Pass the dbusServer to the SOCKS5 proxy chain

pull/19/head
David Stainton 9 years ago
parent d0ee559a91
commit 0b04df4582

@ -169,11 +169,7 @@ func loadConfiguration(configFilePath string) (*SocksJsonConfig, error) {
return &config, nil return &config, nil
} }
func main() { func getSocksChainConfig(config *SocksJsonConfig) *socksChainConfig {
config, err := loadConfiguration("/etc/fw-daemon-socks.json")
if err != nil {
panic(err)
}
// XXX // XXX
fields := strings.Split(config.TorSocks, ":") fields := strings.Split(config.TorSocks, ":")
torSocksNet := fields[0] torSocksNet := fields[0]
@ -181,12 +177,23 @@ func main() {
fields = strings.Split(config.SocksListener, ":") fields = strings.Split(config.SocksListener, ":")
socksListenNet := fields[0] socksListenNet := fields[0]
socksListenAddr := fields[1] socksListenAddr := fields[1]
socksConfig := SocksChainConfig{ socksConfig := socksChainConfig{
TargetSocksNet: torSocksNet, TargetSocksNet: torSocksNet,
TargetSocksAddr: torSocksAddr, TargetSocksAddr: torSocksAddr,
ListenSocksNet: socksListenNet, ListenSocksNet: socksListenNet,
ListenSocksAddr: socksListenAddr, ListenSocksAddr: socksListenAddr,
} }
return &socksConfig
}
func main() {
// XXX should this really be hardcoded?
// or should i add a CLI to specify config file location?
config, err := loadConfiguration("/etc/fw-daemon-socks.json")
if err != nil {
panic(err)
}
socksConfig := getSocksChainConfig(config)
logBackend := setupLoggerBackend() logBackend := setupLoggerBackend()
log.SetBackend(logBackend) log.SetBackend(logBackend)
@ -225,7 +232,9 @@ func main() {
*/ */
wg := sync.WaitGroup{} wg := sync.WaitGroup{}
InitSocksListener(&socksConfig, &wg) chain := NewSocksChain(socksConfig, &wg, ds)
chain.start()
fw.runFilter() fw.runFilter()
// observe process signals and either // observe process signals and either
@ -240,7 +249,7 @@ func main() {
select { select {
case <-sigHupChan: case <-sigHupChan:
fw.reloadRules() fw.reloadRules()
// XXX perhaps restart SOCKS proxy chain service? // XXX perhaps restart SOCKS proxy chain service with new proxy config specification?
case <-sigKillChan: case <-sigKillChan:
fw.stop() fw.stop()
return return

@ -9,43 +9,58 @@ import (
"github.com/subgraph/fw-daemon/socks5" "github.com/subgraph/fw-daemon/socks5"
) )
type SocksChainConfig struct { type socksChainConfig struct {
TargetSocksNet string TargetSocksNet string
TargetSocksAddr string TargetSocksAddr string
ListenSocksNet string ListenSocksNet string
ListenSocksAddr string ListenSocksAddr string
} }
type session struct { type socksChain struct {
cfg *SocksChainConfig cfg *socksChainConfig
dbus *dbusServer
listener net.Listener
wg *sync.WaitGroup
}
type socksChainSession struct {
cfg *socksChainConfig
clientConn net.Conn clientConn net.Conn
upstreamConn net.Conn upstreamConn net.Conn
req *socks5.Request
bndAddr *socks5.Address
optData []byte
}
req *socks5.Request func NewSocksChain(cfg *socksChainConfig, wg *sync.WaitGroup, dbus *dbusServer) *socksChain {
bndAddr *socks5.Address chain := socksChain{
optData []byte cfg: cfg,
dbus: dbus,
wg: wg,
}
return &chain
} }
// InitSocksListener initializes the SOCKS 5 server and starts // Start initializes the SOCKS 5 server and starts
// accepting connections. // accepting connections.
func InitSocksListener(cfg *SocksChainConfig, wg *sync.WaitGroup) { func (s *socksChain) start() {
ln, err := net.Listen(cfg.ListenSocksNet, cfg.ListenSocksAddr) var err error
s.listener, err = net.Listen(s.cfg.ListenSocksNet, s.cfg.ListenSocksAddr)
if err != nil { if err != nil {
log.Error("ERR/socks: Failed to listen on the socks address: %v", err) log.Error("ERR/socks: Failed to listen on the socks address: %v", err)
os.Exit(1) os.Exit(1)
} }
wg.Add(1) s.wg.Add(1)
go socksAcceptLoop(cfg, ln, wg) go s.socksAcceptLoop()
} }
func socksAcceptLoop(cfg *SocksChainConfig, ln net.Listener, wg *sync.WaitGroup) error { func (s *socksChain) socksAcceptLoop() error {
defer wg.Done() defer s.wg.Done()
defer ln.Close() defer s.listener.Close()
for { for {
conn, err := ln.Accept() conn, err := s.listener.Accept()
if err != nil { if err != nil {
if e, ok := err.(net.Error); ok && !e.Temporary() { if e, ok := err.(net.Error); ok && !e.Temporary() {
log.Info("ERR/socks: Failed to Accept(): %v", err) log.Info("ERR/socks: Failed to Accept(): %v", err)
@ -53,55 +68,55 @@ func socksAcceptLoop(cfg *SocksChainConfig, ln net.Listener, wg *sync.WaitGroup)
} }
continue continue
} }
s := &session{cfg: cfg, clientConn: conn} session := &socksChainSession{cfg: s.cfg, clientConn: conn}
go s.sessionWorker() go session.sessionWorker()
} }
} }
func (s *session) sessionWorker() { func (c *socksChainSession) sessionWorker() {
defer s.clientConn.Close() defer c.clientConn.Close()
clientAddr := s.clientConn.RemoteAddr() clientAddr := c.clientConn.RemoteAddr()
log.Info("INFO/socks: New connection from: %v", clientAddr) log.Info("INFO/socks: New connection from: %v", clientAddr)
// Do the SOCKS handshake with the client, and read the command. // Do the SOCKS handshake with the client, and read the command.
var err error var err error
if s.req, err = socks5.Handshake(s.clientConn); err != nil { if c.req, err = socks5.Handshake(c.clientConn); err != nil {
log.Info("ERR/socks: Failed SOCKS5 handshake: %v", err) log.Info("ERR/socks: Failed SOCKS5 handshake: %v", err)
return return
} }
switch s.req.Cmd { switch c.req.Cmd {
case socks5.CommandTorResolve, socks5.CommandTorResolvePTR: case socks5.CommandTorResolve, socks5.CommandTorResolvePTR:
err = s.dispatchTorSOCKS() err = c.dispatchTorSOCKS()
// If we reach here, the request has been dispatched and completed. // If we reach here, the request has been dispatched and completed.
if err == nil { if err == nil {
// Successfully even, send the response back with the address. // Successfully even, send the response back with the addresc.
s.req.ReplyAddr(socks5.ReplySucceeded, s.bndAddr) c.req.ReplyAddr(socks5.ReplySucceeded, c.bndAddr)
} }
return return
case socks5.CommandConnect: case socks5.CommandConnect:
default: default:
// Should *NEVER* happen, validated as part of handshake. // Should *NEVER* happen, validated as part of handshake.
log.Info("BUG/socks: Unsupported SOCKS command: 0x%02x", s.req.Cmd) log.Info("BUG/socks: Unsupported SOCKS command: 0x%02x", c.req.Cmd)
s.req.Reply(socks5.ReplyCommandNotSupported) c.req.Reply(socks5.ReplyCommandNotSupported)
return return
} }
err = s.dispatchTorSOCKS() err = c.dispatchTorSOCKS()
if err != nil { if err != nil {
return return
} }
s.req.Reply(socks5.ReplySucceeded) c.req.Reply(socks5.ReplySucceeded)
defer s.upstreamConn.Close() defer c.upstreamConn.Close()
if s.optData != nil { if c.optData != nil {
if _, err = s.upstreamConn.Write(s.optData); err != nil { if _, err = c.upstreamConn.Write(c.optData); err != nil {
log.Info("ERR/socks: Failed writing OptData: %v", err) log.Info("ERR/socks: Failed writing OptData: %v", err)
return return
} }
s.optData = nil c.optData = nil
} }
// A upstream connection has been established, push data back and forth // A upstream connection has been established, push data back and forth
@ -115,17 +130,17 @@ func (s *session) sessionWorker() {
io.Copy(dst, src) io.Copy(dst, src)
} }
go copyLoop(s.upstreamConn, s.clientConn) go copyLoop(c.upstreamConn, c.clientConn)
go copyLoop(s.clientConn, s.upstreamConn) go copyLoop(c.clientConn, c.upstreamConn)
wg.Wait() wg.Wait()
log.Info("INFO/socks: Closed SOCKS connection from: %v", clientAddr) log.Info("INFO/socks: Closed SOCKS connection from: %v", clientAddr)
} }
func (s *session) dispatchTorSOCKS() (err error) { func (c *socksChainSession) dispatchTorSOCKS() (err error) {
s.upstreamConn, s.bndAddr, err = socks5.Redispatch(s.cfg.TargetSocksNet, s.cfg.TargetSocksAddr, s.req) c.upstreamConn, c.bndAddr, err = socks5.Redispatch(c.cfg.TargetSocksNet, c.cfg.TargetSocksAddr, c.req)
if err != nil { if err != nil {
s.req.Reply(socks5.ErrorToReplyCode(err)) c.req.Reply(socks5.ErrorToReplyCode(err))
} }
return return
} }

@ -259,14 +259,16 @@ func TestSocksServerProxyChain(t *testing.T) {
defer socksService.Stop() defer socksService.Stop()
// setup the SOCKS proxy chain // setup the SOCKS proxy chain
socksConfig := SocksChainConfig{ socksConfig := socksChainConfig{
TargetSocksNet: socksServerNet, TargetSocksNet: socksServerNet,
TargetSocksAddr: socksServerAddr, TargetSocksAddr: socksServerAddr,
ListenSocksNet: socksChainNet, ListenSocksNet: socksChainNet,
ListenSocksAddr: socksChainAddr, ListenSocksAddr: socksChainAddr,
} }
wg := sync.WaitGroup{} wg := sync.WaitGroup{}
InitSocksListener(&socksConfig, &wg) ds := dbusServer{}
chain := NewSocksChain(&socksConfig, &wg, &ds)
chain.start()
// setup the SOCKS client // setup the SOCKS client
auth := proxy.Auth{ auth := proxy.Auth{

Loading…
Cancel
Save