From e5067a84ee12230dbfa02778df7d49c74dc39dea Mon Sep 17 00:00:00 2001 From: atanarjuat Date: Sun, 29 May 2022 18:11:46 +0200 Subject: pass kcp dialer to socks5 proxy --- client/main.go | 21 ++++++++++----------- dialer.go | 15 ++++++++++----- docs/README.md | 11 +++++++++++ go.mod | 2 +- go.sum | 4 ++-- socks5 | 1 + 6 files changed, 35 insertions(+), 19 deletions(-) create mode 160000 socks5 diff --git a/client/main.go b/client/main.go index 80ebb35..5cdfa4f 100644 --- a/client/main.go +++ b/client/main.go @@ -9,7 +9,7 @@ import ( "os" "0xacab.org/leap/obfsvpn" - socks5 "github.com/armon/go-socks5" + "0xacab.org/leap/obfsvpn/socks5" "github.com/xtaci/kcp-go" ) @@ -52,25 +52,24 @@ func main() { } // TODO make this configurable via a Config struct - // TODO make sure we're disabling the crypto options for KCP + // TODO make sure we're disabling all the crypto options for KCP if os.Getenv("KCP") == "1" { dialer.DialFunc = func(network, address string) (net.Conn, error) { + log.Printf("Dialing kcp://%s\n", address) return kcp.Dial(address) } } - socksConf := &socks5.Config{ - Dial: dialer.Dial, - } + addr := net.JoinHostPort(socksHost, socksPort) - server, err := socks5.New(socksConf) - if err != nil { - panic(err) + server := &socks5.Server{ + Addr: addr, + BindIP: "127.0.0.1", + Dial: dialer.Dial, } - addr := net.JoinHostPort(socksHost, socksPort) - fmt.Printf("[+] Started socks5 proxy at %s\n", addr) - if err := server.ListenAndServe("tcp", addr); err != nil { + fmt.Printf("[+] Starting socks5 proxy at %s\n", addr) + if err := server.ListenAndServe(); err != nil { panic(err) } } diff --git a/dialer.go b/dialer.go index db4c6ba..f38586d 100644 --- a/dialer.go +++ b/dialer.go @@ -4,7 +4,6 @@ import ( "context" "encoding/base64" "fmt" - "log" "net" "strconv" @@ -134,7 +133,16 @@ func (d *Dialer) Wrap(ctx context.Context, conn net.Conn) (net.Conn, error) { */ // Dial creates an outbound net.Conn and performs the ntor handshake. -func (d *Dialer) Dial(ctx context.Context, network, address string) (net.Conn, error) { +func (d *Dialer) Dial(network, address string) (net.Conn, error) { + ctx := context.Background() + return d.dial(ctx, network, address, func(network, address string) (net.Conn, error) { + conn, err := d.Dialer.DialContext(ctx, network, address) + return conn.(*net.TCPConn), err + }) +} + +// DialContext creates an outbound net.Conn and performs the ntor handshake. +func (d *Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) { return d.dial(ctx, network, address, func(network, address string) (net.Conn, error) { return d.Dialer.DialContext(ctx, network, address) }) @@ -153,12 +161,9 @@ func (d *Dialer) dial(ctx context.Context, network, address string, f func(netwo if err != nil { return nil, err } - if d.DialFunc != nil { - log.Println("REPLACING DIALFUNC") f = d.DialFunc } - return d.clientFactory.Dial(network, address, f, args) } diff --git a/docs/README.md b/docs/README.md index 29fcda4..c986581 100644 --- a/docs/README.md +++ b/docs/README.md @@ -20,6 +20,11 @@ export RHOST=163.172.126.44:443 # this is the GW IP (each obfsproxy is routing cd server && make build sudo ./server -addr ${LHOST} -vpn ${RHOST} -state test_data -c test_data/obfs4.json ``` +If you want to run in `kcp` mode, at the moment you have to export `KCP=1`. It can be done with: + +``` +make run-kcp +``` ### 2. Run `obfsclient` to start a socks5 proxy in localhost @@ -31,6 +36,12 @@ make build-client make run-client OBFS4_CERT=8nuAbPJwFrKc/29KcCfL5LBuEWxQrjBASYXdUbwcm9d9pKseGK4r2Tg47e23+t6WghxGGw ``` +If you want to run in `kcp` mode, at the moment you have to export `KCP=1`. It can be done with: + +``` +make run-client-kcp OBFS4_CERT=8nuAbPJwFrKc/29KcCfL5LBuEWxQrjBASYXdUbwcm9d9pKseGK4r2Tg47e23+t6WghxGGw +``` + ### 3. Get certificates for the riseup gateways. ``` diff --git a/go.mod b/go.mod index 91ef2fc..92f67c7 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,6 @@ go 1.17 require ( git.torproject.org/pluggable-transports/goptlib.git v1.0.0 - github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 github.com/xtaci/kcp-go v5.4.20+incompatible // Do not update obfs4 past e330d1b7024b, a backwards incompatible change was // made that will break negotiation. @@ -19,6 +18,7 @@ require ( github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161 // indirect github.com/templexxx/xor v0.0.0-20191217153810-f85b25db303b // indirect github.com/tjfoc/gmsm v1.4.1 // indirect + github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37 // indirect golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 // indirect golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 // indirect golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect diff --git a/go.sum b/go.sum index 6e389b9..1e604da 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT git.torproject.org/pluggable-transports/goptlib.git v1.0.0 h1:ElTwFFPKf/tA6x5nuIk9g49JZzS4T5WN+eTQTjqd00A= git.torproject.org/pluggable-transports/goptlib.git v1.0.0/go.mod h1:YT4XMSkuEXbtqlydr9+OxqFAyspUv0Gr9qhM3B++o/Q= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -48,6 +46,8 @@ github.com/tjfoc/gmsm v1.4.1/go.mod h1:j4INPkHWMrhJb38G+J6W4Tw0AbuN8Thu3PbdVYhVc github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= github.com/xtaci/kcp-go v5.4.20+incompatible h1:TN1uey3Raw0sTz0Fg8GkfM0uH3YwzhnZWQ1bABv5xAg= github.com/xtaci/kcp-go v5.4.20+incompatible/go.mod h1:bN6vIwHQbfHaHtFpEssmWsN45a+AZwO7eyRCmEIbtvE= +github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37 h1:EWU6Pktpas0n8lLQwDsRyZfmkPeRbdgPtW609es+/9E= +github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37/go.mod h1:HpMP7DB2CyokmAh4lp0EQnnWhmycP/TvwBGzvuie+H0= gitlab.com/yawning/bsaes.git v0.0.0-20190805113838-0a714cd429ec/go.mod h1:BZ1RAoRPbCxum9Grlv5aeksu2H8BiKehBYooU2LFiOQ= gitlab.com/yawning/obfs4.git v0.0.0-20210511220700-e330d1b7024b h1:w/f20IHUkUYEp+xYgpKz4Bs78zms0DbjPZCep5lc0xA= gitlab.com/yawning/obfs4.git v0.0.0-20210511220700-e330d1b7024b/go.mod h1:OM1ngEp5brdANPox+rqk2AGTLQvzobyB5Dwm3vu3CgM= diff --git a/socks5 b/socks5 new file mode 160000 index 0000000..c459d3d --- /dev/null +++ b/socks5 @@ -0,0 +1 @@ +Subproject commit c459d3d24872e2c056aa4421430470e03f6cdc66 -- cgit v1.2.3