio::test(start_paused = true)` so timing-
|
|
# sensitive tests in `tunnel_client` (the empty-poll cadence) can
|
|
# auto-advance virtual time instead of burning real wall-clock seconds.
|
|
tokio = { version = "1", features = ["test-util"] }
|
|
|
|
[profile.release]
|
|
panic = "abort"
|
|
codegen-units = 1
|
|
lto = true
|
|
opt-level = 3
|
|
strip = true
|