luckyimnotanigger/tun2proxy
1
0
Fork 0
mirror of https://github.com/tun2proxy/tun2proxy.git synced 2025-05-27 04:07:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

update nix deps
Some checks are pending
Push or PR / build_n_test (macos-latest) (push) Waiting to run
Details
Push or PR / Check semver (push) Waiting to run
Details
Push or PR / build_n_test (ubuntu-latest) (push) Waiting to run
Details
Push or PR / build_n_test (windows-latest) (push) Waiting to run
Details
Push or PR / build_n_test_android (push) Waiting to run
Details
Push or PR / build_n_test_ios (push) Waiting to run
Details
Integration Tests / Proxy Tests (push) Waiting to run
Details

Browse source
This commit is contained in:
ssrlive 2025-04-30 10:55:43 +08:00
parent b71f479bf3
commit 54f7dbc81b
3 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Cargo.toml
View file

@ -69,7 +69,7 @@ jni = { version = "0.21", default-features = false }
[target.'cfg(unix)'.dependencies]
daemonize = "0.5"
nix = { version = "0.29", default-features = false, features = [
nix = { version = "0.30", default-features = false, features = [
"fs",
"socket",
"uio",

2
src/bin/main.rs
View file

@ -102,7 +102,7 @@ async fn namespace_proxy_main(
let child = tokio::process::Command::new("unshare")
.args("--user --map-current-user --net --mount --keep-caps --kill-child --fork".split(' '))
.arg(format!("/proc/self/fd/{}", fd))
.arg(format!("/proc/self/fd/{}", fd.as_raw_fd()))
.arg("--socket-transfer-fd")
.arg(remote_fd.as_raw_fd().to_string())
.args(std::env::args().skip(1))

12
src/socket_transfer.rs
View file

@ -30,17 +30,17 @@ enum Response {
/// Reconstruct socket from raw `fd`
pub fn reconstruct_socket(fd: RawFd) -> Result<OwnedFd> {
// Check if `fd` is valid
let fd_flags = fcntl::fcntl(fd, fcntl::F_GETFD)?;
// `fd` is confirmed to be valid so it should be closed
let socket = unsafe { OwnedFd::from_raw_fd(fd) };
// Check if `fd` is valid
let fd_flags = fcntl::fcntl(socket.as_fd(), fcntl::F_GETFD)?;
// Insert CLOEXEC flag to the `fd` to prevent further propagation across `execve(2)` calls
let mut fd_flags = FdFlag::from_bits(fd_flags).ok_or(ErrorKind::Unsupported)?;
if !fd_flags.contains(FdFlag::FD_CLOEXEC) {
fd_flags.insert(FdFlag::FD_CLOEXEC);
fcntl::fcntl(fd, fcntl::F_SETFD(fd_flags))?;
fcntl::fcntl(socket.as_fd(), fcntl::F_SETFD(fd_flags))?;
}
Ok(socket)
@ -70,12 +70,12 @@ pub async fn create_transfer_socket_pair() -> std::io::Result<(UnixDatagram, Own
let remote_fd: OwnedFd = remote.into_std().unwrap().into();
// Get `remote_fd` flags
let fd_flags = fcntl::fcntl(remote_fd.as_raw_fd(), fcntl::F_GETFD)?;
let fd_flags = fcntl::fcntl(remote_fd.as_fd(), fcntl::F_GETFD)?;
// Remove CLOEXEC flag from the `remote_fd` to allow propagating across `execve(2)`
let mut fd_flags = FdFlag::from_bits(fd_flags).ok_or(ErrorKind::Unsupported)?;
fd_flags.remove(FdFlag::FD_CLOEXEC);
fcntl::fcntl(remote_fd.as_raw_fd(), fcntl::F_SETFD(fd_flags))?;
fcntl::fcntl(remote_fd.as_fd(), fcntl::F_SETFD(fd_flags))?;
Ok((local, remote_fd))
}