diff --git a/.github/workflows/release-cli.yml b/.github/workflows/release-cli.yml new file mode 100644 index 0000000..ae5ab5e --- /dev/null +++ b/.github/workflows/release-cli.yml @@ -0,0 +1,91 @@ +name: Build CLI Binaries + +on: + push: + tags: + - 'v*' + workflow_dispatch: + inputs: + version: + description: 'Release version (e.g., v1.0.0)' + required: true + type: string + create_release: + description: 'Create a GitHub release' + required: false + type: boolean + default: true + +jobs: + build-cli: + runs-on: ubuntu-latest + strategy: + matrix: + include: + - goos: darwin + goarch: amd64 + suffix: darwin-amd64 + - goos: darwin + goarch: arm64 + suffix: darwin-arm64 + - goos: linux + goarch: amd64 + suffix: linux-amd64 + - goos: linux + goarch: arm64 + suffix: linux-arm64 + - goos: windows + goarch: amd64 + suffix: windows-amd64 + ext: .exe + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: recursive + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: cli/go.mod + + - name: Build + working-directory: cli + env: + CGO_ENABLED: '0' + GOOS: ${{ matrix.goos }} + GOARCH: ${{ matrix.goarch }} + run: | + VERSION="${{ github.event.inputs.version || github.ref_name }}" + go build -trimpath -ldflags="-s -w -X main.version=${VERSION}" -o ../slipnet-${{ matrix.suffix }}${{ matrix.ext }} . + + - name: Upload artifact + uses: actions/upload-artifact@v4 + with: + name: slipnet-${{ matrix.suffix }} + path: slipnet-${{ matrix.suffix }}${{ matrix.ext }} + + release-cli: + needs: build-cli + runs-on: ubuntu-latest + if: startsWith(github.ref, 'refs/tags/v') || (github.event_name == 'workflow_dispatch' && github.event.inputs.create_release == 'true') + permissions: + contents: write + + steps: + - name: Download all artifacts + uses: actions/download-artifact@v4 + with: + path: ./artifacts + merge-multiple: true + + - name: Create/Update Release + uses: softprops/action-gh-release@v2 + with: + tag_name: ${{ github.event.inputs.version || github.ref_name }} + name: ${{ github.event.inputs.version || github.ref_name }} + files: ./artifacts/slipnet-* + generate_release_notes: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/README.md b/README.md index fbfdc8e..3a91119 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,13 @@ SlipNet Logo

-A fast, modern Android VPN client built with Jetpack Compose and Kotlin, featuring DNS tunneling with support for multiple protocols. +A fast, modern VPN client featuring DNS tunneling with support for multiple protocols. Available as an Android app (Jetpack Compose + Kotlin), a cross-platform CLI client (Go), and a desktop GUI for Mac, Windows, and Linux. + +## Desktop GUI (Mac, Windows, Linux) + +**Prefer a point-and-click interface?** [**SlipStreamGUI**](https://github.com/mirzaaghazadeh/SlipStreamGUI) is a modern, cross-platform GUI client — no terminal required. It uses this project's binaries (SlipNet CLI) under the hood. Download, install, and connect with a few clicks. + +[![SlipStreamGUI](https://img.shields.io/badge/Download-SlipStreamGUI-green?style=for-the-badge)](https://github.com/mirzaaghazadeh/SlipStreamGUI/releases/latest) ## Community @@ -88,13 +94,18 @@ To use this client, you must have a compatible server. Please configure your ser ## Requirements +### Android App - Android 7.0 (API 24) or higher - Android Studio Hedgehog (2023.1.1) or later - JDK 17 - Rust toolchain (for building the native library) - Android NDK 29 -## Building +### CLI Client +- Go 1.24+ (auto-downloaded via GOTOOLCHAIN if needed) +- No other dependencies (statically linked binaries) + +## Building (Android) ### Prerequisites @@ -142,9 +153,86 @@ To use this client, you must have a compatible server. Please configure your ser Or open the project in Android Studio and build from there. +## CLI Client + +SlipNet includes a cross-platform CLI client for **macOS**, **Linux**, and **Windows**. It connects using a `slipnet://` config URI and starts a local SOCKS5 proxy. For a GUI alternative, see [SlipStreamGUI](https://github.com/mirzaaghazadeh/SlipStreamGUI). + +### Download + +Pre-built binaries are available on the [Releases](https://github.com/anonvector/SlipNet/releases) page: + +| Platform | Binary | +|----------|--------| +| macOS (Apple Silicon) | `slipnet-darwin-arm64` | +| macOS (Intel) | `slipnet-darwin-amd64` | +| Linux (x64) | `slipnet-linux-amd64` | +| Linux (ARM64) | `slipnet-linux-arm64` | +| Windows (x64) | `slipnet-windows-amd64.exe` | + +### CLI Usage + +```bash +# Basic usage — auto-detects server if DNS delegation isn't set up +./slipnet 'slipnet://BASE64...' + +# Specify a custom DNS resolver +./slipnet --dns 1.1.1.1 'slipnet://BASE64...' + +# Use a custom local proxy port +./slipnet --port 9050 'slipnet://BASE64...' + +# Show version +./slipnet --version +``` + +Once connected, configure your apps to use the SOCKS5 proxy: + +```bash +# Test with curl +curl --socks5-hostname 127.0.0.1:1080 https://ifconfig.me + +# If the server requires SOCKS5 authentication (username:password) +curl --socks5-hostname user:pass@127.0.0.1:1080 https://ifconfig.me + +# Firefox: Settings → Network → SOCKS5 proxy: 127.0.0.1:1080 +# Check "Proxy DNS when using SOCKS v5" + +# Chrome (launch with proxy flag): +google-chrome --proxy-server="socks5://127.0.0.1:1080" +``` + +The CLI auto-detects when DNS delegation isn't available and falls back to connecting directly to the server via its NS record. + +### Building CLI from Source + +```bash +git clone https://github.com/anonvector/SlipNet.git +cd SlipNet +git submodule update --init --recursive +cd cli +CGO_ENABLED=0 go build -trimpath -ldflags="-s -w" -o slipnet . +``` + +Cross-compile for other platforms: + +```bash +# Linux +CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags="-s -w" -o slipnet-linux-amd64 . + +# Windows +CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -trimpath -ldflags="-s -w" -o slipnet-windows-amd64.exe . + +# macOS Intel +CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -trimpath -ldflags="-s -w" -o slipnet-darwin-amd64 . +``` + ## Project Structure ``` +cli/ # Cross-platform CLI client (Go) +├── main.go # URI parser, tunnel client, SOCKS5 proxy +├── go.mod +└── go.sum app/ ├── src/main/ │ ├── java/app/slipnet/ diff --git a/cli/.gitignore b/cli/.gitignore new file mode 100644 index 0000000..9ca462a --- /dev/null +++ b/cli/.gitignore @@ -0,0 +1 @@ +slipnet-* diff --git a/cli/go.mod b/cli/go.mod new file mode 100644 index 0000000..8afff9b --- /dev/null +++ b/cli/go.mod @@ -0,0 +1,30 @@ +module slipnet-mac + +go 1.24.0 + +require dnstt-mobile v0.0.0 + +require ( + github.com/andybalholm/brotli v1.2.0 // indirect + github.com/flynn/noise v1.1.0 // indirect + github.com/klauspost/compress v1.18.3 // indirect + github.com/klauspost/cpuid/v2 v2.3.0 // indirect + github.com/klauspost/reedsolomon v1.13.0 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/refraction-networking/utls v1.8.2 // indirect + github.com/tjfoc/gmsm v1.4.1 // indirect + github.com/xtaci/kcp-go/v5 v5.6.61 // indirect + github.com/xtaci/smux v1.5.50 // indirect + gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib v1.6.0 // indirect + golang.org/x/crypto v0.47.0 // indirect + golang.org/x/net v0.49.0 // indirect + golang.org/x/sys v0.40.0 // indirect + golang.org/x/text v0.33.0 // indirect + golang.org/x/time v0.14.0 // indirect + www.bamsoftware.com/git/dnstt.git v0.0.0-00010101000000-000000000000 // indirect +) + +replace ( + dnstt-mobile => ../dnstt-mobile + www.bamsoftware.com/git/dnstt.git => ../dnstt +) diff --git a/cli/go.sum b/cli/go.sum new file mode 100644 index 0000000..5fdef78 --- /dev/null +++ b/cli/go.sum @@ -0,0 +1,124 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/andybalholm/brotli v1.2.0 h1:ukwgCxwYrmACq68yiUqwIWnGY0cTPox/M94sVwToPjQ= +github.com/andybalholm/brotli v1.2.0/go.mod h1:rzTDkvFWvIrjDXZHkuS16NPggd91W3kUSvPlQ1pLaKY= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/flynn/noise v1.1.0 h1:KjPQoQCEFdZDiP03phOvGi11+SVVhBG2wOWAorLsstg= +github.com/flynn/noise v1.1.0/go.mod h1:xbMo+0i6+IGbYdJhF31t2eR1BIU0CYc12+BNAKwUTag= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/klauspost/compress v1.18.3 h1:9PJRvfbmTabkOX8moIpXPbMMbYN60bWImDDU7L+/6zw= +github.com/klauspost/compress v1.18.3/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4= +github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y= +github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0= +github.com/klauspost/reedsolomon v1.13.0 h1:E0Cmgf2kMuhZTj6eefnvpKC4/Q4jhCi9YIjcZjK4arc= +github.com/klauspost/reedsolomon v1.13.0/go.mod h1:ggJT9lc71Vu+cSOPBlxGvBN6TfAS77qB4fp8vJ05NSA= +github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/refraction-networking/utls v1.8.2 h1:j4Q1gJj0xngdeH+Ox/qND11aEfhpgoEvV+S9iJ2IdQo= +github.com/refraction-networking/utls v1.8.2/go.mod h1:jkSOEkLqn+S/jtpEHPOsVv/4V4EVnelwbMQl4vCWXAM= +github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/tjfoc/gmsm v1.4.1 h1:aMe1GlZb+0bLjn+cKTPEvvn9oUEBlJitaZiiBwsbgho= +github.com/tjfoc/gmsm v1.4.1/go.mod h1:j4INPkHWMrhJb38G+J6W4Tw0AbuN8Thu3PbdVYhVcTE= +github.com/xtaci/kcp-go/v5 v5.6.61 h1:ajm12pGuWO+GWQNusPyPESC7Rq0yTC2rEXVYkM8ExOg= +github.com/xtaci/kcp-go/v5 v5.6.61/go.mod h1:9O3D8WR+cyyUjGiTILYfg17vn72otWuXK2AFfqIe6CM= +github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae h1:J0GxkO96kL4WF+AIT3M4mfUVinOCPgf2uUWYFUzN0sM= +github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae/go.mod h1:gXtu8J62kEgmN++bm9BVICuT/e8yiLI2KFobd/TRFsE= +github.com/xtaci/smux v1.5.50 h1:y/1DlWQC9bnMeZzsyk4oL2hbLK6uVk4BKTz5BeQqUEA= +github.com/xtaci/smux v1.5.50/go.mod h1:IGQ9QYrBphmb/4aTnLEcJby0TNr3NV+OslIOMrX825Q= +github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU= +github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E= +gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib v1.6.0 h1:KD9m+mRBwtEdqe94Sv72uiedMWeRdIr4sXbrRyzRiIo= +gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/goptlib v1.6.0/go.mod h1:70bhd4JKW/+1HLfm+TMrgHJsUHG4coelMWwiVEJ2gAg= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201012173705-84dcc777aaee/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8= +golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o= +golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE= +golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= +golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI= +golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/cli/main.go b/cli/main.go new file mode 100644 index 0000000..1f62d3a --- /dev/null +++ b/cli/main.go @@ -0,0 +1,352 @@ +// slipnet is a cross-platform CLI client for SlipNet/NoizDNS. +// +// Usage: +// +// slipnet [--dns RESOLVER] [--port PORT] slipnet://BASE64ENCODED... +// +// It decodes the slipnet:// URI, extracts connection parameters, +// and starts a local SOCKS5 proxy tunneled through DNS. +// If the tunnel domain can't be resolved via the profile's DNS resolver, +// it automatically falls back to the authoritative server. +package main + +import ( + "encoding/base64" + "fmt" + "log" + "net" + "os" + "os/signal" + "strconv" + "strings" + "syscall" + + "dnstt-mobile/mobile" +) + +// version is set at build time via -ldflags "-X main.version=..." +var version = "dev" + +// Profile fields (v16 pipe-delimited format) +type Profile struct { + Version string + TunnelType string // "sayedns" = NoizDNS, "dnstt" = DNSTT + Name string + Domain string + Resolvers string // e.g. "8.8.8.8:53:0" + AuthMode bool + KeepAlive int + CC string // congestion control: bbr, dcubic + Port int // local SOCKS5 port + Host string // local SOCKS5 host + GSO bool + PublicKey string + DNSTransport string // udp, tcp, tls (DoT), https (DoH) + DoHURL string +} + +func parseURI(uri string) (*Profile, error) { + const scheme = "slipnet://" + if !strings.HasPrefix(uri, scheme) { + return nil, fmt.Errorf("invalid URI scheme, expected slipnet://") + } + + encoded := strings.TrimPrefix(uri, scheme) + // Strip any whitespace/newlines from terminal line wrapping + encoded = strings.Join(strings.Fields(encoded), "") + decoded, err := base64.StdEncoding.DecodeString(encoded) + if err != nil { + // Try with padding + for len(encoded)%4 != 0 { + encoded += "=" + } + decoded, err = base64.StdEncoding.DecodeString(encoded) + if err != nil { + return nil, fmt.Errorf("base64 decode failed: %v", err) + } + } + + fields := strings.Split(string(decoded), "|") + if len(fields) < 12 { + return nil, fmt.Errorf("not enough fields in profile (got %d, need at least 12)", len(fields)) + } + + p := &Profile{ + Version: fields[0], + TunnelType: fields[1], + Name: fields[2], + Domain: fields[3], + Resolvers: fields[4], + Host: "127.0.0.1", + Port: 1080, + } + + if fields[5] == "1" { + p.AuthMode = true + } + + if v, err := strconv.Atoi(fields[6]); err == nil { + p.KeepAlive = v + } + p.CC = fields[7] + + if v, err := strconv.Atoi(fields[8]); err == nil && v > 0 { + p.Port = v + } + if fields[9] != "" { + p.Host = fields[9] + } + if fields[10] == "1" { + p.GSO = true + } + p.PublicKey = fields[11] + + // DNS transport (field index 22 in v16) + if len(fields) > 22 && fields[22] != "" { + p.DNSTransport = fields[22] + } + // DoH URL (field index 21 in v16) + if len(fields) > 21 && fields[21] != "" { + p.DoHURL = fields[21] + } + + return p, nil +} + +// formatDNSAddr formats the DNS resolver address based on transport type +func formatDNSAddr(p *Profile) string { + resolverParts := strings.Split(p.Resolvers, ",") + var addrs []string + + for _, r := range resolverParts { + parts := strings.Split(strings.TrimSpace(r), ":") + if len(parts) < 1 { + continue + } + + host := parts[0] + port := "53" + if len(parts) >= 2 && parts[1] != "" { + port = parts[1] + } + + switch p.DNSTransport { + case "https", "doh": + if p.DoHURL != "" { + return p.DoHURL + } + return fmt.Sprintf("https://%s/dns-query", host) + case "tls", "dot": + if port == "53" { + port = "853" + } + addrs = append(addrs, fmt.Sprintf("tls://%s:%s", host, port)) + case "tcp": + addrs = append(addrs, fmt.Sprintf("tcp://%s:%s", host, port)) + default: // udp + addrs = append(addrs, fmt.Sprintf("%s:%s", host, port)) + } + } + + return strings.Join(addrs, ",") +} + +// findAuthoritativeServer looks up the NS record for the tunnel domain +// to find the authoritative server IP. Returns the IP or empty string. +func findAuthoritativeServer(tunnelDomain string) string { + // Try looking up NS for the tunnel domain directly + nss, err := net.LookupNS(tunnelDomain) + if err == nil && len(nss) > 0 { + nsHost := strings.TrimSuffix(nss[0].Host, ".") + ips, err := net.LookupHost(nsHost) + if err == nil && len(ips) > 0 { + return ips[0] + } + } + + // Fallback: try "ns." as a common convention + parts := strings.SplitN(tunnelDomain, ".", 2) + if len(parts) < 2 { + return "" + } + parentDomain := parts[1] + nsHost := "ns." + parentDomain + ips, err := net.LookupHost(nsHost) + if err == nil && len(ips) > 0 { + return ips[0] + } + + return "" +} + +func main() { + var portOverride int + var dnsOverride string + var uriParts []string + + for i := 1; i < len(os.Args); i++ { + switch os.Args[i] { + case "--dns", "-dns": + if i+1 < len(os.Args) { + dnsOverride = os.Args[i+1] + i++ + } else { + log.Fatal("--dns requires a value (e.g., --dns 1.1.1.1 or --dns )") + } + case "--port", "-port": + if i+1 < len(os.Args) { + v, err := strconv.Atoi(os.Args[i+1]) + if err != nil || v < 1 || v > 65535 { + log.Fatal("--port requires a valid port number (1-65535)") + } + portOverride = v + i++ + } else { + log.Fatal("--port requires a value") + } + case "--version", "-version", "-v": + fmt.Printf("slipnet %s\n", version) + os.Exit(0) + case "--help", "-help", "-h": + printUsage() + os.Exit(0) + default: + uriParts = append(uriParts, os.Args[i]) + } + } + + if len(uriParts) == 0 { + printUsage() + os.Exit(1) + } + + // Join all non-flag args in case terminal line-wrapping split the URI + uri := strings.TrimSpace(strings.Join(uriParts, "")) + profile, err := parseURI(uri) + if err != nil { + log.Fatalf("Failed to parse URI: %v", err) + } + + if profile.PublicKey == "" { + log.Fatal("Profile is missing public key") + } + if profile.Domain == "" { + log.Fatal("Profile is missing tunnel domain") + } + + if portOverride > 0 { + profile.Port = portOverride + } + + dnsAddr := formatDNSAddr(profile) + authMode := profile.AuthMode + directMode := false + + if dnsOverride != "" { + // User specified custom DNS resolver + if !strings.Contains(dnsOverride, ":") && !strings.HasPrefix(dnsOverride, "https://") && !strings.HasPrefix(dnsOverride, "tls://") { + dnsOverride += ":53" + } + dnsAddr = dnsOverride + directMode = true + authMode = true + fmt.Printf(" Using custom DNS: %s\n", dnsAddr) + } else { + // Auto-detect: check if DNS delegation works + fmt.Printf(" Checking DNS for %s...\n", profile.Domain) + _, nsErr := net.LookupNS(profile.Domain) + if nsErr != nil { + fmt.Printf(" DNS delegation not available via public DNS\n") + serverIP := findAuthoritativeServer(profile.Domain) + if serverIP != "" { + fmt.Printf(" Found server at %s, using direct mode\n", serverIP) + dnsAddr = serverIP + ":53" + authMode = true + directMode = true + } else { + fmt.Printf(" Warning: could not auto-detect server IP, trying profile resolver\n") + } + } else { + fmt.Printf(" DNS delegation OK\n") + } + } + + listenAddr := fmt.Sprintf("%s:%d", profile.Host, profile.Port) + + fmt.Println() + fmt.Println("╔══════════════════════════════════════════════════╗") + fmt.Printf("║ SlipNet CLI %-25s ║\n", version) + fmt.Println("╚══════════════════════════════════════════════════╝") + fmt.Println() + fmt.Printf(" Profile: %s\n", profile.Name) + fmt.Printf(" Type: %s\n", profile.TunnelType) + fmt.Printf(" Domain: %s\n", profile.Domain) + fmt.Printf(" DNS: %s\n", dnsAddr) + if directMode { + fmt.Println(" (direct to server, auto-detected)") + } + fmt.Printf(" Transport: %s\n", profile.DNSTransport) + fmt.Printf(" Auth Mode: %v\n", authMode) + fmt.Printf(" Public Key: %s...%s\n", profile.PublicKey[:8], profile.PublicKey[len(profile.PublicKey)-8:]) + fmt.Println() + fmt.Printf(" SOCKS5 Proxy: %s\n", listenAddr) + fmt.Println() + fmt.Println(" Connecting...") + + client, err := mobile.NewClient(dnsAddr, profile.Domain, profile.PublicKey, listenAddr) + if err != nil { + log.Fatalf("Failed to create client: %v", err) + } + + client.SetAuthoritativeMode(authMode) + + if err := client.Start(); err != nil { + log.Fatalf("Failed to start tunnel: %v", err) + } + + fmt.Println() + fmt.Printf(" Connected! SOCKS5 proxy listening on %s\n", listenAddr) + fmt.Println() + fmt.Println(" Configure your apps to use:") + fmt.Printf(" SOCKS5 proxy: %s\n", listenAddr) + fmt.Println() + fmt.Println(" Or use with curl:") + fmt.Printf(" curl --socks5-hostname %s https://ifconfig.me\n", listenAddr) + fmt.Println() + fmt.Println(" If the server requires SOCKS5 authentication:") + fmt.Printf(" curl --socks5-hostname user:pass@%s https://ifconfig.me\n", listenAddr) + fmt.Println() + fmt.Println(" Press Ctrl+C to disconnect.") + + // Wait for interrupt signal + sigCh := make(chan os.Signal, 1) + signal.Notify(sigCh, syscall.SIGINT, syscall.SIGTERM) + <-sigCh + + fmt.Println() + fmt.Println(" Disconnecting...") + client.Stop() + fmt.Println(" Done.") +} + +func printUsage() { + fmt.Fprintf(os.Stderr, `SlipNet CLI %s - DNS tunnel SOCKS5 proxy + +Usage: + %s [options] slipnet://BASE64... + +Options: + --dns HOST[:PORT] Custom DNS resolver (e.g., --dns 1.1.1.1 or --dns ) + --port PORT Override local SOCKS5 proxy port (default: from profile) + --version Show version + --help Show this help + +If no --dns is specified, the client auto-detects the server IP +when DNS delegation isn't working. + +Examples: + %[2]s slipnet://BASE64... + %[2]s --dns 1.1.1.1 slipnet://BASE64... + %[2]s --dns --port 9050 slipnet://BASE64... +`, version, os.Args[0]) +}