summaryrefslogtreecommitdiff
path: root/proxies/proxy_socks5
diff options
context:
space:
mode:
authorBrandon Wiley <brandon@blanu.net>2016-03-31 12:46:08 -0500
committerBrandon Wiley <brandon@blanu.net>2016-03-31 12:46:08 -0500
commitd3632a66253910b3dd605c42585136af7a1abf07 (patch)
treefa990ede1b43a693a28146e65f64b3f7d2cd6929 /proxies/proxy_socks5
parent0326ad13feb27480d634cfcdf5ef87fe43ef6c9f (diff)
Split out proxy code into multiple different proxy packages
Diffstat (limited to 'proxies/proxy_socks5')
-rw-r--r--proxies/proxy_socks5/proxy_socks5.go303
1 files changed, 303 insertions, 0 deletions
diff --git a/proxies/proxy_socks5/proxy_socks5.go b/proxies/proxy_socks5/proxy_socks5.go
new file mode 100644
index 0000000..8037d4d
--- /dev/null
+++ b/proxies/proxy_socks5/proxy_socks5.go
@@ -0,0 +1,303 @@
+/*
+ * Copyright (c) 2014-2015, Yawning Angel <yawning at torproject dot org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+// Go language Tor Pluggable Transport suite. Works only as a managed
+// client/server.
+package proxy_socks5
+
+import (
+ "io"
+ "fmt"
+ golog "log"
+ "net"
+ "net/url"
+ "sync"
+
+ "golang.org/x/net/proxy"
+
+ "git.torproject.org/pluggable-transports/goptlib.git"
+ "github.com/OperatorFoundation/obfs4/common/log"
+ "github.com/OperatorFoundation/obfs4/common/socks5"
+ "github.com/OperatorFoundation/obfs4/common/termmon"
+ "github.com/OperatorFoundation/obfs4/common/pt_extras"
+ "github.com/OperatorFoundation/obfs4/transports"
+ "github.com/OperatorFoundation/obfs4/transports/base"
+)
+
+const (
+ obfs4proxyVersion = "0.0.7-dev"
+ obfs4proxyLogFile = "obfs4proxy.log"
+ socksAddr = "127.0.0.1:0"
+)
+
+var stateDir string
+
+func ClientSetup(termMon *termmon.TermMonitor) (launched bool, listeners []net.Listener) {
+ ptClientInfo, err := pt.ClientSetup(transports.Transports())
+ if err != nil {
+ golog.Fatal(err)
+ }
+
+ ptClientProxy, err := pt_extras.PtGetProxy()
+ fmt.Println("ptclientproxy", ptClientProxy)
+ if err != nil {
+ golog.Fatal(err)
+ } else if ptClientProxy != nil {
+ pt_extras.PtProxyDone()
+ }
+
+ // Launch each of the client listeners.
+ for _, name := range ptClientInfo.MethodNames {
+ t := transports.Get(name)
+ if t == nil {
+ pt.CmethodError(name, "no such transport is supported")
+ continue
+ }
+
+ f, err := t.ClientFactory(stateDir)
+ if err != nil {
+ pt.CmethodError(name, "failed to get ClientFactory")
+ continue
+ }
+
+ ln, err := net.Listen("tcp", socksAddr)
+ if err != nil {
+ pt.CmethodError(name, err.Error())
+ continue
+ }
+
+ go clientAcceptLoop(termMon, f, ln, ptClientProxy)
+ pt.Cmethod(name, socks5.Version(), ln.Addr())
+
+ log.Infof("%s - registered listener: %s", name, ln.Addr())
+
+ listeners = append(listeners, ln)
+ launched = true
+ }
+ pt.CmethodsDone()
+
+ return
+}
+
+func clientAcceptLoop(termMon *termmon.TermMonitor, f base.ClientFactory, ln net.Listener, proxyURI *url.URL) error {
+ defer ln.Close()
+ for {
+ conn, err := ln.Accept()
+ if err != nil {
+ if e, ok := err.(net.Error); ok && !e.Temporary() {
+ return err
+ }
+ continue
+ }
+ go clientHandler(termMon, f, conn, proxyURI)
+ }
+}
+
+func clientHandler(termMon *termmon.TermMonitor, f base.ClientFactory, conn net.Conn, proxyURI *url.URL) {
+ defer conn.Close()
+ termMon.OnHandlerStart()
+ defer termMon.OnHandlerFinish()
+
+ name := f.Transport().Name()
+
+ // Read the client's SOCKS handshake.
+ socksReq, err := socks5.Handshake(conn)
+ if err != nil {
+ log.Errorf("%s - client failed socks handshake: %s", name, err)
+ return
+ }
+ addrStr := log.ElideAddr(socksReq.Target)
+
+ // Deal with arguments.
+ args, err := f.ParseArgs(&socksReq.Args)
+ if err != nil {
+ log.Errorf("%s(%s) - invalid arguments: %s", name, addrStr, err)
+ socksReq.Reply(socks5.ReplyGeneralFailure)
+ return
+ }
+
+ // Obtain the proxy dialer if any, and create the outgoing TCP connection.
+ dialFn := proxy.Direct.Dial
+ if proxyURI != nil {
+ dialer, err := proxy.FromURL(proxyURI, proxy.Direct)
+ if err != nil {
+ // This should basically never happen, since config protocol
+ // verifies this.
+ log.Errorf("%s(%s) - failed to obtain proxy dialer: %s", name, addrStr, log.ElideError(err))
+ socksReq.Reply(socks5.ReplyGeneralFailure)
+ return
+ }
+ dialFn = dialer.Dial
+ }
+
+ fmt.Println("Got dialer", dialFn, proxyURI, proxy.Direct)
+
+ remote, err := f.Dial("tcp", socksReq.Target, dialFn, args)
+ if err != nil {
+ log.Errorf("%s(%s) - outgoing connection failed: %s", name, addrStr, log.ElideError(err))
+ socksReq.Reply(socks5.ErrorToReplyCode(err))
+ return
+ }
+ defer remote.Close()
+ err = socksReq.Reply(socks5.ReplySucceeded)
+ if err != nil {
+ log.Errorf("%s(%s) - SOCKS reply failed: %s", name, addrStr, log.ElideError(err))
+ return
+ }
+
+ if err = copyLoop(conn, remote); err != nil {
+ log.Warnf("%s(%s) - closed connection: %s", name, addrStr, log.ElideError(err))
+ } else {
+ log.Infof("%s(%s) - closed connection", name, addrStr)
+ }
+
+ return
+}
+
+func ServerSetup(termMon *termmon.TermMonitor) (launched bool, listeners []net.Listener) {
+ ptServerInfo, err := pt.ServerSetup(transports.Transports())
+ if err != nil {
+ golog.Fatal(err)
+ }
+
+ for _, bindaddr := range ptServerInfo.Bindaddrs {
+ name := bindaddr.MethodName
+ t := transports.Get(name)
+ if t == nil {
+ pt.SmethodError(name, "no such transport is supported")
+ continue
+ }
+
+ f, err := t.ServerFactory(stateDir, &bindaddr.Options)
+ if err != nil {
+ pt.SmethodError(name, err.Error())
+ continue
+ }
+
+ ln, err := net.ListenTCP("tcp", bindaddr.Addr)
+ if err != nil {
+ pt.SmethodError(name, err.Error())
+ continue
+ }
+
+ go serverAcceptLoop(termMon, f, ln, &ptServerInfo)
+ if args := f.Args(); args != nil {
+ pt.SmethodArgs(name, ln.Addr(), *args)
+ } else {
+ pt.SmethodArgs(name, ln.Addr(), nil)
+ }
+
+ log.Infof("%s - registered listener: %s", name, log.ElideAddr(ln.Addr().String()))
+
+ listeners = append(listeners, ln)
+ launched = true
+ }
+ pt.SmethodsDone()
+
+ return
+}
+
+func serverAcceptLoop(termMon *termmon.TermMonitor, f base.ServerFactory, ln net.Listener, info *pt.ServerInfo) error {
+ defer ln.Close()
+ for {
+ conn, err := ln.Accept()
+ if err != nil {
+ if e, ok := err.(net.Error); ok && !e.Temporary() {
+ return err
+ }
+ continue
+ }
+ go serverHandler(termMon, f, conn, info)
+ }
+}
+
+func serverHandler(termMon *termmon.TermMonitor, f base.ServerFactory, conn net.Conn, info *pt.ServerInfo) {
+ defer conn.Close()
+ termMon.OnHandlerStart()
+ defer termMon.OnHandlerFinish()
+
+ name := f.Transport().Name()
+ addrStr := log.ElideAddr(conn.RemoteAddr().String())
+ log.Infof("%s(%s) - new connection", name, addrStr)
+
+ // Instantiate the server transport method and handshake.
+ remote, err := f.WrapConn(conn)
+ if err != nil {
+ log.Warnf("%s(%s) - handshake failed: %s", name, addrStr, log.ElideError(err))
+ return
+ }
+
+ // Connect to the orport.
+ orConn, err := pt.DialOr(info, conn.RemoteAddr().String(), name)
+ if err != nil {
+ log.Errorf("%s(%s) - failed to connect to ORPort: %s", name, addrStr, log.ElideError(err))
+ return
+ }
+ defer orConn.Close()
+
+ if err = copyLoop(orConn, remote); err != nil {
+ log.Warnf("%s(%s) - closed connection: %s", name, addrStr, log.ElideError(err))
+ } else {
+ log.Infof("%s(%s) - closed connection", name, addrStr)
+ }
+
+ return
+}
+
+func copyLoop(a net.Conn, b net.Conn) error {
+ // Note: b is always the pt connection. a is the SOCKS/ORPort connection.
+ errChan := make(chan error, 2)
+
+ var wg sync.WaitGroup
+ wg.Add(2)
+
+ go func() {
+ defer wg.Done()
+ defer b.Close()
+ defer a.Close()
+ _, err := io.Copy(b, a)
+ errChan <- err
+ }()
+ go func() {
+ defer wg.Done()
+ defer a.Close()
+ defer b.Close()
+ _, err := io.Copy(a, b)
+ errChan <- err
+ }()
+
+ // Wait for both upstream and downstream to close. Since one side
+ // terminating closes the other, the second error in the channel will be
+ // something like EINVAL (though io.Copy() will swallow EOF), so only the
+ // first error is returned.
+ wg.Wait()
+ if len(errChan) > 0 {
+ return <-errChan
+ }
+
+ return nil
+}