New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net: expose a way to inject a function after fd created before connect/listen #21820
Comments
I believe you can do this by calling |
@ianlancetaylor I have considered your solution before, but after i read all codes related to connect/listen, i found what you said is quite complicated. Now i create a new file hook_android.go under $GOROOT/src/net with package net
func SetSocketFunc(f func(int, int, int) (int, error)) {
socketFunc = f
} So i can reuse all codes, and inject my function in a Can you provide similar solution? |
I think that solution is more or less a non-starter. It's only going to work where you know that no init code creates a socket and where you know exactly which sockets are created. More plausible would be code in golang.org/x/net that does what I already suggested. It only has to be written once. |
No, i don't need to distinguish this, all outgoing sockets need this "protect". And init code creates a socket is rare. Copy nearly all existing net code to golang.org/x/net with only one hook function different? I think it's more difficult to maintain. |
We don't need to copy all existing net code to golang.org/x/net. We only need the code needed to initialize a socket. I understand that the hook can fix your specific problem. I'm questioning whether it is a general solution. And the API of the net package is already too complex. |
It's a Android-specific issue, because in other situation, we can pre-configure iptables rules to apply fwmark for all new connections. Only Android non-root VPNService implementation make things complicated, so i suggest use "_android" suffix to limit this API to android only. |
Dup of #9661. |
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version
)?go version go1.9 windows/amd64
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?What did you do?
I'm writing an Android VPN app using VPNService with golang, and want to use protect method to let socket created by golang executables bypass vpn.
I have done a bridge to pass socket fd from golang to java, but i found this can not work, because
protect
method using fwmark to work, and it requiresprotect
invoked before connect/listen.All socket fds bundles fd creation and connect/listen, so we need a method to use
protect
after fd create before connect/listen.Currently, i forked golang and add a setter in net/hook_unix.go which make
socketFunc
settable.Also i found another project
shadowsocks-android
use similar method shadowsocks@5eb4737What did you expect to see?
Provide a method to hook between fd creation and socket connect/listen
What did you see instead?
The text was updated successfully, but these errors were encountered: