README.md on server & client

README.md

@@ -29,9 +29,9 @@ When paired with QUIC, TUIC can achieve:
 There are 4 crates provided in this repository:
 
 - **[tuic](https://github.com/EAimTY/tuic/tree/dev/tuic)** - Library. The protocol itself, protocol & model abstraction, synchronous / asynchronous marshalling
-- **[tuic-quinn](https://github.com/EAimTY/tuic/tree/dev/tuic-quinn)** - Library. A thin layer on top of [quinn](https://github.com/quinn-rs/quinn) to provide functions for TUIC
+- **[tuic-quinn](https://github.com/EAimTY/tuic/tree/dev/tuic-quinn)** - Library. A thin layer on top of [quinn](https://github.com/quinn-rs/quinn) to provide functions of TUIC
-- **[tuic-server](https://github.com/EAimTY/tuic/tree/dev/tuic-server)** - Binary. Minimalistic TUIC server implementation as a reference, focusing on the simplicity
+- **[tuic-server](https://github.com/EAimTY/tuic/tree/dev/tuic-server)** - Binary. Minimalistic TUIC server implementation as a reference
-- **[tuic-client](https://github.com/EAimTY/tuic/tree/dev/tuic-client)** - Binary. Minimalistic TUIC client implementation as a reference, focusing on the simplicity
+- **[tuic-client](https://github.com/EAimTY/tuic/tree/dev/tuic-client)** - Binary. Minimalistic TUIC client implementation as a reference
 
 ## License
 

tuic-client/README.md

@@ -0,0 +1,133 @@
+# tuic-client
+
+Minimalistic TUIC client implementation as a reference
+
+[![Version](https://img.shields.io/crates/v/tuic-client.svg?style=flat)](https://crates.io/crates/tuic-client)
+[![License](https://img.shields.io/crates/l/tuic-client.svg?style=flat)](https://github.com/EAimTY/tuic/blob/dev/LICENSE)
+
+## Usage
+
+Download the latest binary from [releases](https://github.com/EAimTY/tuic/releases).
+
+Or install from [crates.io](https://crates.io/crates/tuic-client):
+
+```bash
+cargo install tuic-client
+```
+
+Run the TUIC client with configuration file:
+
+```bash
+tuic-client -c PATH/TO/CONFIG
+```
+
+## Configuration
+
+```json
+{
+    // Settings for the outbound TUIC proxy
+    "relay": {
+        // Set the TUIC proxy server address
+        // Format: "HOST:PORT"
+        // The HOST must be a common name in the certificate
+        // If the "ip" field in the "relay" section is not set, the HOST is also used for DNS resolving
+        "server": "example.com:443",
+
+        // Set the user UUID
+        "uuid": "00000000-0000-0000-0000-000000000000",
+
+        // Set the user password
+        "password": "PASSWORD",
+
+        // Optional. The IP address of the TUIC proxy server, for overriding DNS resolving
+        // If not set, the HOST in the "server" field is used for DNS resolving
+        "ip": "127.0.0.1",
+
+        // Optional. A list of certificates for TLS handshake
+        // System native certificates are also loaded by default
+        // When using self-signed certificates, the full certificate chain must be provided
+        "certificates": ["PATH/TO/CERTIFICATE_1", "PATH/TO/CERTIFICATE_2"],
+
+        // Optional. Set the UDP packet relay mode
+        // Can be:
+        // - "native": native UDP characteristics
+        // - "quic": lossless UDP relay using QUIC streams, additional overhead is introduced
+        // Default: "native"
+        "udp_relay_mode": "native",
+
+        // Optional. Congestion control algorithm, available options:
+        // "cubic", "new_reno", "bbr"
+        // Default: "cubic"
+        "congestion_control": "cubic",
+
+        // Optional. Application layer protocol negotiation
+        // Default being empty (no ALPN)
+        "alpn": ["h3", "spdy/3.1"],
+
+        // Optional. Enable 0-RTT QUIC connection handshake on the client side
+        // This is not impacting much on the performance, as the protocol is fully multiplexed
+        // WARNING: Disabling this is highly recommended, as it is vulnerable to replay attacks. See https://blog.cloudflare.com/even-faster-connection-establishment-with-quic-0-rtt-resumption/#attack-of-the-clones
+        // Default: false
+        "zero_rtt_handshake": false,
+
+        // Optional. Disable SNI (Server Name Indication) in TLS handshake
+        // The server name used in SNI is the same as the HOST in the "server" field
+        // Default: false
+        "disable_sni": false,
+
+        // Optional. Set the timeout for establishing a connection to the TUIC proxy server
+        // Default: "8s"
+        "timeout": "8s",
+
+        // Optional. Set the interval for sending heartbeat packets for keeping the connection alive
+        // Default: "3s"
+        "heartbeat": "3s",
+
+        // Optional. Disable loading system native certificates
+        // Default: false
+        "disable_native_certs": false,
+
+        // Optional. Interval between UDP packet fragment garbage collection
+        // Default: 3s
+        "gc_interval": "3s",
+
+        // Optional. How long the server should keep a UDP packet fragment. Outdated fragments will be dropped
+        // Default: 15s
+        "gc_lifetime": "15s"
+    },
+
+    // Settings for the local inbound socks5 server
+    "local": {
+        // Local socks5 server address
+        "server": "[::]:1080",
+
+        // Optional. Set the username for socks5 authentication
+        "username": "USERNAME",
+
+        // Optional. Set the password for socks5 authentication
+        "password": "PASSWORD",
+        
+        // Optional. Set if the listening socket should be dual-stack
+        // If this option is not set, the socket behavior is platform dependent
+        "dual_stack": true,
+
+        // Optional. Maximum packet size the socks5 server can receive from external, in bytes
+        // Default: 1500
+        "max_packet_size": 1500
+    },
+
+    // Optional. Set the log level
+    // Default: "warn"
+    "log_level": "warn"
+}
+```
+
+## Opinions on Advanced Features
+
+This TUIC client implementation is intended to be minimalistic. It is mainly used as a reference and verification of the TUIC protocol specification.
+
+This implementation only contains the most basic requirements of a functional TUIC protocol client. It does not includes any advanced features, such as outbound control, obfuscation, etc. If you want them, try other implementations, or implement them yourself.
+
+## License
+
+GNU General Public License v3.0

tuic-quinn/src/lib.rs

@@ -133,7 +133,7 @@ impl Connection<side::Client> {
 
         let mut send = self.conn.open_uni().await?;
         model.header().async_marshal(&mut send).await?;
-        send.close().await?; // stuck here
+        send.close().await?;
         Ok(())
     }
 

tuic-server/README.md

@@ -0,0 +1,100 @@
+# tuic-server
+
+Minimalistic TUIC server implementation as a reference
+
+[![Version](https://img.shields.io/crates/v/tuic-server.svg?style=flat)](https://crates.io/crates/tuic-server)
+[![License](https://img.shields.io/crates/l/tuic-server.svg?style=flat)](https://github.com/EAimTY/tuic/blob/dev/LICENSE)
+
+## Usage
+
+Download the latest binary from [releases](https://github.com/EAimTY/tuic/releases).
+
+Or install from [crates.io](https://crates.io/crates/tuic-server):
+
+```bash
+cargo install tuic-server
+```
+
+Run the TUIC server with configuration file:
+
+```bash
+tuic-server -c PATH/TO/CONFIG
+```
+
+## Configuration
+
+```json
+{
+    // The socket address to listen on
+    "server": "[::]:443",
+
+    // User list, contains user UUID and password
+    "users": {
+        "00000000-0000-0000-0000-000000000000": "PASSWORD_0",
+        "00000000-0000-0000-0000-000000000001": "PASSWORD_1"
+    },
+
+    // The path to the certificate file
+    "certificate": "PATH/TO/CERTIFICATE",
+
+    // The path to the private key file
+    "private_key": "PATH/TO/PRIVATE_KEY",
+
+    // Optional. Congestion control algorithm, available options:
+    // "cubic", "new_reno", "bbr"
+    // Default: "cubic"
+    "congestion_control": "cubic",
+
+    // Optional. Application layer protocol negotiation
+    // Default being empty (no ALPN)
+    "alpn": ["h3", "spdy/3.1"],
+
+    // Optional. If the server should create separate UDP sockets for relaying IPv6 UDP packets
+    // Default: true
+    "udp_relay_ipv6": true,
+
+    // Optional. Enable 0-RTT QUIC connection handshake on the server side
+        // This is not impacting much on the performance, as the protocol is fully multiplexed
+    // WARNING: Disabling this is highly recommended, as it is vulnerable to replay attacks. See https://blog.cloudflare.com/even-faster-connection-establishment-with-quic-0-rtt-resumption/#attack-of-the-clones
+    // Default: false
+    "zero_rtt_handshake": false,
+
+    // Optional. Set if the listening socket should be dual-stack
+    // If this option is not set, the socket behavior is platform dependent
+    "dual_stack": true,
+
+    // Optional. How long the server should wait for the client to send the authentication command
+    // Default: 3s
+    "auth_timeout": "3s",
+
+    // Optional. How long the server should wait before closing an idle connection
+    // Default: 10s
+    "max_idle_time": "10s",
+
+    // Optional. Maximum packet size the server can receive from outbound UDP sockets, in bytes
+    // Default: 1500
+    "max_external_packet_size": 1500,
+
+    // Optional. Interval between UDP packet fragment garbage collection
+    // Default: 3s
+    "gc_interval": "3s",
+
+    // Optional. How long the server should keep a UDP packet fragment. Outdated fragments will be dropped
+    // Default: 15s
+    "gc_lifetime": "15s",
+
+    // Optional. Set the log level
+    // Default: "warn"
+    "log_level": "warn"
+}
+```
+
+## Opinions on Advanced Features
+
+This TUIC server implementation is intended to be minimalistic. It is mainly used as a reference and verification of the TUIC protocol specification.
+
+This implementation only contains the most basic requirements of a functional TUIC protocol server. It does not includes any advanced features, such as outbound control, obfuscation, etc. If you want them, try other implementations, or implement them yourself.
+
+## License
+
+GNU General Public License v3.0