func getProxyClient(proxyIP, proxyPort string, auth ...*proxy.Auth) *http.Client {
proxyurl := proxyIP + ":" + proxyPort
var author *proxy.Auth = nil
if auth != nil {
author = auth[0]
}
dialer, err := proxy.SOCKS5("tcp", proxyurl, author,
&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
},
)
if err != nil {
logmodels.Logger.Error(logmodels.SPrintError("getProxyClient : proxy.SOCKS5", "%v", err))
return nil
}
transport := &http.Transport{
Proxy: nil,
Dial: dialer.Dial,
TLSHandshakeTimeout: 10 * time.Second,
}
return &http.Client{Transport: transport}
}
// Use golang.org/x/net/proxy package to make a socks5 client.
// For more information, see DefaultTransport in net.http package.
func Socks5Client(conf ProxyConfig) (client *http.Client, err error) {
var proxyAuth *proxy.Auth
if conf.Username != "" {
proxyAuth = new(proxy.Auth)
proxyAuth.User = conf.Username
proxyAuth.Password = conf.Password
}
dialer, err := proxy.SOCKS5(
"tcp",
conf.Addr,
proxyAuth,
&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
})
if err != nil {
return
}
var transport http.RoundTripper = &http.Transport{
Proxy: nil,
Dial: dialer.Dial,
TLSHandshakeTimeout: 10 * time.Second,
}
client = &http.Client{Transport: transport}
return
}
func main() {
flag.Parse()
log.Println("Started on: ", *listenSpec, "with forward: ", *socks5Spec)
dialer, err := proxy.SOCKS5("tcp", *socks5Spec, nil, proxy.Direct)
if err != nil {
log.Fatalf("Socks5 dialer initialization failed: %v", err)
}
h := HTTPSOrProxyConnectHandler{
forward: dialer,
}
conf := &socks5.Config{
ConnectHandler: h,
}
serv, err := socks5.New(conf)
if err != nil {
log.Fatal(err)
}
if err = serv.ListenAndServe("tcp", *listenSpec); err != nil {
log.Fatal(err)
}
}
func newFleetAPIClient(fleetEndpoint string, socksProxy string) (client.API, error) {
u, err := url.Parse(fleetEndpoint)
if err != nil {
return nil, err
}
httpClient := &http.Client{}
if socksProxy != "" {
log.Printf("using proxy %s\n", socksProxy)
netDialler := &net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}
dialer, err := proxy.SOCKS5("tcp", socksProxy, nil, netDialler)
if err != nil {
log.Fatalf("error with proxy %s: %v\n", socksProxy, err)
}
httpClient.Transport = &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: dialer.Dial,
TLSHandshakeTimeout: 10 * time.Second,
}
}
return client.NewHTTPClient(httpClient, *u)
}
func sshHost(host string, cfg *conf.Config) (*ssh.Client, error) {
h := cfg.Hosts[cfg.HostsMap[host]]
var conn net.Conn
var err error
if h.Via != "" {
debugln("via", h.Via)
dialer, err := sshHost(h.Via, cfg)
if err != nil {
return nil, err
}
dst := fmt.Sprintf("%s:%d", h.Addr, h.Port)
debugln("dial", dst)
conn, err = dialer.Dial("tcp", dst)
if err != nil {
return nil, err
}
} else {
var dialer Dialer = proxy.Direct
if h.SOCKS != "" {
debugln("socks via", h.SOCKS)
dialer, err = proxy.SOCKS5("tcp", h.SOCKS, nil, proxy.Direct)
if err != nil {
return nil, err
}
}
dst := fmt.Sprintf("%s:%d", h.Addr, h.Port)
debugln("dial", dst)
conn, err = dialer.Dial("tcp", dst)
}
if err != nil {
return nil, err
}
return sshOnConn(conn, h)
}
func NewDialer(name, address, username, password string, cidrs []string) *Dial {
ipnets := make([]*net.IPNet, 0)
for _, cidr := range cidrs {
_, ipnet, err := net.ParseCIDR(cidr)
if err != nil {
glog.Errorf("parse %s cidr error %s", err.Error())
return nil
}
ipnets = append(ipnets, ipnet)
}
var auth *proxy.Auth
if username != "" && password != "" {
auth = &proxy.Auth{User: username, Password: password}
} else {
auth = nil
}
dialer, err := proxy.SOCKS5("tcp", address,
auth,
&net.Dialer{
Timeout: 60 * time.Second,
KeepAlive: 60 * time.Second,
},
)
if err != nil {
glog.Errorln("connect socks5 proxy error ", err)
return nil
}
return &Dial{
name: name,
ipnets: ipnets,
dialer: dialer,
}
}
func TestSocksTcpConnectWithUserPass(t *testing.T) {
assert := unit.Assert(t)
port := v2nettesting.PickPort()
connInput := []byte("The data to be returned to socks server.")
connOutput := bytes.NewBuffer(make([]byte, 0, 1024))
och := &proxymocks.OutboundConnectionHandler{
ConnInput: bytes.NewReader(connInput),
ConnOutput: connOutput,
}
connhandler.RegisterOutboundConnectionHandlerFactory("mock_och", och)
config := mocks.Config{
PortValue: port,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
SettingsValue: &json.SocksConfig{
AuthMethod: "password",
Accounts: []json.SocksAccount{
json.SocksAccount{
Username: "******",
Password: "******",
},
},
},
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "mock_och",
SettingsValue: nil,
},
}
point, err := point.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%d", port), &proxy.Auth{"userx", "passy"}, proxy.Direct)
assert.Error(err).IsNil()
targetServer := "1.2.3.4:443"
conn, err := socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNil()
data2Send := "The data to be sent to remote server."
conn.Write([]byte(data2Send))
if tcpConn, ok := conn.(*net.TCPConn); ok {
tcpConn.CloseWrite()
}
dataReturned, err := ioutil.ReadAll(conn)
assert.Error(err).IsNil()
conn.Close()
assert.Bytes([]byte(data2Send)).Equals(connOutput.Bytes())
assert.Bytes(dataReturned).Equals(connInput)
assert.String(targetServer).Equals(och.Destination.Address().String())
}
// Resolve takes a hostname and returns a net.Conn to the derived endpoint
func (nr *NetworkResolver) Resolve(hostname string) (net.Conn, string, error) {
if strings.HasPrefix(hostname, "127.0.0.1") {
addrParts := strings.Split(hostname, "|")
tcpAddr, err := net.ResolveTCPAddr("tcp", addrParts[0])
if err != nil {
return nil, "", errors.New("Cannot Resolve Local TCP Address")
}
conn, err := net.DialTCP("tcp", nil, tcpAddr)
if err != nil {
return nil, "", errors.New("Cannot Dial Local TCP Address")
}
// return just the onion address, not the local override for the hostname
return conn, addrParts[1], nil
}
resolvedHostname := hostname
if strings.HasPrefix(hostname, "ricochet:") {
addrParts := strings.Split(hostname, ":")
resolvedHostname = addrParts[1]
}
torDialer, err := proxy.SOCKS5("tcp", "127.0.0.1:9050", nil, proxy.Direct)
if err != nil {
return nil, "", err
}
conn, err := torDialer.Dial("tcp", resolvedHostname+".onion:9878")
if err != nil {
return nil, "", errors.New("Cannot Dial Remote Ricochet Address")
}
//conn.SetDeadline(time.Now().Add(5 * time.Second))
return conn, resolvedHostname, nil
}
func getProxyClient(proxyIP, proxyPort string, auth ...*proxy.Auth) *http.Client {
proxyurl := proxyIP + ":" + proxyPort
var author *proxy.Auth = nil
if auth != nil {
author = auth[0]
}
dialer, err := proxy.SOCKS5("tcp", proxyurl, author,
&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
},
)
if err != nil {
ConsoleColor.Println(ConsoleColor.C_RED, " ** Socket5ProxyClient() Error\r\n\t", "proxy.SOCKS5: ", err)
return nil
}
transport := &http.Transport{
Proxy: nil,
Dial: dialer.Dial,
TLSHandshakeTimeout: 10 * time.Second,
}
return &http.Client{Transport: transport}
}
func (s3 S3ConnectionInfo) Connect() (*minio.Client, error) {
var s3Client *minio.Client
var err error
if s3.SignatureVersion == "2" {
s3Client, err = minio.NewV2(s3.Host, s3.AccessKey, s3.SecretKey, false)
} else {
s3Client, err = minio.NewV4(s3.Host, s3.AccessKey, s3.SecretKey, false)
}
if err != nil {
return nil, err
}
transport := http.DefaultTransport
transport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: s3.SkipSSLValidation}
if s3.SOCKS5Proxy != "" {
dialer, err := proxy.SOCKS5("tcp", s3.SOCKS5Proxy, nil, proxy.Direct)
if err != nil {
fmt.Fprintln(os.Stderr, "can't connect to the proxy:", err)
os.Exit(1)
}
transport.(*http.Transport).Dial = dialer.Dial
}
s3Client.SetCustomTransport(transport)
return s3Client, nil
}
func torAutoProxy(u *url.URL, d proxy.Dialer) (proxy.Dialer, error) {
auth := genTorAutoAuth(u)
addr := genTorAutoAddr(u)
if addr == "" {
return nil, ErrTorNotRunning
}
return proxy.SOCKS5("tcp", addr, auth, d)
}
func TestSocksTcpConnect(t *testing.T) {
v2testing.Current(t)
port := v2nettesting.PickPort()
connInput := []byte("The data to be returned to socks server.")
connOutput := bytes.NewBuffer(make([]byte, 0, 1024))
och := &proxymocks.OutboundConnectionHandler{
ConnOutput: connOutput,
ConnInput: bytes.NewReader(connInput),
}
protocol, err := proxytesting.RegisterOutboundConnectionHandlerCreator("mock_och", func(space app.Space, config interface{}) (v2proxy.OutboundConnectionHandler, error) {
return och, nil
})
assert.Error(err).IsNil()
config := mocks.Config{
PortValue: port,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
SettingsValue: []byte(`
{
"auth": "noauth"
}`),
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: protocol,
SettingsValue: nil,
},
}
point, err := point.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%d", port), nil, proxy.Direct)
assert.Error(err).IsNil()
targetServer := "google.com:80"
conn, err := socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNil()
data2Send := "The data to be sent to remote server."
conn.Write([]byte(data2Send))
if tcpConn, ok := conn.(*net.TCPConn); ok {
tcpConn.CloseWrite()
}
dataReturned, err := ioutil.ReadAll(conn)
assert.Error(err).IsNil()
conn.Close()
assert.Bytes([]byte(data2Send)).Equals(connOutput.Bytes())
assert.Bytes(dataReturned).Equals(connInput)
assert.StringLiteral(targetServer).Equals(och.Destination.NetAddr())
}
// Socks5 sets SOCKS5 proxy. For exmaple:
//
// gr.Socks5()"tcp", PROXY_ADDR, nil, proxy.Direct)
// gr.Socks5("tcp", "127.0.0.1:8080",
// &proxy.Auth{User:"******", Password:"******"},
// &net.Dialer {
// Timeout: 30 * time.Second,
// KeepAlive: 30 * time.Second,
// },
//)
//
func (gr *GoReq) Socks5(network, addr string, auth *proxy.Auth, forward proxy.Dialer) *GoReq {
dialer, err := proxy.SOCKS5(network, addr, auth, forward)
if err != nil {
gr.Errors = append(gr.Errors, err)
} else {
gr.Transport.Dial = dialer.Dial
}
return gr
}
func TestSocksTcpConnect(t *testing.T) {
assert := unit.Assert(t)
port := v2nettesting.PickPort()
data2Send := "Data to be sent to remote"
tcpServer := &tcp.Server{
Port: port,
MsgProcessor: func(data []byte) []byte {
buffer := make([]byte, 0, 2048)
buffer = append(buffer, []byte("Processed: ")...)
buffer = append(buffer, data...)
return buffer
},
}
_, err := tcpServer.Start()
assert.Error(err).IsNil()
pointPort := v2nettesting.PickPort()
config := mocks.Config{
PortValue: pointPort,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
SettingsValue: &json.SocksConfig{
AuthMethod: "auth",
},
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "freedom",
SettingsValue: nil,
},
}
point, err := point.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%d", pointPort), nil, proxy.Direct)
assert.Error(err).IsNil()
targetServer := fmt.Sprintf("127.0.0.1:%d", port)
conn, err := socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNil()
conn.Write([]byte(data2Send))
if tcpConn, ok := conn.(*net.TCPConn); ok {
tcpConn.CloseWrite()
}
dataReturned, err := ioutil.ReadAll(conn)
assert.Error(err).IsNil()
conn.Close()
assert.Bytes(dataReturned).Equals([]byte("Processed: Data to be sent to remote"))
}
func TestSocksTcpConnect(t *testing.T) {
v2testing.Current(t)
port := v2nettesting.PickPort()
data2Send := "Data to be sent to remote"
tcpServer := &tcp.Server{
Port: port,
MsgProcessor: func(data []byte) []byte {
buffer := make([]byte, 0, 2048)
buffer = append(buffer, []byte("Processed: ")...)
buffer = append(buffer, data...)
return buffer
},
}
_, err := tcpServer.Start()
assert.Error(err).IsNil()
pointPort := v2nettesting.PickPort()
config := &point.Config{
Port: pointPort,
InboundConfig: &point.ConnectionConfig{
Protocol: "socks",
Settings: []byte(`{"auth": "noauth"}`),
},
OutboundConfig: &point.ConnectionConfig{
Protocol: "freedom",
Settings: nil,
},
}
point, err := point.NewPoint(config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%d", pointPort), nil, proxy.Direct)
assert.Error(err).IsNil()
targetServer := fmt.Sprintf("127.0.0.1:%d", port)
conn, err := socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNil()
conn.Write([]byte(data2Send))
if tcpConn, ok := conn.(*net.TCPConn); ok {
tcpConn.CloseWrite()
}
dataReturned, err := v2io.ReadFrom(conn, nil)
assert.Error(err).IsNil()
conn.Close()
assert.Bytes(dataReturned.Value).Equals([]byte("Processed: Data to be sent to remote"))
}
// Dial dials to a remote host. The argument is given in the form "host:port", where
// host follows the form
// [ IP address ] [ EdDSA Public key (32 bytes) ]
// (###-###-###-###--)aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.edge.sagiri
// NOTE: Currently you must supply the IP address, since the onion-routing system is not done.
func Dial(remote string) (io.ReadWriteCloser, error) {
lol, err := GetDaemon()
if err != nil {
return nil, err
}
desc, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%v", lol.SocksPort),
nil, proxy.Direct)
if err != nil {
return nil, err
}
return desc.Dial("tcp", remote)
}
// ClientDailer returns an socks5 proxy dialer for the pluggable transport client connection
func (p PTDialMethodConfig) ClientDialer() (proxy.Dialer, error) {
// tcp is hardcoded for the time being.
network := "tcp4"
auth := p.auth()
clidial, err := proxy.SOCKS5(network, p.ClientAddr, auth, proxy.Direct)
if err != nil {
return nil, err
}
return clidial, err
}
// ClientDailer returns an socks5 proxy dialer relevant if the other end of the pluggable transport server is also an socks5 proxy, in that case this proxy dialer can be used to access the internet.
func (p PTDialMethodConfig) ServerSocksDialer() (proxy.Dialer, error) {
// tcp is hardcoded for the time being.
network := "tcp4"
clientDialer, err := p.ClientDialer()
if err != nil {
return nil, err
}
socksDailer, err := proxy.SOCKS5(network, p.ServerAddr, nil, clientDialer)
return socksDailer, err
}
func TestSocksTcpConnect(t *testing.T) {
assert := unit.Assert(t)
port := uint16(12385)
och := &mocks.OutboundConnectionHandler{
Data2Send: bytes.NewBuffer(make([]byte, 0, 1024)),
Data2Return: []byte("The data to be returned to socks server."),
}
v2proxy.RegisterOutboundConnectionHandlerFactory("mock_och", och)
config := mocks.Config{
PortValue: port,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
SettingsValue: &json.SocksConfig{
AuthMethod: "noauth",
},
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "mock_och",
SettingsValue: nil,
},
}
point, err := point.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", "127.0.0.1:12385", nil, proxy.Direct)
assert.Error(err).IsNil()
targetServer := "google.com:80"
conn, err := socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNil()
data2Send := "The data to be sent to remote server."
conn.Write([]byte(data2Send))
if tcpConn, ok := conn.(*net.TCPConn); ok {
tcpConn.CloseWrite()
}
dataReturned, err := ioutil.ReadAll(conn)
assert.Error(err).IsNil()
conn.Close()
assert.Bytes([]byte(data2Send)).Equals(och.Data2Send.Bytes())
assert.Bytes(dataReturned).Equals(och.Data2Return)
assert.String(targetServer).Equals(och.Destination.Address().String())
}
func main() {
flag.Parse()
var err error
dialer, err = proxy.SOCKS5("tcp", *sockaddr, nil, &net.Dialer{})
if err != nil {
log.Fatalf("dial sock5 error:%s", err)
}
trans = http.Transport{Dial: dialer.Dial}
log.Fatal(http.ListenAndServe(*listenaddr, http.HandlerFunc(serveHTTP)))
}
func socks5UnixProxy(u *url.URL, d proxy.Dialer) (proxy.Dialer, error) {
var auth *proxy.Auth
if u.User != nil {
auth = &proxy.Auth{
User: u.User.Username(),
}
if p, ok := u.User.Password(); ok {
auth.Password = p
}
}
return proxy.SOCKS5("unix", u.Path, auth, d)
}
func TestSocksTcpConnectWithUserPass(t *testing.T) {
assert := unit.Assert(t)
port := uint16(12386)
och := &mocks.OutboundConnectionHandler{
Data2Send: bytes.NewBuffer(make([]byte, 0, 1024)),
Data2Return: []byte("The data to be returned to socks server."),
}
core.RegisterOutboundConnectionHandlerFactory("mock_och", och)
config := mocks.Config{
PortValue: port,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
ContentValue: []byte("{\"auth\": \"password\",\"user\": \"userx\",\"pass\": \"passy\"}"),
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "mock_och",
ContentValue: nil,
},
}
point, err := core.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", "127.0.0.1:12386", &proxy.Auth{"userx", "passy"}, proxy.Direct)
assert.Error(err).IsNil()
targetServer := "1.2.3.4:443"
conn, err := socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNil()
data2Send := "The data to be sent to remote server."
conn.Write([]byte(data2Send))
if tcpConn, ok := conn.(*net.TCPConn); ok {
tcpConn.CloseWrite()
}
dataReturned, err := ioutil.ReadAll(conn)
assert.Error(err).IsNil()
conn.Close()
assert.Bytes([]byte(data2Send)).Equals(och.Data2Send.Bytes())
assert.Bytes(dataReturned).Equals(och.Data2Return)
assert.String(targetServer).Equals(och.Destination.Address().String())
}
func main() {
var (
socksProxy = flag.String("socks-proxy", "", "Use specified SOCKS proxy (e.g. localhost:2323)")
etcdPeers = flag.String("etcd-peers", "http://localhost:2379", "Comma-separated list of addresses of etcd endpoints to connect to")
)
flag.Parse()
transport := client.DefaultTransport
if *socksProxy != "" {
dialer, _ := proxy.SOCKS5("tcp", *socksProxy, nil, proxy.Direct)
transport = &http.Transport{Dial: dialer.Dial}
}
peers := strings.Split(*etcdPeers, ",")
log.Printf("etcd peers are %v\n", peers)
cfg := client.Config{
Endpoints: peers,
Transport: transport,
HeaderTimeoutPerRequest: time.Second,
}
etcd, err := client.New(cfg)
if err != nil {
log.Fatalf("failed to start etcd client: %v\n", err.Error())
}
kapi := client.NewKeysAPI(etcd)
watcher := newWatcher(kapi, "/ft/services/", *socksProxy, peers)
tick := time.NewTicker(2 * time.Second)
for {
s := time.Now()
log.Println("rebuilding configuration")
applyVulcanConf(kapi, buildVulcanConf(readServices(kapi)))
log.Printf("completed reconfiguration. %v\n", time.Now().Sub(s))
// wait for a change
<-watcher.wait()
// throttle
<-tick.C
}
}
// Test the SOCKS proxy server.
func TestSocks(t *testing.T) {
tempDir, err := ioutil.TempDir("", "test_socks")
if err != nil {
t.Fatal(err)
}
d, err := makeTrivialDomain(tempDir)
if err != nil {
t.Fatal(err)
}
proxy, err := makeProxyContext(localAddr, d)
if err != nil {
t.Fatal(err)
}
defer proxy.Close()
defer os.RemoveAll(path.Base(d.ConfigPath))
proxyAddr := proxy.listener.Addr().String()
ch := make(chan testResult)
go func() {
c, err := proxy.Accept()
if err != nil {
ch <- testResult{err, nil}
return
}
defer c.Close()
ch <- testResult{nil, []byte(c.(*SocksConn).dstAddr)}
}()
dialer, err := netproxy.SOCKS5(network, proxyAddr, nil, netproxy.Direct)
if err != nil {
t.Error(err)
}
// The value of dstAddr doesn't matter here because the client never
// tries to send anything to it.
c, err := dialer.Dial(network, "127.0.0.1:1234")
if err != nil {
t.Error(err)
}
defer c.Close()
res := <-ch
if res.err != nil {
t.Error(res.err)
} else {
t.Log("server got:", string(res.msg))
}
}
func (c *client) torDialer() proxy.Dialer {
// We generate a random username so that Tor will decouple all of our
// connections.
var userBytes [8]byte
c.randBytes(userBytes[:])
auth := proxy.Auth{
User: base32.StdEncoding.EncodeToString(userBytes[:]),
Password: "******",
}
dialer, err := proxy.SOCKS5("tcp", c.torAddress, &auth, proxy.Direct)
if err != nil {
panic(err)
}
return dialer
}
func init() {
proxy.RegisterDialerType("socks5+unix", func(u *url.URL, d proxy.Dialer) (proxy.Dialer, error) {
var auth *proxy.Auth
if u.User != nil {
auth = &proxy.Auth{
User: u.User.Username(),
}
if p, ok := u.User.Password(); ok {
auth.Password = p
}
}
return proxy.SOCKS5("unix", u.Path, auth, d)
})
}
func TestSocksTcpConnectWithWrongAuthMethod(t *testing.T) {
v2testing.Current(t)
port := v2nettesting.PickPort()
connInput := []byte("The data to be returned to socks server.")
connOutput := bytes.NewBuffer(make([]byte, 0, 1024))
och := &proxymocks.OutboundConnectionHandler{
ConnInput: bytes.NewReader(connInput),
ConnOutput: connOutput,
}
protocol, err := proxytesting.RegisterOutboundConnectionHandlerCreator("mock_och", func(space app.Space, config interface{}) (v2proxy.OutboundConnectionHandler, error) {
return och, nil
})
assert.Error(err).IsNil()
config := mocks.Config{
PortValue: port,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
SettingsValue: []byte(`
{
"auth": "password",
"accounts": [
{"user": "******", "pass": "******"}
]
}`),
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: protocol,
SettingsValue: nil,
},
}
point, err := point.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%d", port), nil, proxy.Direct)
assert.Error(err).IsNil()
targetServer := "1.2.3.4:443"
_, err = socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNotNil()
}
func TestSocksTcpConnectWithWrongAuthMethod(t *testing.T) {
assert := unit.Assert(t)
port := v2nettesting.PickPort()
connInput := []byte("The data to be returned to socks server.")
connOutput := bytes.NewBuffer(make([]byte, 0, 1024))
och := &proxymocks.OutboundConnectionHandler{
ConnInput: bytes.NewReader(connInput),
ConnOutput: connOutput,
}
connhandler.RegisterOutboundConnectionHandlerFactory("mock_och", och)
config := mocks.Config{
PortValue: port,
InboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "socks",
SettingsValue: &json.SocksConfig{
AuthMethod: "password",
Accounts: []json.SocksAccount{
json.SocksAccount{
Username: "******",
Password: "******",
},
},
},
},
OutboundConfigValue: &mocks.ConnectionConfig{
ProtocolValue: "mock_och",
SettingsValue: nil,
},
}
point, err := point.NewPoint(&config)
assert.Error(err).IsNil()
err = point.Start()
assert.Error(err).IsNil()
socks5Client, err := proxy.SOCKS5("tcp", fmt.Sprintf("127.0.0.1:%d", port), nil, proxy.Direct)
assert.Error(err).IsNil()
targetServer := "1.2.3.4:443"
_, err = socks5Client.Dial("tcp", targetServer)
assert.Error(err).IsNotNil()
}
func (dl *anonDialer) Dial(network, addr string) (c net.Conn, err error) {
if dl.torAddr == "DANGEROUS_NO_TOR" {
return proxy.Direct.Dial(network, addr)
}
var identity [16]byte
if _, err := rand.Read(identity[:]); err != nil {
panic(err)
}
dialer, err := proxy.SOCKS5("tcp", dl.torAddr, &proxy.Auth{
User: fmt.Sprintf("%x", identity[:8]),
Password: fmt.Sprintf("%x", identity[8:]),
}, proxy.Direct)
if err != nil {
return nil, err
}
return dialer.Dial(network, addr)
}
func main() {
logger := log.New(os.Stderr, "http2socks: ", log.LstdFlags|log.Lshortfile)
flag.Parse()
prxy := goproxy.NewProxyHttpServer()
prxy.Logger = logger
prxy.Verbose = *verbose
dialer, err := proxy.SOCKS5("tcp", *socksAddr, nil, proxy.Direct)
if err != nil {
log.Fatal(err)
}
prxy.Tr = &http.Transport{Dial: dialer.Dial}
logger.Fatal(http.ListenAndServe(*listenAddr, prxy))
}
