mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2024-11-25 06:46:09 +03:00
Add option for concurrent transport
Useful only for high-end situations where a single connection is throttled at 10MB/s somehow. Makes traffic obfuscation less secure.
This commit is contained in:
parent
413194a1fa
commit
9313cff51d
@ -55,6 +55,7 @@ NaiveConnection::NaiveConnection(
|
|||||||
const SSLConfig& proxy_ssl_config,
|
const SSLConfig& proxy_ssl_config,
|
||||||
RedirectResolver* resolver,
|
RedirectResolver* resolver,
|
||||||
HttpNetworkSession* session,
|
HttpNetworkSession* session,
|
||||||
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
const NetLogWithSource& net_log,
|
const NetLogWithSource& net_log,
|
||||||
std::unique_ptr<StreamSocket> accepted_socket,
|
std::unique_ptr<StreamSocket> accepted_socket,
|
||||||
const NetworkTrafficAnnotationTag& traffic_annotation)
|
const NetworkTrafficAnnotationTag& traffic_annotation)
|
||||||
@ -66,6 +67,7 @@ NaiveConnection::NaiveConnection(
|
|||||||
proxy_ssl_config_(proxy_ssl_config),
|
proxy_ssl_config_(proxy_ssl_config),
|
||||||
resolver_(resolver),
|
resolver_(resolver),
|
||||||
session_(session),
|
session_(session),
|
||||||
|
network_isolation_key_(network_isolation_key),
|
||||||
net_log_(net_log),
|
net_log_(net_log),
|
||||||
next_state_(STATE_NONE),
|
next_state_(STATE_NONE),
|
||||||
client_socket_(std::move(accepted_socket)),
|
client_socket_(std::move(accepted_socket)),
|
||||||
@ -239,8 +241,9 @@ int NaiveConnection::DoConnectServer() {
|
|||||||
// Ignores socket limit set by socket pool for this type of socket.
|
// Ignores socket limit set by socket pool for this type of socket.
|
||||||
return InitSocketHandleForRawConnect2(
|
return InitSocketHandleForRawConnect2(
|
||||||
origin, session_, LOAD_IGNORE_LIMITS, MAXIMUM_PRIORITY, proxy_info_,
|
origin, session_, LOAD_IGNORE_LIMITS, MAXIMUM_PRIORITY, proxy_info_,
|
||||||
server_ssl_config_, proxy_ssl_config_, PRIVACY_MODE_DISABLED, net_log_,
|
server_ssl_config_, proxy_ssl_config_, PRIVACY_MODE_DISABLED,
|
||||||
server_socket_handle_.get(), io_callback_);
|
network_isolation_key_, net_log_, server_socket_handle_.get(),
|
||||||
|
io_callback_);
|
||||||
}
|
}
|
||||||
|
|
||||||
int NaiveConnection::DoConnectServerComplete(int result) {
|
int NaiveConnection::DoConnectServerComplete(int result) {
|
||||||
|
@ -28,6 +28,7 @@ class StreamSocket;
|
|||||||
struct NetworkTrafficAnnotationTag;
|
struct NetworkTrafficAnnotationTag;
|
||||||
struct SSLConfig;
|
struct SSLConfig;
|
||||||
class RedirectResolver;
|
class RedirectResolver;
|
||||||
|
class NetworkIsolationKey;
|
||||||
|
|
||||||
class NaiveConnection {
|
class NaiveConnection {
|
||||||
public:
|
public:
|
||||||
@ -55,6 +56,7 @@ class NaiveConnection {
|
|||||||
const SSLConfig& proxy_ssl_config,
|
const SSLConfig& proxy_ssl_config,
|
||||||
RedirectResolver* resolver,
|
RedirectResolver* resolver,
|
||||||
HttpNetworkSession* session,
|
HttpNetworkSession* session,
|
||||||
|
const NetworkIsolationKey& network_isolation_key,
|
||||||
const NetLogWithSource& net_log,
|
const NetLogWithSource& net_log,
|
||||||
std::unique_ptr<StreamSocket> accepted_socket,
|
std::unique_ptr<StreamSocket> accepted_socket,
|
||||||
const NetworkTrafficAnnotationTag& traffic_annotation);
|
const NetworkTrafficAnnotationTag& traffic_annotation);
|
||||||
@ -107,6 +109,7 @@ class NaiveConnection {
|
|||||||
const SSLConfig& proxy_ssl_config_;
|
const SSLConfig& proxy_ssl_config_;
|
||||||
RedirectResolver* resolver_;
|
RedirectResolver* resolver_;
|
||||||
HttpNetworkSession* session_;
|
HttpNetworkSession* session_;
|
||||||
|
const NetworkIsolationKey& network_isolation_key_;
|
||||||
const NetLogWithSource& net_log_;
|
const NetLogWithSource& net_log_;
|
||||||
|
|
||||||
CompletionRepeatingCallback io_callback_;
|
CompletionRepeatingCallback io_callback_;
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
|
|
||||||
#include "net/tools/naive/naive_proxy.h"
|
#include "net/tools/naive/naive_proxy.h"
|
||||||
|
|
||||||
|
#include <algorithm>
|
||||||
#include <utility>
|
#include <utility>
|
||||||
|
|
||||||
#include "base/bind.h"
|
#include "base/bind.h"
|
||||||
@ -28,12 +29,14 @@ namespace net {
|
|||||||
NaiveProxy::NaiveProxy(std::unique_ptr<ServerSocket> listen_socket,
|
NaiveProxy::NaiveProxy(std::unique_ptr<ServerSocket> listen_socket,
|
||||||
NaiveConnection::Protocol protocol,
|
NaiveConnection::Protocol protocol,
|
||||||
bool use_padding,
|
bool use_padding,
|
||||||
|
int concurrency,
|
||||||
RedirectResolver* resolver,
|
RedirectResolver* resolver,
|
||||||
HttpNetworkSession* session,
|
HttpNetworkSession* session,
|
||||||
const NetworkTrafficAnnotationTag& traffic_annotation)
|
const NetworkTrafficAnnotationTag& traffic_annotation)
|
||||||
: listen_socket_(std::move(listen_socket)),
|
: listen_socket_(std::move(listen_socket)),
|
||||||
protocol_(protocol),
|
protocol_(protocol),
|
||||||
use_padding_(use_padding),
|
use_padding_(use_padding),
|
||||||
|
concurrency_(std::min(4, std::max(1, concurrency))),
|
||||||
resolver_(resolver),
|
resolver_(resolver),
|
||||||
session_(session),
|
session_(session),
|
||||||
net_log_(
|
net_log_(
|
||||||
@ -54,6 +57,10 @@ NaiveProxy::NaiveProxy(std::unique_ptr<ServerSocket> listen_socket,
|
|||||||
session_->GetSSLConfig(&server_ssl_config_, &proxy_ssl_config_);
|
session_->GetSSLConfig(&server_ssl_config_, &proxy_ssl_config_);
|
||||||
proxy_ssl_config_.disable_cert_verification_network_fetches = true;
|
proxy_ssl_config_.disable_cert_verification_network_fetches = true;
|
||||||
|
|
||||||
|
for (int i = 0; i < concurrency_; i++) {
|
||||||
|
network_isolation_keys_.push_back(NetworkIsolationKey::CreateTransient());
|
||||||
|
}
|
||||||
|
|
||||||
DCHECK(listen_socket_);
|
DCHECK(listen_socket_);
|
||||||
// Start accepting connections in next run loop in case when delegate is not
|
// Start accepting connections in next run loop in case when delegate is not
|
||||||
// ready to get callbacks.
|
// ready to get callbacks.
|
||||||
@ -110,9 +117,11 @@ void NaiveProxy::DoConnect() {
|
|||||||
if (!use_padding_) {
|
if (!use_padding_) {
|
||||||
pad_direction = NaiveConnection::kNone;
|
pad_direction = NaiveConnection::kNone;
|
||||||
}
|
}
|
||||||
|
last_id_++;
|
||||||
|
const auto& nik = network_isolation_keys_[last_id_ % concurrency_];
|
||||||
auto connection_ptr = std::make_unique<NaiveConnection>(
|
auto connection_ptr = std::make_unique<NaiveConnection>(
|
||||||
++last_id_, protocol_, pad_direction, proxy_info_, server_ssl_config_,
|
last_id_, protocol_, pad_direction, proxy_info_, server_ssl_config_,
|
||||||
proxy_ssl_config_, resolver_, session_, net_log_, std::move(socket),
|
proxy_ssl_config_, resolver_, session_, nik, net_log_, std::move(socket),
|
||||||
traffic_annotation_);
|
traffic_annotation_);
|
||||||
auto* connection = connection_ptr.get();
|
auto* connection = connection_ptr.get();
|
||||||
connection_by_id_[connection->id()] = std::move(connection_ptr);
|
connection_by_id_[connection->id()] = std::move(connection_ptr);
|
||||||
|
@ -8,10 +8,12 @@
|
|||||||
|
|
||||||
#include <map>
|
#include <map>
|
||||||
#include <memory>
|
#include <memory>
|
||||||
|
#include <vector>
|
||||||
|
|
||||||
#include "base/macros.h"
|
#include "base/macros.h"
|
||||||
#include "base/memory/weak_ptr.h"
|
#include "base/memory/weak_ptr.h"
|
||||||
#include "net/base/completion_repeating_callback.h"
|
#include "net/base/completion_repeating_callback.h"
|
||||||
|
#include "net/base/network_isolation_key.h"
|
||||||
#include "net/log/net_log_with_source.h"
|
#include "net/log/net_log_with_source.h"
|
||||||
#include "net/proxy_resolution/proxy_info.h"
|
#include "net/proxy_resolution/proxy_info.h"
|
||||||
#include "net/ssl/ssl_config.h"
|
#include "net/ssl/ssl_config.h"
|
||||||
@ -32,6 +34,7 @@ class NaiveProxy {
|
|||||||
NaiveProxy(std::unique_ptr<ServerSocket> server_socket,
|
NaiveProxy(std::unique_ptr<ServerSocket> server_socket,
|
||||||
NaiveConnection::Protocol protocol,
|
NaiveConnection::Protocol protocol,
|
||||||
bool use_padding,
|
bool use_padding,
|
||||||
|
int concurrency,
|
||||||
RedirectResolver* resolver,
|
RedirectResolver* resolver,
|
||||||
HttpNetworkSession* session,
|
HttpNetworkSession* session,
|
||||||
const NetworkTrafficAnnotationTag& traffic_annotation);
|
const NetworkTrafficAnnotationTag& traffic_annotation);
|
||||||
@ -57,6 +60,7 @@ class NaiveProxy {
|
|||||||
std::unique_ptr<ServerSocket> listen_socket_;
|
std::unique_ptr<ServerSocket> listen_socket_;
|
||||||
NaiveConnection::Protocol protocol_;
|
NaiveConnection::Protocol protocol_;
|
||||||
bool use_padding_;
|
bool use_padding_;
|
||||||
|
int concurrency_;
|
||||||
ProxyInfo proxy_info_;
|
ProxyInfo proxy_info_;
|
||||||
SSLConfig server_ssl_config_;
|
SSLConfig server_ssl_config_;
|
||||||
SSLConfig proxy_ssl_config_;
|
SSLConfig proxy_ssl_config_;
|
||||||
@ -68,6 +72,8 @@ class NaiveProxy {
|
|||||||
|
|
||||||
std::unique_ptr<StreamSocket> accepted_socket_;
|
std::unique_ptr<StreamSocket> accepted_socket_;
|
||||||
|
|
||||||
|
std::vector<NetworkIsolationKey> network_isolation_keys_;
|
||||||
|
|
||||||
std::map<unsigned int, std::unique_ptr<NaiveConnection>> connection_by_id_;
|
std::map<unsigned int, std::unique_ptr<NaiveConnection>> connection_by_id_;
|
||||||
|
|
||||||
const NetworkTrafficAnnotationTag& traffic_annotation_;
|
const NetworkTrafficAnnotationTag& traffic_annotation_;
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
|
|
||||||
#include "base/at_exit.h"
|
#include "base/at_exit.h"
|
||||||
#include "base/command_line.h"
|
#include "base/command_line.h"
|
||||||
|
#include "base/feature_list.h"
|
||||||
#include "base/files/file_path.h"
|
#include "base/files/file_path.h"
|
||||||
#include "base/json/json_file_value_serializer.h"
|
#include "base/json/json_file_value_serializer.h"
|
||||||
#include "base/json/json_writer.h"
|
#include "base/json/json_writer.h"
|
||||||
@ -83,6 +84,7 @@ struct CommandLine {
|
|||||||
std::string listen;
|
std::string listen;
|
||||||
std::string proxy;
|
std::string proxy;
|
||||||
bool padding;
|
bool padding;
|
||||||
|
std::string concurrency;
|
||||||
std::string extra_headers;
|
std::string extra_headers;
|
||||||
std::string host_resolver_rules;
|
std::string host_resolver_rules;
|
||||||
std::string resolver_range;
|
std::string resolver_range;
|
||||||
@ -97,6 +99,7 @@ struct Params {
|
|||||||
std::string listen_addr;
|
std::string listen_addr;
|
||||||
int listen_port;
|
int listen_port;
|
||||||
bool use_padding;
|
bool use_padding;
|
||||||
|
int concurrency;
|
||||||
net::HttpRequestHeaders extra_headers;
|
net::HttpRequestHeaders extra_headers;
|
||||||
std::string proxy_url;
|
std::string proxy_url;
|
||||||
base::string16 proxy_user;
|
base::string16 proxy_user;
|
||||||
@ -136,6 +139,7 @@ void GetCommandLine(const base::CommandLine& proc, CommandLine* cmdline) {
|
|||||||
"--proxy=<proto>://[<user>:<pass>@]<hostname>[:<port>]\n"
|
"--proxy=<proto>://[<user>:<pass>@]<hostname>[:<port>]\n"
|
||||||
" proto: https, quic\n"
|
" proto: https, quic\n"
|
||||||
"--padding Use padding\n"
|
"--padding Use padding\n"
|
||||||
|
"--concurrency=<N> Use N connections, less secure\n"
|
||||||
"--extra-headers=... Extra headers split by CRLF\n"
|
"--extra-headers=... Extra headers split by CRLF\n"
|
||||||
"--host-resolver-rules=... Resolver rules\n"
|
"--host-resolver-rules=... Resolver rules\n"
|
||||||
"--resolver-range=... Redirect resolver range\n"
|
"--resolver-range=... Redirect resolver range\n"
|
||||||
@ -154,6 +158,7 @@ void GetCommandLine(const base::CommandLine& proc, CommandLine* cmdline) {
|
|||||||
cmdline->listen = proc.GetSwitchValueASCII("listen");
|
cmdline->listen = proc.GetSwitchValueASCII("listen");
|
||||||
cmdline->proxy = proc.GetSwitchValueASCII("proxy");
|
cmdline->proxy = proc.GetSwitchValueASCII("proxy");
|
||||||
cmdline->padding = proc.HasSwitch("padding");
|
cmdline->padding = proc.HasSwitch("padding");
|
||||||
|
cmdline->concurrency = proc.GetSwitchValueASCII("concurrency");
|
||||||
cmdline->extra_headers = proc.GetSwitchValueASCII("extra-headers");
|
cmdline->extra_headers = proc.GetSwitchValueASCII("extra-headers");
|
||||||
cmdline->host_resolver_rules =
|
cmdline->host_resolver_rules =
|
||||||
proc.GetSwitchValueASCII("host-resolver-rules");
|
proc.GetSwitchValueASCII("host-resolver-rules");
|
||||||
@ -188,6 +193,10 @@ void GetCommandLineFromConfig(const base::FilePath& config_path,
|
|||||||
cmdline->proxy = *proxy;
|
cmdline->proxy = *proxy;
|
||||||
}
|
}
|
||||||
cmdline->padding = value->FindBoolKey("padding").value_or(false);
|
cmdline->padding = value->FindBoolKey("padding").value_or(false);
|
||||||
|
const auto* concurrency = value->FindStringKey("concurrency");
|
||||||
|
if (concurrency) {
|
||||||
|
cmdline->concurrency = *concurrency;
|
||||||
|
}
|
||||||
const auto* extra_headers = value->FindStringKey("extra-headers");
|
const auto* extra_headers = value->FindStringKey("extra-headers");
|
||||||
if (extra_headers) {
|
if (extra_headers) {
|
||||||
cmdline->extra_headers = *extra_headers;
|
cmdline->extra_headers = *extra_headers;
|
||||||
@ -286,6 +295,16 @@ bool ParseCommandLine(const CommandLine& cmdline, Params* params) {
|
|||||||
|
|
||||||
params->use_padding = cmdline.padding;
|
params->use_padding = cmdline.padding;
|
||||||
|
|
||||||
|
if (!cmdline.concurrency.empty()) {
|
||||||
|
if (!base::StringToInt(cmdline.concurrency, ¶ms->concurrency) ||
|
||||||
|
params->concurrency < 1 || params->concurrency > 4) {
|
||||||
|
std::cerr << "Invalid concurrency" << std::endl;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
params->concurrency = 1;
|
||||||
|
}
|
||||||
|
|
||||||
params->extra_headers.AddHeadersFromString(cmdline.extra_headers);
|
params->extra_headers.AddHeadersFromString(cmdline.extra_headers);
|
||||||
|
|
||||||
params->host_resolver_rules = cmdline.host_resolver_rules;
|
params->host_resolver_rules = cmdline.host_resolver_rules;
|
||||||
@ -473,6 +492,8 @@ std::unique_ptr<URLRequestContext> BuildURLRequestContext(
|
|||||||
} // namespace net
|
} // namespace net
|
||||||
|
|
||||||
int main(int argc, char* argv[]) {
|
int main(int argc, char* argv[]) {
|
||||||
|
base::FeatureList::InitializeInstance(
|
||||||
|
"PartitionConnectionsByNetworkIsolationKey", std::string());
|
||||||
base::SingleThreadTaskExecutor io_task_executor(base::MessagePumpType::IO);
|
base::SingleThreadTaskExecutor io_task_executor(base::MessagePumpType::IO);
|
||||||
base::ThreadPoolInstance::CreateAndStartWithDefaultParams("naive");
|
base::ThreadPoolInstance::CreateAndStartWithDefaultParams("naive");
|
||||||
base::AtExitManager exit_manager;
|
base::AtExitManager exit_manager;
|
||||||
@ -588,8 +609,8 @@ int main(int argc, char* argv[]) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
net::NaiveProxy naive_proxy(std::move(listen_socket), params.protocol,
|
net::NaiveProxy naive_proxy(std::move(listen_socket), params.protocol,
|
||||||
params.use_padding, resolver.get(), session,
|
params.use_padding, params.concurrency,
|
||||||
kTrafficAnnotation);
|
resolver.get(), session, kTrafficAnnotation);
|
||||||
|
|
||||||
base::RunLoop().Run();
|
base::RunLoop().Run();
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user