Quic

.github/workflows/build-ci.yml

@@ -32,11 +32,12 @@ jobs:
         run: |
           echo "version=$(cat Makefile | grep "PKG_VERSION :=" | sed 's/PKG_VERSION := //')" >> $GITHUB_OUTPUT
           echo "release=$(cat Makefile | grep "PKG_RELEASE :=" | sed 's/PKG_RELEASE := //')" >> $GITHUB_OUTPUT
-          if [[ "${{ github.event_name }}" != "pull_request" ]]; then
-            echo "sha=$(echo ${GITHUB_SHA::7})" >> $GITHUB_OUTPUT
-          else
-            echo "sha=$(gh api repos/$REPO/commits/main --jq '.sha[:7]')" >> $GITHUB_OUTPUT
+
+          if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then
+            GITHUB_SHA=$(cat $GITHUB_EVENT_PATH | jq -r .pull_request.head.sha)
           fi
+          echo "sha=$(echo ${GITHUB_SHA::7})" >> $GITHUB_OUTPUT
+          cat $GITHUB_OUTPUT
 
   build-static:
     needs: prepare

.github/workflows/test.yml

@@ -70,6 +70,29 @@ jobs:
           name: static-youtubeUnblock-${{ matrix.arch }}
           path: ./**/static-youtubeUnblock*.tar.gz
 
+  test:
+    needs: prepare
+    name: test
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        arch: [x86_64]
+        branch: [latest-stable]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Build 
+        id: build
+        shell: bash
+        run: |
+          make build_test -j$(nproc)
+
+      - name: Test
+        id: test
+        run:
+          ./build/testYoutubeUnblock
+
   build-kmod:
     needs: prepare
     name: build-kmod ${{ matrix.kernel_version }}

Kbuild

@@ -1,3 +1,3 @@
 obj-m := kyoutubeUnblock.o
-kyoutubeUnblock-objs := kytunblock.o mangle.o quic.o utils.o kargs.o tls.o getopt.o args.o
-ccflags-y := -std=gnu99 -DKERNEL_SPACE -Wno-error -Wno-declaration-after-statement
+kyoutubeUnblock-objs := src/kytunblock.o src/mangle.o src/quic.o src/quic_crypto.o src/utils.o src/kargs.o src/tls.o src/getopt.o src/args.o deps/cyclone/aes.o deps/cyclone/cpu_endian.o deps/cyclone/ecb.o deps/cyclone/gcm.o deps/cyclone/hkdf.o deps/cyclone/hmac.o deps/cyclone/sha256.o
+ccflags-y := -std=gnu99 -DKERNEL_SPACE -Wno-error -Wno-declaration-after-statement -I$(src)/src -I$(src)/deps/cyclone/include

Makefile

@@ -8,13 +8,19 @@ PKG_FULLVERSION := $(PKG_VERSION)-$(PKG_RELEASE)
 
 export PKG_VERSION PKG_RELEASE PKG_FULLVERSION
 
-.PHONY: $(USPACE_TARGETS) $(KMAKE_TARGETS) clean
+.PHONY: $(USPACE_TARGETS) $(KMAKE_TARGETS) test build_test clean distclean kclean
 $(USPACE_TARGETS):
 	@$(MAKE) -f uspace.mk $@
 
 $(KMAKE_TARGETS):
 	@$(MAKE) -f kmake.mk $@
 
+build_test:
+	-@$(MAKE) -f uspace.mk build_test
+
+test:
+	-@$(MAKE) -f uspace.mk test
+
 clean:
 	-@$(MAKE) -f uspace.mk clean
 

README.md

@@ -9,7 +9,7 @@
     - [IPv6](#ipv6)
   - [Check it](#check-it)
   - [Flags](#flags)
-  - [UDP](#udp)
+  - [UDP/QUIC](#udp/quic)
   - [Troubleshooting](#troubleshooting)
     - [TV](#tv)
     - [Troubleshooting EPERMS (Operation not permitted)](#troubleshooting-eperms-operation-not-permitted)
@@ -270,13 +270,21 @@ Flags that do not scoped to a specific section, used over all the youtubeUnblock
 
 - `--udp-faking-strategy={checksum|ttl|none}` Faking strategy for udp. `checksum` will fake UDP checksum, `ttl` won't fake but will make UDP content relatively small, `none` is no faking. Defaults to none.
 
-- `--udp-filter-quic={disabled|all}` Enables QUIC filtering for UDP handler. If disabled, quic won't be processed, if all, all quic initial packets will be handled. Defaults to disabled.
+- `--udp-filter-quic={disabled|all|parse}` Enables QUIC filtering for UDP handler. If disabled, quic won't be processed, if all, all quic initial packets will be handled. `parse` will decrypt and parse QUIC initial message and match it with `--sni-domains`. Defaults to disabled.
 
 - `--quic-drop` Drop all QUIC packets which goes to youtubeUnblock. Won't affect any other UDP packets. Just an alias for `--udp-filter-quic=all --udp-mode=drop`.
 
-## UDP
+## UDP/QUIC
 
-UDP is another communication protocol. Well-known technologies that use it are DNS, QUIC, voice chats. UDP does not provide reliable connection and its header is much simpler than TCP thus fragmentation is limited. The support provided primarily by faking. For QUIC faking may not work well, so use `--quic-drop` if you want to drop all quic traffic. For other technologies I recommend to configure UDP support in the separate section from TCP, like `--fbegin --udp-dport-filter=50000-50099 --tls=disabled`. See more in flags related to udp and [issues tagged with udp label](https://github.com/Waujito/youtubeUnblock/issues?q=label%3Audp+). 
+UDP is another communication protocol. Well-known technologies that use it are DNS, QUIC, voice chats. UDP does not provide reliable connection and its header is much simpler than TCP thus fragmentation is limited. The support provided primarily by faking. 
+
+Right now, QUIC faking may not work well, so use `--udp-mode=drop` option.
+
+QUIC is enabled with `--udp-filter-quic` flag. The flag supports two modes: `all` will handle all the QUIC initial messages and `parse` will decrypt and parse the QUIC initial message, and then compare it with `--sni-domains` flag.
+
+**I recommend to use** `--udp-mode=drop --udp-filter-quic=parse`.
+
+For **other UDP protocols** I recommend to configure UDP support in the separate section from TCP, like `--fbegin --udp-dport-filter=50000-50099 --tls=disabled`. See more in flags related to udp and [tickets tagged with udp label](https://github.com/Waujito/youtubeUnblock/issues?q=label%3Audp+). 
 
 ## Troubleshooting
 

deps/cyclone/Makefile

@@ -0,0 +1,24 @@
+SRCS := $(shell find -name "*.c")
+OBJS := $(SRCS:%.c=build/%.o)
+override CFLAGS += -Iinclude -Wno-pedantic
+LIBNAME := libcyclone.a
+CC := gcc
+
+
+run: $(OBJS)
+	@echo "AR $(LIBNAME)"
+	@ar rcs libcyclone.a $(OBJS)
+
+prep_dirs:
+	mkdir -p build
+
+
+build/%.o: %.c prep_dirs
+	$(CC) $(CFLAGS) -c -o $@ $<
+
+clean:
+	@rm $(OBJS) || true
+	@rm libcyclone.a || true
+	@rm -rf build || true
+
+