[Pkg-privacy-commits] [obfsproxy] 96/353: Add new obfsproxy mode: ext_server.
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:01:45 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch master
in repository obfsproxy.
commit a905cd2522e9be9f09911832f7928a4c73ae8564
Author: George Kadianakis <desnacked at riseup.net>
Date: Mon Dec 3 17:03:09 2012 +0200
Add new obfsproxy mode: ext_server.
'ext_server' is like the 'server' method, but it also completes the
Extended ORPort protocol with the server before proxying traffic.
---
obfsproxy.py | 4 +++-
obfsproxy/managed/server.py | 15 +++++++++++----
obfsproxy/network/launch_transport.py | 13 +++++++++++--
obfsproxy/network/network.py | 17 +++++++++++------
obfsproxy/network/socks.py | 2 --
obfsproxy/transports/base.py | 12 +++++++++++-
obfsproxy/transports/transports.py | 13 ++++++++++---
7 files changed, 57 insertions(+), 19 deletions(-)
diff --git a/obfsproxy.py b/obfsproxy.py
index 6169429..db0d873 100755
--- a/obfsproxy.py
+++ b/obfsproxy.py
@@ -76,7 +76,7 @@ def do_external_mode(args):
from twisted.internet import reactor
- addrport = launch_transport.launch_transport_listener(args.name, args.listen_addr, args.mode, args.dest)
+ addrport = launch_transport.launch_transport_listener(args.name, args.listen_addr, args.mode, args.dest, args.ext_cookie_file)
log.info("Launched '%s' listener at '%s:%s' for transport '%s'." % \
(args.mode, log.safe_addr_str(args.listen_addr[0]), args.listen_addr[1], args.name))
reactor.run()
@@ -123,6 +123,8 @@ def main(argv):
# Pass parsed arguments to the appropriate transports so that
# they can initialize and setup themselves. Exit if the
# provided arguments were corrupted.
+
+ # XXX use exceptions
if (args.validation_function(args) == False):
sys.exit(1)
diff --git a/obfsproxy/managed/server.py b/obfsproxy/managed/server.py
index 3ebe5a5..c1b0e3c 100644
--- a/obfsproxy/managed/server.py
+++ b/obfsproxy/managed/server.py
@@ -28,10 +28,17 @@ def do_managed_server():
for transport, transport_bindaddr in managedInfo['transports'].items():
try:
- addrport = launch_transport.launch_transport_listener(transport,
- transport_bindaddr,
- 'server',
- managedInfo['orport'])
+ if managedInfo['ext_orport']:
+ addrport = launch_transport.launch_transport_listener(transport,
+ transport_bindaddr,
+ 'ext_server',
+ managedInfo['ext_orport'],
+ managedInfo['auth_cookie_file'])
+ else:
+ addrport = launch_transport.launch_transport_listener(transport,
+ transport_bindaddr,
+ 'server',
+ managedInfo['orport'])
except transports.TransportNotFound:
log.warning("Could not find transport '%s'" % transport)
reportFailure(transport, "Could not find transport.")
diff --git a/obfsproxy/network/launch_transport.py b/obfsproxy/network/launch_transport.py
index 02a6f1b..e04901a 100644
--- a/obfsproxy/network/launch_transport.py
+++ b/obfsproxy/network/launch_transport.py
@@ -1,17 +1,23 @@
import obfsproxy.network.network as network
import obfsproxy.transports.transports as transports
import obfsproxy.network.socks as socks
+import obfsproxy.network.extended_orport as extended_orport
+
from twisted.internet import reactor
-def launch_transport_listener(transport, bindaddr, role, remote_addrport):
+def launch_transport_listener(transport, bindaddr, role, remote_addrport, ext_or_cookie_file=None):
"""
- Launch a listener for 'transport' in role 'role' (socks/client/server).
+ Launch a listener for 'transport' in role 'role' (socks/client/server/ext_server).
If 'bindaddr' is set, then listen on bindaddr. Otherwise, listen
on an ephemeral port on localhost.
'remote_addrport' is the TCP/IP address of the other end of the
circuit. It's not used if we are in 'socks' role.
+ 'ext_or_cookie_file' is the filesystem path where the Extended
+ ORPort Authentication cookie is stored. It's only used in
+ 'ext_server' mode.
+
Return a tuple (addr, port) representing where we managed to bind.
Throws obfsproxy.transports.transports.TransportNotFound if the
@@ -27,6 +33,9 @@ def launch_transport_listener(transport, bindaddr, role, remote_addrport):
if role == 'socks':
factory = socks.SOCKSv4Factory(transport_class)
+ elif role == 'ext_server':
+ assert(remote_addrport and ext_or_cookie_file)
+ factory = extended_orport.ExtORPortServerFactory(remote_addrport, ext_or_cookie_file, transport_class)
else:
assert(remote_addrport)
factory = network.StaticDestinationServerFactory(remote_addrport, role, transport_class)
diff --git a/obfsproxy/network/network.py b/obfsproxy/network/network.py
index 8c2a25f..5d693bf 100644
--- a/obfsproxy/network/network.py
+++ b/obfsproxy/network/network.py
@@ -159,9 +159,10 @@ class Circuit(Protocol):
log.debug("%s: Tearing down circuit." % self.name)
+ self.closed = True
+
if self.downstream: self.downstream.close()
if self.upstream: self.upstream.close()
- self.closed = True
self.transport.circuitDestroyed(self, reason, side)
@@ -170,7 +171,7 @@ class GenericProtocol(Protocol, object):
Generic obfsproxy connection. Contains useful methods and attributes.
Attributes:
- circuit: The circuit this connection belongs to.
+ circuit: The circuit object this connection belongs to.
buffer: Buffer that holds data that can't be proxied right
away. This can happen because the circuit is not yet
complete, or because the pluggable transport needs more
@@ -183,11 +184,11 @@ class GenericProtocol(Protocol, object):
def connectionLost(self, reason):
log.debug("%s: Connection was lost (%s)." % (self.name, reason.getErrorMessage()))
- self.circuit.close()
+ self.close()
def connectionFailed(self, reason):
log.debug("%s: Connection failed to connect (%s)." % (self.name, reason.getErrorMessage()))
- self.circuit.close()
+ self.close()
def write(self, buf):
"""
@@ -197,7 +198,7 @@ class GenericProtocol(Protocol, object):
self.transport.write(buf)
- def close(self):
+ def close(self, also_close_circuit=True):
"""
Close the connection.
"""
@@ -205,9 +206,13 @@ class GenericProtocol(Protocol, object):
log.debug("%s: Closing connection." % self.name)
- self.transport.loseConnection()
self.closed = True
+ self.transport.loseConnection()
+ if also_close_circuit:
+ self.circuit.close()
+
+
class StaticDestinationProtocol(GenericProtocol):
"""
Represents a connection to a static destination (as opposed to a
diff --git a/obfsproxy/network/socks.py b/obfsproxy/network/socks.py
index 903de5a..6032e94 100644
--- a/obfsproxy/network/socks.py
+++ b/obfsproxy/network/socks.py
@@ -117,7 +117,6 @@ class SOCKSv4Factory(Factory):
def __init__(self, transport_class):
# XXX self.logging = log
self.transport_class = transport_class
- self.circuits = []
self.name = "socks_fact_%s" % hex(id(self))
@@ -128,6 +127,5 @@ class SOCKSv4Factory(Factory):
log.debug("%s: New connection." % self.name)
circuit = network.Circuit(self.transport_class())
- self.circuits.append(circuit)
return SOCKSv4Protocol(circuit)
diff --git a/obfsproxy/transports/base.py b/obfsproxy/transports/base.py
index df3183c..b0a7bc7 100644
--- a/obfsproxy/transports/base.py
+++ b/obfsproxy/transports/base.py
@@ -72,9 +72,11 @@ class BaseTransport:
function.
"""
- subparser.add_argument('mode', choices=['server', 'client', 'socks'])
+ subparser.add_argument('mode', choices=['server', 'ext_server', 'client', 'socks'])
subparser.add_argument('listen_addr', type=addrport)
subparser.add_argument('--dest', type=addrport, help='Destination address')
+ subparser.add_argument('--ext-cookie-file', type=str,
+ help='Filesystem path where the Extended ORPort authentication cookie is stored.')
@classmethod
def validate_external_mode_cli(cls, args):
@@ -92,6 +94,14 @@ class BaseTransport:
log.error("'client' and 'server' modes need a destination address.")
return False
+ if (args.mode != 'ext_server') and args.ext_cookie_file:
+ log.error("No need for --ext-cookie-file if not an ext_server.")
+ return False
+
+ if (args.mode == 'ext_server') and (not args.ext_cookie_file):
+ log.error("You need to specify --ext-cookie-file as an ext_server.")
+ return False
+
return True
class PluggableTransportError(Exception): pass
diff --git a/obfsproxy/transports/transports.py b/obfsproxy/transports/transports.py
index d2b6d23..60fcc52 100644
--- a/obfsproxy/transports/transports.py
+++ b/obfsproxy/transports/transports.py
@@ -3,11 +3,18 @@ import obfsproxy.transports.dummy as dummy
import obfsproxy.transports.b64 as b64
import obfsproxy.transports.obfs2 as obfs2
-transports = { 'dummy' : {'client' : dummy.DummyClient, 'socks' : dummy.DummyClient, 'server' : dummy.DummyServer },
- 'b64' : {'client' : b64.B64Client, 'socks' : b64.B64Client, 'server' : b64.B64Server },
- 'obfs2' : {'client' : obfs2.Obfs2Client, 'socks' : obfs2.Obfs2Client, 'server' : obfs2.Obfs2Server } }
+transports = { 'dummy' : {'client' : dummy.DummyClient, 'server' : dummy.DummyServer },
+ 'b64' : {'client' : b64.B64Client, 'server' : b64.B64Server },
+ 'obfs2' : {'client' : obfs2.Obfs2Client, 'server' : obfs2.Obfs2Server } }
def get_transport_class(name, role):
+ # Rewrite equivalent roles.
+ if role == 'socks':
+ role = 'client'
+ elif role == 'ext_server':
+ role = 'server'
+
+ # Find the correct class
if (name in transports) and (role in transports[name]):
return transports[name][role]
else:
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfsproxy.git
More information about the Pkg-privacy-commits
mailing list