diff options
| author | David Lönnhager <david.l@mullvad.net> | 2024-06-10 11:49:22 +0200 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2024-08-27 09:51:56 +0200 |
| commit | 9d922b2bae3eb7cebcf19bada560984d5903a065 (patch) | |
| tree | 6aede0dc6f7b53755cf8e33db67d4943f7a3f5d9 | |
| parent | 766f211e5fcf0a190384bb47f498785151e63ea2 (diff) | |
| download | mullvadvpn-9d922b2bae3eb7cebcf19bada560984d5903a065.tar.xz mullvadvpn-9d922b2bae3eb7cebcf19bada560984d5903a065.zip | |
Add Shadowsocks to retry order
Co-authored-by: Sebastian Holmin <sebastian.holmin@mullvad.net>
| -rw-r--r-- | CHANGELOG.md | 3 | ||||
| -rw-r--r-- | docs/relay-selector.md | 5 | ||||
| -rw-r--r-- | mullvad-relay-selector/src/relay_selector/mod.rs | 12 | ||||
| -rw-r--r-- | mullvad-relay-selector/tests/relay_selector.rs | 12 |
4 files changed, 19 insertions, 13 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a3ed46b6fe..4949543942 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,7 +24,8 @@ Line wrap the file at 100 chars. Th ## [Unreleased] ### Added - Add WireGuard over Shadowsocks obfuscation to the CLI. It can be enabled with - `mullvad obfuscation set mode shadowsocks`. + `mullvad obfuscation set mode shadowsocks`. This will also be used automatically when connecting + fails with other methods. #### Windows - Add experimental support for Windows ARM64. diff --git a/docs/relay-selector.md b/docs/relay-selector.md index 93f870e64c..63e0276265 100644 --- a/docs/relay-selector.md +++ b/docs/relay-selector.md @@ -54,10 +54,11 @@ constraints the following default ones will take effect: - The second attempt will connect to a Wireguard relay on port 443 - The third attempt will connect to a Wireguard relay over IPv6 (if IPv6 is configured on the host) on a random port - The fourth-to-seventh attempt will alternate between Wireguard and OpenVPN - - The fourth attempt will connect to an OpenVPN relay over TCP on port 443 + - The fourth attempt will connect to a Wireguard relay on a random port using Shadowsocks for obfuscation - The fifth attempt will connect to a Wireguard relay on a random port using [UDP2TCP obfuscation](https://github.com/mullvad/udp-over-tcp) - The sixth attempt will connect to a Wireguard relay over IPv6 on a random port using UDP2TCP obfuscation (if IPv6 is configured on the host) - - The seventh attempt will connect to an OpenVPN relay over a bridge on a random port + - The seventh attempt will connect to an OpenVPN relay over TCP on port 443 + - The eighth attempt will connect to an OpenVPN relay over a bridge on a random port If no tunnel has been established after exhausting this list of attempts, the relay selector will loop back to the first default constraint and continue its search from there. diff --git a/mullvad-relay-selector/src/relay_selector/mod.rs b/mullvad-relay-selector/src/relay_selector/mod.rs index b60bb86f3c..7ee4d7bcd5 100644 --- a/mullvad-relay-selector/src/relay_selector/mod.rs +++ b/mullvad-relay-selector/src/relay_selector/mod.rs @@ -68,11 +68,7 @@ pub static RETRY_ORDER: Lazy<Vec<RelayQuery>> = Lazy::new(|| { .ip_version(IpVersion::V6) .build(), // 4 - RelayQueryBuilder::new() - .openvpn() - .transport_protocol(TransportProtocol::Tcp) - .port(443) - .build(), + RelayQueryBuilder::new().wireguard().shadowsocks().build(), // 5 RelayQueryBuilder::new().wireguard().udp2tcp().build(), // 6 @@ -85,6 +81,12 @@ pub static RETRY_ORDER: Lazy<Vec<RelayQuery>> = Lazy::new(|| { RelayQueryBuilder::new() .openvpn() .transport_protocol(TransportProtocol::Tcp) + .port(443) + .build(), + // 8 + RelayQueryBuilder::new() + .openvpn() + .transport_protocol(TransportProtocol::Tcp) .bridge() .build(), ] diff --git a/mullvad-relay-selector/tests/relay_selector.rs b/mullvad-relay-selector/tests/relay_selector.rs index 9b178c3a44..9ee9e7371d 100644 --- a/mullvad-relay-selector/tests/relay_selector.rs +++ b/mullvad-relay-selector/tests/relay_selector.rs @@ -290,11 +290,7 @@ fn assert_retry_order() { .ip_version(IpVersion::V6) .build(), // 4 - RelayQueryBuilder::new() - .openvpn() - .transport_protocol(TransportProtocol::Tcp) - .port(443) - .build(), + RelayQueryBuilder::new().wireguard().shadowsocks().build(), // 5 RelayQueryBuilder::new().wireguard().udp2tcp().build(), // 6 @@ -307,6 +303,12 @@ fn assert_retry_order() { RelayQueryBuilder::new() .openvpn() .transport_protocol(TransportProtocol::Tcp) + .port(443) + .build(), + // 8 + RelayQueryBuilder::new() + .openvpn() + .transport_protocol(TransportProtocol::Tcp) .bridge() .build(), ]; |