[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [flashproxy/master] Make flashproxy-client a a managed proxy.



commit 2c052b414fe2e820773aeb408dc4ba5e97a04c5c
Author: David Fifield <david@xxxxxxxxxxxxxxx>
Date:   Wed Oct 24 09:42:21 2012 -0700

    Make flashproxy-client a a managed proxy.
    
    Managed mode is the default. Use --external to override it and be an
    external proxy like before.
---
 README                      |   31 +++++++-------
 doc/websocket-transport.txt |    4 +-
 flashproxy-client           |   94 +++++++++++++++++++++++++++++++++++--------
 torrc                       |    3 +-
 4 files changed, 95 insertions(+), 37 deletions(-)

diff --git a/README b/README
index 75252d0..efcec98 100644
--- a/README
+++ b/README
@@ -13,24 +13,20 @@ You must be able to receive TCP connections; unfortunately means that
 you cannot be behind NAT. See the section "Using a public client
 transport plugin" below to try out the system even behind NAT.
 
-1. Run the client transport plugin.
-	$ flashproxy-client --register
-   By default the transport plugin listens on Internet-facing TCP port
-   9000. If you have to use a different port (to get through a firewall,
-   for example), give it on the command lines like this (here using port
-   8888):
-	$ flashproxy-client --register :9001 :8888
-2. Run Tor using the included torrc file.
+Run Tor using the included torrc file:
 	$ tor -f torrc
+By default the transport plugin listens on Internet-facing TCP port
+9000. If you have to use a different port (to get through a firewall,
+for example), edit the ClientTransportPlugin line of the torrc to give a
+different port number:
+	ClientTransportPlugin websocket exec ./flashproxy-client --register :0 :8888
+If the flashproxy-client program is in a different directoy (after being
+installed, for example), use the full path in the ClientTransportPlugin
+line:
+	ClientTransportPlugin websocket exec /usr/local/bin/flashproxy-client --register
 
-Watch the output of flashproxy-client and tor. From
-flashproxy-client you are expecting output lines like this:
-	Remote connection from [scrubbed].
-	Local connection from [scrubbed].
-	Linking [scrubbed] and [scrubbed].
-From tor you are looking for:
-	[notice] Tor has successfully opened a circuit. Looks like client functionality is working.
-	[notice] Bootstrapped 100%: Done.
+You should receive a flash proxy connection within about 60 seconds. See
+"Troubleshooting" below if it doesn't work.
 
 
 == Overview
@@ -81,6 +77,9 @@ port forwarding.
 Make sure someone is viewing http://crypto.stanford.edu/flashproxy/, or
 another web page with a flash proxy badge on it.
 
+You can add the --log option to the ClientTransportPlugin command line
+in order to save debugging log messages.
+
 If tor hangs at 10% with these messages:
 	[notice] Bootstrapped 10%: Finishing handshake with directory server.
 	[notice] no known bridge descriptors running yet; stalling
diff --git a/doc/websocket-transport.txt b/doc/websocket-transport.txt
index 78e3297..94d4060 100644
--- a/doc/websocket-transport.txt
+++ b/doc/websocket-transport.txt
@@ -54,10 +54,10 @@ Method name
   respectively:
 
 UseBridges 1
-ClientTransportPlugin websocket exec /usr/libexec/tor-websocket-proxy --client --managed
+ClientTransportPlugin websocket exec /usr/libexec/tor-websocket-proxy --client
 Bridge websocket 198.51.100.1
 
-ServerTransportPlugin websocket exec /usr/libexec/tor-websocket-proxy --server --managed
+ServerTransportPlugin websocket exec /usr/libexec/tor-websocket-proxy --server
 
 The base64 subprotocol
 
diff --git a/flashproxy-client b/flashproxy-client
index 6c92c91..fb4b4f7 100755
--- a/flashproxy-client
+++ b/flashproxy-client
@@ -31,7 +31,10 @@ try:
 except ImportError:
     numpy = None
 
-DEFAULT_LOCAL_PORT = 9001
+# Default local port in managed mode (choose one arbitrarily).
+DEFAULT_LOCAL_PORT_MANAGED = 0
+# Default local port in external mode.
+DEFAULT_LOCAL_PORT_EXTERNAL = 9001
 DEFAULT_REMOTE_PORT = 9000
 DEFAULT_REGISTER_METHODS = ["email", "http"]
 
@@ -43,6 +46,8 @@ class options(object):
     register_addr = None
     facilitator_url = None
 
+    managed = True
+
     log_filename = None
     log_file = sys.stdout
     daemonize = False
@@ -67,6 +72,14 @@ The local connection acts as a SOCKS4a proxy, but the host and port in the SOCKS
 request are ignored and the local connection is always linked to a remote
 connection.
 
+By default, runs as a managed proxy: informs a parent Tor project of support for
+the "websocket" pluggable transport. In managed mode, the LOCAL port is chosen
+arbitrarily instead of defaulting to %(local_port)d; however this can be
+overridden by including a LOCAL port in the command. This is the way the
+program should be invoked in a torrc ClientTransportPlugin "exec" line.
+Use the --external option to run as an external proxy that does not
+interact with Tor.
+
 If any of the --register, --register-addr, or --register-methods options are
 used, then your IP address will be sent to the facilitator so that proxies can
 connect to you. You need to register in some way in order to get any service.
@@ -74,6 +87,8 @@ The --facilitator option allows controlling which facilitator is used; if
 omitted, it uses a public default.
 
       --daemon              daemonize (Unix only).
+      --external            be an external proxy (don't interact with Tor using
+                              environment variables and stdout).
   -f, --facilitator=URL     advertise willingness to receive connections to URL.
   -h, --help                show this help.
   -l, --log FILENAME        write log to FILENAME (default stdout).
@@ -89,7 +104,7 @@ omitted, it uses a public default.
       --unsafe-logging      don't scrub IP addresses from logs.\
 """ % {
     "progname": sys.argv[0],
-    "local_port": DEFAULT_LOCAL_PORT,
+    "local_port": DEFAULT_LOCAL_PORT_EXTERNAL,
     "remote_port": DEFAULT_REMOTE_PORT,
     "reg_methods": ",".join(DEFAULT_REGISTER_METHODS),
 }
@@ -961,6 +976,34 @@ def pt_smethoderror(msg):
     pt_line("SMETHOD-ERROR", msg)
     sys.exit(1)
 
+def pt_get_client_transports(known):
+    result = []
+    if os.environ.get("TOR_PT_CLIENT_TRANSPORTS") == "*":
+        return known
+    for method in os.environ.get("TOR_PT_CLIENT_TRANSPORTS", "").split(","):
+        if method in known:
+            result.append(method)
+    return result
+
+def pt_setup_managed():
+    for ver in os.environ.get("TOR_PT_MANAGED_TRANSPORT_VER", "").split(","):
+        if ver == "1":
+            pt_line("VERSION", ver)
+            break
+    else:
+        pt_versionerror("no-version")
+
+    client_transports = pt_get_client_transports(["websocket"])
+    if not client_transports:
+        pt_line("CMETHODS", "DONE")
+        sys.exit(1)
+
+def pt_cmethod(method_name, addr):
+	pt_line("CMETHOD", method_name, "socks4", format_sockaddr(addr))
+
+def pt_cmethods_done():
+	pt_line("CMETHODS", "DONE")
+
 def main():
     global remote_listen, local_listen
     global locals, remotes
@@ -970,10 +1013,12 @@ def main():
     register_addr_spec = None
     register_methods = []
 
-    opts, args = getopt.gnu_getopt(sys.argv[1:], "f:hl:r", ["daemon", "facilitator=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "unsafe-logging"])
+    opts, args = getopt.gnu_getopt(sys.argv[1:], "f:hl:r", ["daemon", "external", "facilitator=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "unsafe-logging"])
     for o, a in opts:
         if o == "--daemon":
             options.daemonize = True
+        elif o == "--external":
+            options.managed = False
         elif o == "-f" or o == "--facilitator":
             options.facilitator_url = a
         elif o == "-h" or o == "--help":
@@ -1002,17 +1047,26 @@ def main():
         # Send error tracebacks to the log.
         sys.stderr = options.log_file
     else:
-        options.log_file = sys.stdout
+        options.log_file = sys.stderr
+
+    if options.managed:
+        pt_setup_managed()
+
+    if options.managed:
+        default_local_port = DEFAULT_LOCAL_PORT_MANAGED
+    else:
+        default_local_port = DEFAULT_LOCAL_PORT_EXTERNAL
+    default_remote_port = DEFAULT_REMOTE_PORT
 
     if len(args) == 0:
-        local_addr = (None, DEFAULT_LOCAL_PORT)
-        remote_addr = (None, DEFAULT_REMOTE_PORT)
+        local_addr = (None, default_local_port)
+        remote_addr = (None, default_remote_port)
     elif len(args) == 1:
-        local_addr = parse_addr_spec(args[0], defport=DEFAULT_LOCAL_PORT)
-        remote_addr = (None, DEFAULT_REMOTE_PORT)
+        local_addr = parse_addr_spec(args[0], defport=default_local_port)
+        remote_addr = (None, default_remote_port)
     elif len(args) == 2:
-        local_addr = parse_addr_spec(args[0], defport=DEFAULT_LOCAL_PORT)
-        remote_addr = parse_addr_spec(args[1], defport=DEFAULT_REMOTE_PORT)
+        local_addr = parse_addr_spec(args[0], defport=default_local_port)
+        remote_addr = parse_addr_spec(args[1], defport=default_remote_port)
     else:
         usage(sys.stderr)
         sys.exit(1)
@@ -1037,16 +1091,22 @@ def main():
     for method in register_methods:
         options.register_commands.append(build_register_command(method))
 
-    # Local sockets, accepting SOCKS requests from localhost
-    local_listen = []
-    for addr in options.local_addrs:
-        local_listen.append(listen_socket(addr))
-        log(u"Listening local on %s." % format_addr(addr))
     # Remote sockets, accepting remote WebSocket connections from proxies.
     remote_listen = []
     for addr in options.remote_addrs:
-        remote_listen.append(listen_socket(addr))
-        log(u"Listening remote on %s." % format_addr(addr))
+        listen = listen_socket(addr)
+        remote_listen.append(listen)
+        log(u"Listening remote on %s." % format_sockaddr(listen.getsockname()))
+    # Local sockets, accepting SOCKS requests from localhost
+    local_listen = []
+    for addr in options.local_addrs:
+        listen = listen_socket(addr)
+        local_listen.append(listen)
+        log(u"Listening local on %s." % format_sockaddr(listen.getsockname()))
+        if options.managed:
+            pt_cmethod("websocket", listen.getsockname())
+    if options.managed:
+        pt_cmethods_done()
 
     # New remote sockets waiting to finish their WebSocket negotiation.
     websocket_pending = []
diff --git a/torrc b/torrc
index 4ee54e1..c5e40d2 100644
--- a/torrc
+++ b/torrc
@@ -1,9 +1,8 @@
 ## Configuration file for Tor over flash proxies.
 ## Usage:
-##   flashproxy-client --register
 ##   tor -f torrc
 
-ClientTransportPlugin websocket socks4 127.0.0.1:9001
+ClientTransportPlugin websocket exec ./flashproxy-client --register
 UseBridges 1
 # The address and port are ignored by the client transport plugin.
 Bridge websocket 0.0.1.0:1



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits