Fix: meekUnderlyingPacketConn wrapping broke QUICTransporter.dialQUIC

- Re-enable temporarily disabled tests
Psiphon-Labs · Nov 27, 2024 · 1393a17 · 1393a17
1 parent d005b42
commit 1393a17
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 14 deletions.
diff --git a/psiphon/common/quic/quic.go b/psiphon/common/quic/quic.go
@@ -449,6 +449,8 @@ func Dial(
 		// isObfuscated QUIC versions. This mitigates upstream fingerprints;
 		// see ObfuscatedPacketConn.writePacket for the server-side
 		// downstream limitation.
+		//
+		// Update: quic-go now writes ECN bits; see quic-go PR 3999.
 
 		// Ensure blocked packet writes eventually timeout. Note that quic-go
 		// manages read deadlines; we set only the write deadline here.
@@ -940,16 +942,30 @@ func (t *QUICTransporter) dialQUIC() (retConnection quicConnection, retErr error
 		return nil, errors.Trace(err)
 	}
 
-	// Check for a *net.UDPConn, as expected, to support OOB operations.
+	// See `udpConn, ok := packetConn.(*net.UDPConn)` block and comment in
+	// Dial. The same two cases are implemented here, although there is no
+	// obfuscated fronted QUIC.
+	//
+	// Limitation: for FRONTED-MEEK-QUIC-OSSH, OOB operations to support
+	// reading/writing ECN bits will not be enabled due to the
+	// meekUnderlyingPacketConn wrapping in the provided udpDialer.
+
 	udpConn, ok := packetConn.(*net.UDPConn)
+
 	if !ok {
-		return nil, errors.Tracef("unexpected packetConn type: %T", packetConn)
-	}
 
-	// Ensure blocked packet writes eventually timeout. Note that quic-go
-	// manages read deadlines; we set only the write deadline here.
-	packetConn = &common.WriteTimeoutUDPConn{
-		UDPConn: udpConn,
+		// Ensure blocked packet writes eventually timeout. Note that quic-go
+		// manages read deadlines; we set only the write deadline here.
+		packetConn = &common.WriteTimeoutPacketConn{
+			PacketConn: packetConn,
+		}
+
+	} else {
+
+		// Ensure blocked packet writes eventually timeout.
+		packetConn = &common.WriteTimeoutUDPConn{
+			UDPConn: udpConn,
+		}
 	}
 
 	connection, err := dialQUIC(

diff --git a/psiphon/controller_test.go b/psiphon/controller_test.go
@@ -147,10 +147,7 @@ func TestObfuscatedSSH(t *testing.T) {
 		})
 }
 
-func TestTLS(t *testing.T) {
-
-	t.Skipf("temporarily disabled")
-
+func TestTLSOSSH(t *testing.T) {
 	controllerRun(t,
 		&controllerRunConfig{
 			protocol:                 protocol.TUNNEL_PROTOCOL_TLS_OBFUSCATED_SSH,
@@ -286,9 +283,6 @@ func TestQUIC(t *testing.T) {
 }
 
 func TestFrontedQUIC(t *testing.T) {
-
-	t.Skipf("temporarily disabled")
-
 	if !quic.Enabled() {
 		t.Skip("QUIC is not enabled")
 	}