Skip to content

Add Amnezia IPC support for dynamic peer configuration with obfuscation parameters #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Add Amnezia IPC support for dynamic peer configuration with obfuscation parameters #7

wants to merge 2 commits into from

Conversation

Copilot
Copy link

@Copilot Copilot AI commented Sep 24, 2025
edited
Loading

This PR adds support for Amnezia WireGuard obfuscation parameters in the IPC protocol, enabling dynamic configuration of Amnezia peers with all necessary obfuscation settings.

Problem

The current implementation only supports standard WireGuard IPC fields. Amnezia WireGuard extends the protocol with additional obfuscation parameters that are essential for traffic disguising, but these weren't supported in the IPC interface, preventing dynamic peer configuration for Amnezia connections.

Solution

Extended the IPC protocol to support all 9 Amnezia obfuscation parameters:

Added Parameters

  • jc - junk packet count (traffic padding)
  • jmin - minimum junk packet size
  • jmax - maximum junk packet size
  • s1 - init packet magic header
  • s2 - response packet magic header
  • h1 - underload packet magic header
  • h2 - transport packet magic header
  • h3 - additional header obfuscation parameter
  • h4 - additional header obfuscation parameter

Implementation Details

Peer Structure: Added atomic fields to Peer struct for thread-safe storage of obfuscation parameters.

IPC Get: Enhanced to conditionally output Amnezia fields (only non-zero values are shown to keep output clean).

IPC Set: Added comprehensive parsing with validation:

  • Bounds checking (jc ≤ 1000, packet sizes ≤ 65535)
  • Cross-field validation (jmin ≤ jmax)
  • Proper error handling with descriptive messages

Usage Example

public_key=b85996fecc9c7f1fc6d2572a76120cb85fbd5cd95d5e4a8c5db4c61dc70c4f40
endpoint=163.172.161.0:51820
allowed_ip=192.168.4.4/32
jc=3
jmin=50
jmax=1000
s1=123456
s2=789012
h1=345678
h2=901234
h3=567890
h4=012345

Backward Compatibility

Fully backward compatible with existing standard WireGuard IPC usage. Standard peers continue to work unchanged, while Amnezia-specific fields are simply ignored for non-Amnezia configurations.

Resolves the need for dynamic Amnezia peer configuration via IPC as outlined in the issue requirements.

Additional instructions:

Amnezia supports additional configuration options that normal Wireguard does not support. Those options are not supported in the wireguard IPC fields, and we need to add them.

Fixes getlantern/engineering#2592

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

@Copilot Copilot AI changed the title [WIP] Update amnezia to include support for IPC Add Amnezia IPC support for dynamic peer configuration with obfuscation parameters Sep 24, 2025
@Copilot Copilot AI requested a review from myleshorton September 24, 2025 20:28
Copilot finished work on behalf of myleshorton September 24, 2025 20:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@myleshorton myleshorton Awaiting requested review from myleshorton

Assignees

@myleshorton myleshorton

Copilot code review Copilot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Copilot @myleshorton