diff options
author | Brandon Wiley <brandon@blanu.net> | 2016-03-31 12:46:08 -0500 |
---|---|---|
committer | Brandon Wiley <brandon@blanu.net> | 2016-03-31 12:46:08 -0500 |
commit | d3632a66253910b3dd605c42585136af7a1abf07 (patch) | |
tree | fa990ede1b43a693a28146e65f64b3f7d2cd6929 /proxies/proxy_socks5 | |
parent | 0326ad13feb27480d634cfcdf5ef87fe43ef6c9f (diff) |
Split out proxy code into multiple different proxy packages
Diffstat (limited to 'proxies/proxy_socks5')
-rw-r--r-- | proxies/proxy_socks5/proxy_socks5.go | 303 |
1 files changed, 303 insertions, 0 deletions
diff --git a/proxies/proxy_socks5/proxy_socks5.go b/proxies/proxy_socks5/proxy_socks5.go new file mode 100644 index 0000000..8037d4d --- /dev/null +++ b/proxies/proxy_socks5/proxy_socks5.go @@ -0,0 +1,303 @@ +/* + * Copyright (c) 2014-2015, Yawning Angel <yawning at torproject dot org> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +// Go language Tor Pluggable Transport suite. Works only as a managed +// client/server. +package proxy_socks5 + +import ( + "io" + "fmt" + golog "log" + "net" + "net/url" + "sync" + + "golang.org/x/net/proxy" + + "git.torproject.org/pluggable-transports/goptlib.git" + "github.com/OperatorFoundation/obfs4/common/log" + "github.com/OperatorFoundation/obfs4/common/socks5" + "github.com/OperatorFoundation/obfs4/common/termmon" + "github.com/OperatorFoundation/obfs4/common/pt_extras" + "github.com/OperatorFoundation/obfs4/transports" + "github.com/OperatorFoundation/obfs4/transports/base" +) + +const ( + obfs4proxyVersion = "0.0.7-dev" + obfs4proxyLogFile = "obfs4proxy.log" + socksAddr = "127.0.0.1:0" +) + +var stateDir string + +func ClientSetup(termMon *termmon.TermMonitor) (launched bool, listeners []net.Listener) { + ptClientInfo, err := pt.ClientSetup(transports.Transports()) + if err != nil { + golog.Fatal(err) + } + + ptClientProxy, err := pt_extras.PtGetProxy() + fmt.Println("ptclientproxy", ptClientProxy) + if err != nil { + golog.Fatal(err) + } else if ptClientProxy != nil { + pt_extras.PtProxyDone() + } + + // Launch each of the client listeners. + for _, name := range ptClientInfo.MethodNames { + t := transports.Get(name) + if t == nil { + pt.CmethodError(name, "no such transport is supported") + continue + } + + f, err := t.ClientFactory(stateDir) + if err != nil { + pt.CmethodError(name, "failed to get ClientFactory") + continue + } + + ln, err := net.Listen("tcp", socksAddr) + if err != nil { + pt.CmethodError(name, err.Error()) + continue + } + + go clientAcceptLoop(termMon, f, ln, ptClientProxy) + pt.Cmethod(name, socks5.Version(), ln.Addr()) + + log.Infof("%s - registered listener: %s", name, ln.Addr()) + + listeners = append(listeners, ln) + launched = true + } + pt.CmethodsDone() + + return +} + +func clientAcceptLoop(termMon *termmon.TermMonitor, f base.ClientFactory, ln net.Listener, proxyURI *url.URL) error { + defer ln.Close() + for { + conn, err := ln.Accept() + if err != nil { + if e, ok := err.(net.Error); ok && !e.Temporary() { + return err + } + continue + } + go clientHandler(termMon, f, conn, proxyURI) + } +} + +func clientHandler(termMon *termmon.TermMonitor, f base.ClientFactory, conn net.Conn, proxyURI *url.URL) { + defer conn.Close() + termMon.OnHandlerStart() + defer termMon.OnHandlerFinish() + + name := f.Transport().Name() + + // Read the client's SOCKS handshake. + socksReq, err := socks5.Handshake(conn) + if err != nil { + log.Errorf("%s - client failed socks handshake: %s", name, err) + return + } + addrStr := log.ElideAddr(socksReq.Target) + + // Deal with arguments. + args, err := f.ParseArgs(&socksReq.Args) + if err != nil { + log.Errorf("%s(%s) - invalid arguments: %s", name, addrStr, err) + socksReq.Reply(socks5.ReplyGeneralFailure) + return + } + + // Obtain the proxy dialer if any, and create the outgoing TCP connection. + dialFn := proxy.Direct.Dial + if proxyURI != nil { + dialer, err := proxy.FromURL(proxyURI, proxy.Direct) + if err != nil { + // This should basically never happen, since config protocol + // verifies this. + log.Errorf("%s(%s) - failed to obtain proxy dialer: %s", name, addrStr, log.ElideError(err)) + socksReq.Reply(socks5.ReplyGeneralFailure) + return + } + dialFn = dialer.Dial + } + + fmt.Println("Got dialer", dialFn, proxyURI, proxy.Direct) + + remote, err := f.Dial("tcp", socksReq.Target, dialFn, args) + if err != nil { + log.Errorf("%s(%s) - outgoing connection failed: %s", name, addrStr, log.ElideError(err)) + socksReq.Reply(socks5.ErrorToReplyCode(err)) + return + } + defer remote.Close() + err = socksReq.Reply(socks5.ReplySucceeded) + if err != nil { + log.Errorf("%s(%s) - SOCKS reply failed: %s", name, addrStr, log.ElideError(err)) + return + } + + if err = copyLoop(conn, remote); err != nil { + log.Warnf("%s(%s) - closed connection: %s", name, addrStr, log.ElideError(err)) + } else { + log.Infof("%s(%s) - closed connection", name, addrStr) + } + + return +} + +func ServerSetup(termMon *termmon.TermMonitor) (launched bool, listeners []net.Listener) { + ptServerInfo, err := pt.ServerSetup(transports.Transports()) + if err != nil { + golog.Fatal(err) + } + + for _, bindaddr := range ptServerInfo.Bindaddrs { + name := bindaddr.MethodName + t := transports.Get(name) + if t == nil { + pt.SmethodError(name, "no such transport is supported") + continue + } + + f, err := t.ServerFactory(stateDir, &bindaddr.Options) + if err != nil { + pt.SmethodError(name, err.Error()) + continue + } + + ln, err := net.ListenTCP("tcp", bindaddr.Addr) + if err != nil { + pt.SmethodError(name, err.Error()) + continue + } + + go serverAcceptLoop(termMon, f, ln, &ptServerInfo) + if args := f.Args(); args != nil { + pt.SmethodArgs(name, ln.Addr(), *args) + } else { + pt.SmethodArgs(name, ln.Addr(), nil) + } + + log.Infof("%s - registered listener: %s", name, log.ElideAddr(ln.Addr().String())) + + listeners = append(listeners, ln) + launched = true + } + pt.SmethodsDone() + + return +} + +func serverAcceptLoop(termMon *termmon.TermMonitor, f base.ServerFactory, ln net.Listener, info *pt.ServerInfo) error { + defer ln.Close() + for { + conn, err := ln.Accept() + if err != nil { + if e, ok := err.(net.Error); ok && !e.Temporary() { + return err + } + continue + } + go serverHandler(termMon, f, conn, info) + } +} + +func serverHandler(termMon *termmon.TermMonitor, f base.ServerFactory, conn net.Conn, info *pt.ServerInfo) { + defer conn.Close() + termMon.OnHandlerStart() + defer termMon.OnHandlerFinish() + + name := f.Transport().Name() + addrStr := log.ElideAddr(conn.RemoteAddr().String()) + log.Infof("%s(%s) - new connection", name, addrStr) + + // Instantiate the server transport method and handshake. + remote, err := f.WrapConn(conn) + if err != nil { + log.Warnf("%s(%s) - handshake failed: %s", name, addrStr, log.ElideError(err)) + return + } + + // Connect to the orport. + orConn, err := pt.DialOr(info, conn.RemoteAddr().String(), name) + if err != nil { + log.Errorf("%s(%s) - failed to connect to ORPort: %s", name, addrStr, log.ElideError(err)) + return + } + defer orConn.Close() + + if err = copyLoop(orConn, remote); err != nil { + log.Warnf("%s(%s) - closed connection: %s", name, addrStr, log.ElideError(err)) + } else { + log.Infof("%s(%s) - closed connection", name, addrStr) + } + + return +} + +func copyLoop(a net.Conn, b net.Conn) error { + // Note: b is always the pt connection. a is the SOCKS/ORPort connection. + errChan := make(chan error, 2) + + var wg sync.WaitGroup + wg.Add(2) + + go func() { + defer wg.Done() + defer b.Close() + defer a.Close() + _, err := io.Copy(b, a) + errChan <- err + }() + go func() { + defer wg.Done() + defer a.Close() + defer b.Close() + _, err := io.Copy(a, b) + errChan <- err + }() + + // Wait for both upstream and downstream to close. Since one side + // terminating closes the other, the second error in the channel will be + // something like EINVAL (though io.Copy() will swallow EOF), so only the + // first error is returned. + wg.Wait() + if len(errChan) > 0 { + return <-errChan + } + + return nil +} |