echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reseed: Add SOCKS proxy support (ticket #1130)

Browse Source
This commit is contained in:
zzz
2017-11-17 23:46:45 +00:00
parent d5cc1d83f3
commit 33aac1b125
8 changed files with 172 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
apps/routerconsole/java/src/net/i2p/router/web/ConfigReseedHandler.java
View File

@ -153,7 +153,10 @@ public class ConfigReseedHandler extends FormHandler {
changes.put(Reseeder.PROP_SSL_DISABLE, changes.put(Reseeder.PROP_SSL_DISABLE,
Boolean.toString(disabled)); Boolean.toString(disabled));
saveBoolean(Reseeder.PROP_PROXY_ENABLE, "enable"); saveBoolean(Reseeder.PROP_PROXY_ENABLE, "enable");
saveBoolean(Reseeder.PROP_SPROXY_ENABLE, "senable"); String pmode = getJettyString("pmode");
boolean senable = pmode != null && pmode.length() > 0;
changes.put(Reseeder.PROP_SPROXY_ENABLE, Boolean.toString(senable));
saveString(Reseeder.PROP_SPROXY_TYPE, "pmode");
if (_context.router().saveConfig(changes, removes)) if (_context.router().saveConfig(changes, removes))
addFormNotice(_t("Configuration saved successfully.")); addFormNotice(_t("Configuration saved successfully."));
else else

14
apps/routerconsole/java/src/net/i2p/router/web/ConfigReseedHelper.java
View File

@ -60,6 +60,18 @@ public class ConfigReseedHelper extends HelperBase {
return ""; return "";
} }
/** @since 0.9.33 */
public String pmodeChecked(int mode) {
String c = _context.getProperty(Reseeder.PROP_SPROXY_TYPE, "HTTP");
boolean disabled = !_context.getBooleanProperty(Reseeder.PROP_SPROXY_ENABLE);
if ((mode == 0 && disabled) ||
(mode == 1 && !disabled && c.equals("HTTP")) ||
(mode == 2 && !disabled && c.equals("SOCKS4")) ||
(mode == 3 && !disabled && c.equals("SOCKS5")))
return CHECKED;
return "";
}
public String getEnable() { public String getEnable() {
return getChecked(Reseeder.PROP_PROXY_ENABLE); return getChecked(Reseeder.PROP_PROXY_ENABLE);
} }
@ -69,9 +81,11 @@ public class ConfigReseedHelper extends HelperBase {
return getChecked(Reseeder.PROP_PROXY_AUTH_ENABLE); return getChecked(Reseeder.PROP_PROXY_AUTH_ENABLE);
} }
/****
public String getSenable() { public String getSenable() {
return getChecked(Reseeder.PROP_SPROXY_ENABLE); return getChecked(Reseeder.PROP_SPROXY_ENABLE);
} }
****/
/** @since 0.8.9 */ /** @since 0.8.9 */
public String getSauth() { public String getSauth() {

43
apps/routerconsole/jsp/configreseed.jsp
View File

@ -108,6 +108,31 @@
<div class="formaction" id="resetreseed"><input type="submit" name="action" class="reload" value="<%=intl._t("Reset URL list")%>" /></div> <div class="formaction" id="resetreseed"><input type="submit" name="action" class="reload" value="<%=intl._t("Reset URL list")%>" /></div>
</td></tr> </td></tr>
<% if (reseedHelper.shouldShowHTTPSProxy()) { %>
<tr><td align="right"><b><%=intl._t("Reseed Proxy Type")%>:</b></td>
<td><label><input type="radio" class="optbox" name="pmode" value="" <%=reseedHelper.pmodeChecked(0) %> >
<%=intl._t("None")%></label><br>
<label><input type="radio" class="optbox" name="pmode" value="HTTP" <%=reseedHelper.pmodeChecked(1) %> >
<%=intl._t("HTTPS")%></label><br>
<label><input type="radio" class="optbox" name="pmode" value="SOCKS4" <%=reseedHelper.pmodeChecked(2) %> >
<%=intl._t("SOCKS 4/4a")%></label><br>
<label><input type="radio" class="optbox" name="pmode" value="SOCKS5" <%=reseedHelper.pmodeChecked(3) %> >
<%=intl._t("SOCKS 5")%></label></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Host")%>:</b></td>
<td><input name="shost" type="text" value="<jsp:getProperty name="reseedHelper" property="shost" />" ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Port")%>:</b></td>
<td><input name="sport" type="text" size="5" maxlength="5" value="<jsp:getProperty name="reseedHelper" property="sport" />" ></td></tr>
<!-- not fully implemented, not necessary?
<tr><td align="right"><b><%=intl._t("Use HTTPS Proxy Authorization?")%></b></td>
<td><input type="checkbox" class="optbox" name="sauth" value="true" <jsp:getProperty name="reseedHelper" property="sauth" /> ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Username")%>:</b></td>
<td><input name="susername" type="text" value="<jsp:getProperty name="reseedHelper" property="susername" />" ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Password")%>:</b></td>
<td><input name="nofilter_spassword" type="password" value="<jsp:getProperty name="reseedHelper" property="nofilter_spassword" />" ></td></tr>
-->
<% } // shouldShowHTTPSProxy %>
<% if (reseedHelper.shouldShowHTTPProxy()) { %> <% if (reseedHelper.shouldShowHTTPProxy()) { %>
<tr><td align="right"><label for="enableproxy"><b><%=intl._t("Enable HTTP Proxy?")%></b></label></td> <tr><td align="right"><label for="enableproxy"><b><%=intl._t("Enable HTTP Proxy?")%></b></label></td>
<td><input type="checkbox" class="optbox" name="enable" id="enableproxy" value="true" <jsp:getProperty name="reseedHelper" property="enable" /> ></td></tr> <td><input type="checkbox" class="optbox" name="enable" id="enableproxy" value="true" <jsp:getProperty name="reseedHelper" property="enable" /> ></td></tr>
@ -124,24 +149,6 @@
<td><input name="nofilter_password" type="password" value="<jsp:getProperty name="reseedHelper" property="nofilter_password" />" ></td></tr> <td><input name="nofilter_password" type="password" value="<jsp:getProperty name="reseedHelper" property="nofilter_password" />" ></td></tr>
<% } // shouldShowHTTPProxy %> <% } // shouldShowHTTPProxy %>
<% if (reseedHelper.shouldShowHTTPSProxy()) { %>
<tr><td align="right"><b><%=intl._t("Enable HTTPS Proxy?")%></b></td>
<td><input type="checkbox" class="optbox" name="senable" value="true" <jsp:getProperty name="reseedHelper" property="senable" /> ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Host")%>:</b></td>
<td><input name="shost" type="text" value="<jsp:getProperty name="reseedHelper" property="shost" />" ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Port")%>:</b></td>
<td><input name="sport" type="text" size="5" maxlength="5" value="<jsp:getProperty name="reseedHelper" property="sport" />" ></td></tr>
<!-- not fully implemented, not necessary?
<tr><td align="right"><b><%=intl._t("Use HTTPS Proxy Authorization?")%></b></td>
<td><input type="checkbox" class="optbox" name="sauth" value="true" <jsp:getProperty name="reseedHelper" property="sauth" /> ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Username")%>:</b></td>
<td><input name="susername" type="text" value="<jsp:getProperty name="reseedHelper" property="susername" />" ></td></tr>
<tr><td align="right"><b><%=intl._t("HTTPS Proxy Password")%>:</b></td>
<td><input name="nofilter_spassword" type="password" value="<jsp:getProperty name="reseedHelper" property="nofilter_spassword" />" ></td></tr>
-->
<% } // shouldShowHTTPSProxy %>
<tr> <tr>
<td class="optionsave" colspan="2"> <td class="optionsave" colspan="2">
<input type="submit" class="cancel" name="foo" value="<%=intl._t("Cancel")%>" /> <input type="submit" class="cancel" name="foo" value="<%=intl._t("Cancel")%>" />

6
core/java/src/net/i2p/util/EepGet.java
View File

@ -1737,6 +1737,12 @@ public class EepGet {
rv.put("response", '"' + PasswordManager.md5Hex(kd) + '"'); rv.put("response", '"' + PasswordManager.md5Hex(kd) + '"');
return rv; return rv;
} }
/** @since 0.9.33 */
public String getUsername() { return username; }
/** @since 0.9.33 */
public String getPassword() { return password; }
} }
/** /**

113
core/java/src/net/i2p/util/SSLEepGet.java
View File

@ -71,6 +71,8 @@ import net.i2p.I2PAppContext;
import net.i2p.crypto.CertUtil; import net.i2p.crypto.CertUtil;
import net.i2p.crypto.KeyStoreUtil; import net.i2p.crypto.KeyStoreUtil;
import net.i2p.data.DataHelper; import net.i2p.data.DataHelper;
import net.i2p.socks.SOCKS4Client;
import net.i2p.socks.SOCKS5Client;
/** /**
* HTTPS only, no retries, no min and max size options, no timeout option * HTTPS only, no retries, no min and max size options, no timeout option
@ -104,7 +106,7 @@ public class SSLEepGet extends EepGet {
* Not all may be supported. * Not all may be supported.
* @since 0.9.33 * @since 0.9.33
*/ */
public enum ProxyType { NONE, HTTP, HTTPS, INTERNAL, SOCKS4, SOCKS5 } public enum ProxyType { NONE, HTTP, HTTPS, INTERNAL, SOCKS4, SOCKS5, TRANSPARENT }
/** /**
@ -244,9 +246,10 @@ public class SSLEepGet extends EepGet {
int saveCerts = 0; int saveCerts = 0;
boolean noVerify = false; boolean noVerify = false;
String proxyHost = "127.0.0.1"; String proxyHost = "127.0.0.1";
int proxyPort = 80; int proxyPort = 0;
ProxyType ptype = ProxyType.HTTP;
boolean error = false; boolean error = false;
Getopt g = new Getopt("ssleepget", args, "p:sz"); Getopt g = new Getopt("ssleepget", args, "p:y:sz");
try { try {
int c; int c;
while ((c = g.getopt()) != -1) { while ((c = g.getopt()) != -1) {
@ -265,6 +268,19 @@ public class SSLEepGet extends EepGet {
} }
break; break;
case 'y':
String y = g.getOptarg().toUpperCase(Locale.US);
if (y.equals("HTTP") || y.equals("HTTPS")) {
// already set
} else if (y.equals("SOCKS4")) {
ptype = ProxyType.SOCKS4;
} else if (y.equals("SOCKS5")) {
ptype = ProxyType.SOCKS5;
} else {
error = true;
}
break;
case 's': case 's':
saveCerts++; saveCerts++;
break; break;
@ -294,10 +310,17 @@ public class SSLEepGet extends EepGet {
String saveAs = suggestName(url); String saveAs = suggestName(url);
SSLEepGet get; SSLEepGet get;
if (proxyHost != null) if (proxyHost != null) {
get = new SSLEepGet(I2PAppContext.getGlobalContext(), ProxyType.HTTP, proxyHost, proxyPort, saveAs, url); if (proxyPort == 0) {
else if (ptype == ProxyType.HTTP)
proxyPort = 8080;
else
proxyPort = 1080;
}
get = new SSLEepGet(I2PAppContext.getGlobalContext(), ptype, proxyHost, proxyPort, saveAs, url);
} else {
get = new SSLEepGet(I2PAppContext.getGlobalContext(), saveAs, url); get = new SSLEepGet(I2PAppContext.getGlobalContext(), saveAs, url);
}
if (saveCerts > 0) if (saveCerts > 0)
get._saveCerts = saveCerts; get._saveCerts = saveCerts;
if (noVerify) if (noVerify)
@ -309,8 +332,9 @@ public class SSLEepGet extends EepGet {
} }
private static void usage() { private static void usage() {
System.err.println("Usage: SSLEepGet [-psz] https://url\n" + System.err.println("Usage: SSLEepGet [-psyz] https://url\n" +
" -p proxyHost[:proxyPort] // default port 80\n" + " -p proxyHost[:proxyPort] // default port 8080 for HTTPS and 1080 for SOCKS\n" +
" -y HTTPS|SOCKS4|SOCKS5 // proxy type, default HTTPS if proxyHost is set\n" +
" -s save unknown certs\n" + " -s save unknown certs\n" +
" -s -s save all certs\n" + " -s -s save all certs\n" +
" -z bypass hostname verification"); " -z bypass hostname verification");
@ -667,9 +691,35 @@ public class SSLEepGet extends EepGet {
port = 443; port = 443;
if (_shouldProxy) { if (_shouldProxy) {
if (_proxyType != ProxyType.HTTP) if (_log.shouldLog(Log.DEBUG))
_log.debug("Connecting to " + _proxyType + " proxy");
switch (_proxyType) {
case HTTP:
httpProxyConnect(host, port);
break;
case SOCKS4:
socksProxyConnect(false, host, port);
break;
case SOCKS5:
socksProxyConnect(true, host, port);
break;
case HTTPS:
case INTERNAL:
case TRANSPARENT:
default:
throw new IOException("Unsupported proxy type " + _proxyType); throw new IOException("Unsupported proxy type " + _proxyType);
httpProxyConnect(host, port); }
// wrap the socket in an SSLSocket
if (_sslContext != null)
_proxy = _sslContext.getSocketFactory().createSocket(_proxy, host, port, true);
else
_proxy = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(_proxy, host, port, true);
if (_log.shouldLog(Log.DEBUG))
_log.debug(_proxyType + " proxy headers read completely");
} else { } else {
// Warning, createSocket() followed by connect(InetSocketAddress) // Warning, createSocket() followed by connect(InetSocketAddress)
// disables SNI, at least on Java 7. // disables SNI, at least on Java 7.
@ -735,9 +785,12 @@ public class SSLEepGet extends EepGet {
/** /**
* Connect to a HTTP proxy. * Connect to a HTTP proxy.
* Proxy address must be in _proxyHost and _proxyPort.
* Side effects: Sets _proxy, _proxyIn, _proxyOut, * Side effects: Sets _proxy, _proxyIn, _proxyOut,
* and other globals via readHeaders() * and other globals via readHeaders()
* *
* @param host what the proxy should connect to
* @param port what the proxy should connect to
* @since 0.9.33 * @since 0.9.33
*/ */
private void httpProxyConnect(String host, int port) throws IOException { private void httpProxyConnect(String host, int port) throws IOException {
@ -777,20 +830,44 @@ public class SSLEepGet extends EepGet {
throw new IOException("Timed out reading the proxy headers"); throw new IOException("Timed out reading the proxy headers");
if (_responseCode == 407) { if (_responseCode == 407) {
// TODO // TODO
throw new IOException("Proxy auth unsupported"); throw new IOException("Authorization unsupported on HTTP Proxy");
} else if (_responseCode != 200) { } else if (_responseCode != 200) {
// readHeaders() will throw on most errors, but here we ensure it is 200 // readHeaders() will throw on most errors, but here we ensure it is 200
throw new IOException("Invalid proxy response: " + _responseCode + ' ' + _responseText); throw new IOException("Invalid proxy response: " + _responseCode + ' ' + _responseText);
} }
if (_redirectLocation != null) if (_redirectLocation != null)
throw new IOException("Proxy redirect not allowed"); throw new IOException("Proxy redirect not allowed");
if (_log.shouldLog(Log.DEBUG)) }
_log.debug("proxy headers read completely");
// wrap the socket in an SSLSocket /**
if (_sslContext != null) * Connect to a SOCKS proxy.
_proxy = _sslContext.getSocketFactory().createSocket(_proxy, host, port, true); * Proxy address must be in _proxyHost and _proxyPort.
else * Side effects: Sets _proxy, _proxyIn, _proxyOut,
_proxy = ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(_proxy, host, port, true); * and other globals via readHeaders()
*
* @param host what the proxy should connect to
* @param port what the proxy should connect to
* @since 0.9.33
*/
private void socksProxyConnect(boolean isSocks5, String host, int port) throws IOException {
if (_fetchHeaderTimeout > 0) {
_proxy = new Socket();
_proxy.setSoTimeout(_fetchHeaderTimeout);
_proxy.connect(new InetSocketAddress(_proxyHost, _proxyPort), _fetchHeaderTimeout);
} else {
_proxy = new Socket(_proxyHost, _proxyPort);
}
if (_authState != null) {
if (!isSocks5)
throw new IOException("Authorization unsupported on SOCKS 4");
SOCKS5Client.connect(_proxy, host, port, _authState.getUsername(), _authState.getPassword());
} else {
if (isSocks5)
SOCKS5Client.connect(_proxy, host, port);
else
SOCKS4Client.connect(_proxy, host, port);
}
_proxyIn = _proxy.getInputStream();
_proxyOut = _proxy.getOutputStream();
} }
} }

7
history.txt
View File

@ -1,5 +1,10 @@
2017-11-16 zzz 2017-11-18 zzz
* Reseed: Add SOCKS proxy support (ticket #1130)
2017-11-17 zzz
* Addressbook: Fix adding alternates after importing an empty book (ticket #2072)
* Reseed: Add HTTPS proxy support (ticket #423) * Reseed: Add HTTPS proxy support (ticket #423)
* SOCKS: Move code from i2ptunnel to core, in prep for SSLEepGet use (ticket #1130)
2017-11-16 zzz 2017-11-16 zzz
* Console: Hide Reseed HTTP proxy options if no HTTP URLs (ticket #2007) * Console: Hide Reseed HTTP proxy options if no HTTP URLs (ticket #2007)

2
router/java/src/net/i2p/router/RouterVersion.java
View File

@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */ /** deprecated */
public final static String ID = "Monotone"; public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION; public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 3; public final static long BUILD = 4;
/** for example "-test" */ /** for example "-test" */
public final static String EXTRA = ""; public final static String EXTRA = "";

25
router/java/src/net/i2p/router/networkdb/reseed/Reseeder.java
View File

@ -145,6 +145,8 @@ public class Reseeder {
public static final String PROP_SPROXY_USERNAME = "router.reseedSSLProxy.username"; public static final String PROP_SPROXY_USERNAME = "router.reseedSSLProxy.username";
public static final String PROP_SPROXY_PASSWORD = "router.reseedSSLProxy.password"; public static final String PROP_SPROXY_PASSWORD = "router.reseedSSLProxy.password";
public static final String PROP_SPROXY_AUTH_ENABLE = "router.reseedSSLProxy.authEnable"; public static final String PROP_SPROXY_AUTH_ENABLE = "router.reseedSSLProxy.authEnable";
/** @since 0.9.33 */
public static final String PROP_SPROXY_TYPE = "router.reseedSSLProxyType";
/** @since 0.9 */ /** @since 0.9 */
public static final String PROP_DISABLE = "router.reseedDisable"; public static final String PROP_DISABLE = "router.reseedDisable";
@ -921,10 +923,11 @@ public class Reseeder {
boolean ssl = url.toString().startsWith("https"); boolean ssl = url.toString().startsWith("https");
if (ssl) { if (ssl) {
boolean shouldProxy = _sproxyHost != null && _sproxyHost.length() > 0 && _sproxyPort > 0; boolean shouldProxy = _sproxyHost != null && _sproxyHost.length() > 0 && _sproxyPort > 0;
SSLEepGet.ProxyType ptype = getProxyType();
SSLEepGet sslget; SSLEepGet sslget;
if (_sslState == null) { if (_sslState == null) {
if (shouldProxy) if (shouldProxy)
sslget = new SSLEepGet(_context, SSLEepGet.ProxyType.HTTP, _sproxyHost, _sproxyPort, sslget = new SSLEepGet(_context, ptype, _sproxyHost, _sproxyPort,
baos, url.toString()); baos, url.toString());
else else
sslget = new SSLEepGet(_context, baos, url.toString()); sslget = new SSLEepGet(_context, baos, url.toString());
@ -932,7 +935,7 @@ public class Reseeder {
_sslState = sslget.getSSLState(); _sslState = sslget.getSSLState();
} else { } else {
if (shouldProxy) if (shouldProxy)
sslget = new SSLEepGet(_context, SSLEepGet.ProxyType.HTTP, _sproxyHost, _sproxyPort, sslget = new SSLEepGet(_context, ptype, _sproxyHost, _sproxyPort,
baos, url.toString(), _sslState); baos, url.toString(), _sslState);
else else
sslget = new SSLEepGet(_context, baos, url.toString(), _sslState); sslget = new SSLEepGet(_context, baos, url.toString(), _sslState);
@ -980,10 +983,11 @@ public class Reseeder {
boolean ssl = url.toString().startsWith("https"); boolean ssl = url.toString().startsWith("https");
if (ssl) { if (ssl) {
boolean shouldProxy = _sproxyHost != null && _sproxyHost.length() > 0 && _sproxyPort > 0; boolean shouldProxy = _sproxyHost != null && _sproxyHost.length() > 0 && _sproxyPort > 0;
SSLEepGet.ProxyType ptype = getProxyType();
SSLEepGet sslget; SSLEepGet sslget;
if (_sslState == null) { if (_sslState == null) {
if (shouldProxy) if (shouldProxy)
sslget = new SSLEepGet(_context, SSLEepGet.ProxyType.HTTP, _sproxyHost, _sproxyPort, sslget = new SSLEepGet(_context, ptype, _sproxyHost, _sproxyPort,
out.getPath(), url.toString()); out.getPath(), url.toString());
else else
sslget = new SSLEepGet(_context, out.getPath(), url.toString()); sslget = new SSLEepGet(_context, out.getPath(), url.toString());
@ -991,7 +995,7 @@ public class Reseeder {
_sslState = sslget.getSSLState(); _sslState = sslget.getSSLState();
} else { } else {
if (shouldProxy) if (shouldProxy)
sslget = new SSLEepGet(_context, SSLEepGet.ProxyType.HTTP, _sproxyHost, _sproxyPort, sslget = new SSLEepGet(_context, ptype, _sproxyHost, _sproxyPort,
out.getPath(), url.toString(), _sslState); out.getPath(), url.toString(), _sslState);
else else
sslget = new SSLEepGet(_context, out.getPath(), url.toString(), _sslState); sslget = new SSLEepGet(_context, out.getPath(), url.toString(), _sslState);
@ -1060,6 +1064,19 @@ public class Reseeder {
return true; return true;
} }
/**
* @throws IOException if unknown, default is HTTP
* @return non-null
* @since 0.9.33
*/
private SSLEepGet.ProxyType getProxyType() throws IOException {
String sptype = _context.getProperty(PROP_SPROXY_TYPE, "HTTP").toUpperCase(Locale.US);
try {
return SSLEepGet.ProxyType.valueOf(sptype);
} catch (IllegalArgumentException iae) {
throw new IOException("Unsupported proxy type " + sptype);
}
}
} }
private static final String BUNDLE_NAME = "net.i2p.router.web.messages"; private static final String BUNDLE_NAME = "net.i2p.router.web.messages";