Wire in go.net/proxy, enabling SOCKS5 via TOR_PT_PROXY.

With tor patched to support 8402, obfs4 bootstraps via a SOCKSv5 proxy now. Other schemes will bail with a PROXY-ERROR, as the go.net/proxy package does not support them, and I have not gotten around to writing dialers for them yet (next on my TODO list). Part of issue #7.
10 years ago · 92494597ce
parent b3d17c327b
commit 92494597ce
3 changed files with 83 additions and 12 deletions
--- a/obfs4.go
+++ b/obfs4.go
@ -533,10 +533,21 @@ func (c *Obfs4Conn) SetWriteDeadline(t time.Time) error {
 	return syscall.ENOTSUP
 }

+// DialFn is a function pointer to a dial routine that matches the
+// net.Dialer.Dial routine.
+type DialFn func(string, string) (net.Conn, error)
+
 // DialObfs4 connects to the remote address on the network, and handshakes with
 // the peer's obfs4 Node ID and Identity Public Key.  nodeID and publicKey are
 // expected as strings containing the Base64 encoded values.
 func DialObfs4(network, address, nodeID, publicKey string, iatObfuscation bool) (*Obfs4Conn, error) {
+
+	return DialObfs4DialFn(net.Dial, network, address, nodeID, publicKey, iatObfuscation)
+}
+
+// DialObfs4DialFn connects to the remote address on the network via DialFn,
+// and handshakes with the peers' obfs4 Node ID and Identity Public Key.
+func DialObfs4DialFn(dialFn DialFn, network, address, nodeID, publicKey string, iatObfuscation bool) (*Obfs4Conn, error) {
 	// Decode the node_id/public_key.
 	pub, err := ntor.PublicKeyFromBase64(publicKey)
 	if err != nil {
@ -553,13 +564,13 @@ func DialObfs4(network, address, nodeID, publicKey string, iatObfuscation bool)
 		return nil, err
 	}

-	// Connect to the peer.
+	// Generate the Obfs4Conn.
 	c := new(Obfs4Conn)
 	c.lenProbDist = newWDist(seed, 0, framing.MaximumSegmentLength)
 	if iatObfuscation {
 		c.iatProbDist = newWDist(seed, 0, maxIatDelay)
 	}
-	c.conn, err = net.Dial(network, address)
+	c.conn, err = dialFn(network, address)
 	if err != nil {
 		return nil, err
 	}
--- a/obfs4proxy/obfs4proxy.go
+++ b/obfs4proxy/obfs4proxy.go
@ -53,6 +53,7 @@ import (
 	"io/ioutil"
 	"log"
 	"net"
+	"net/url"
 	"os"
 	"os/signal"
 	"path"
@ -222,7 +223,7 @@ func serverSetup() (launched bool) {
 	return
 }

-func clientHandler(conn *pt.SocksConn) error {
+func clientHandler(conn *pt.SocksConn, proxyURI *url.URL) error {
 	defer conn.Close()

 	var addr string
@ -254,8 +255,13 @@ func clientHandler(conn *pt.SocksConn) error {
 	}()

 	defer logAndRecover(nil)
-	remote, err := obfs4.DialObfs4("tcp", conn.Req.Target, nodeID, publicKey,
-		iatObfuscation)
+	dialFn, err := getProxyDialer(proxyURI)
+	if err != nil {
+		log.Printf("[ERROR] client: failed to get proxy dialer: %s", err)
+		conn.Reject()
+		return err
+	}
+	remote, err := obfs4.DialObfs4DialFn(dialFn, "tcp", conn.Req.Target, nodeID, publicKey, iatObfuscation)
 	if err != nil {
 		log.Printf("[ERROR] client: %p: Handshake failed: %s", remote, err)
 		conn.Reject()
@ -272,7 +278,7 @@ func clientHandler(conn *pt.SocksConn) error {
 	return nil
 }

-func clientAcceptLoop(ln *pt.SocksListener) error {
+func clientAcceptLoop(ln *pt.SocksListener, proxyURI *url.URL) error {
 	defer ln.Close()
 	for {
 		conn, err := ln.AcceptSocks()
@ -282,7 +288,7 @@ func clientAcceptLoop(ln *pt.SocksListener) error {
 			}
 			continue
 		}
-		go clientHandler(conn)
+		go clientHandler(conn, proxyURI)
 	}
 }

@ -296,17 +302,20 @@ func clientSetup() (launched bool) {
 	ptClientInfo, err := pt.ClientSetup([]string{obfs4Method})
 	if err != nil {
 		log.Fatal(err)
-		return
 	}

 	ptClientProxy, err := ptGetProxy()
 	if err != nil {
 		log.Fatal(err)
-		return
 	}
 	if ptClientProxy != nil {
-		// XXX: Remove this once done.
-		ptProxyError("proxy are not supported yet")
+		// XXX: Limit this to SOCKS5 for now.
+		if ptClientProxy.Scheme != "socks5" {
+			ptProxyError(fmt.Sprintf("proxy scheme not supported: %s",
+				ptClientProxy.Scheme))
+			return
+		}
+		ptProxyDone()
 	}

 	for _, methodName := range ptClientInfo.MethodNames {
@ -317,7 +326,7 @@ func clientSetup() (launched bool) {
 				pt.CmethodError(methodName, err.Error())
 				break
 			}
-			go clientAcceptLoop(ln)
+			go clientAcceptLoop(ln, ptClientProxy)
 			pt.Cmethod(methodName, ln.Version(), ln.Addr())
 			ptListeners = append(ptListeners, ln)
 			launched = true
--- a/obfs4proxy/proxy_extras.go
+++ b/obfs4proxy/proxy_extras.go
@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2014, Yawning Angel <yawning at torproject dot org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ *  * Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ *  * Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package main
+
+import (
+	"net/url"
+
+	"code.google.com/p/go.net/proxy"
+
+	"github.com/yawning/obfs4"
+)
+
+// getProxyDialer is a trival wrapper around the go.net/proxy package to avoid
+// having it as a dependency for anything else.
+func getProxyDialer(uri *url.URL) (obfs4.DialFn, error) {
+	if uri == nil {
+		return proxy.Direct.Dial, nil
+	}
+
+	dialer, err := proxy.FromURL(uri, proxy.Direct)
+	if err != nil {
+		return nil, err
+	}
+
+	return dialer.Dial, nil
+}